How to add a 25th word to improve security?
If you’ve been dabbling in crypto for a while now and interested in furthering your knowledge and security then this article might be worth something to you. The term 25th word means nothing without any context. It refers to adding an optional “passphrase” or extra word(s) to our 24 word seed. The option is given to us when we generate a new seed using particular BIP39 compliant wallets.
The first 24 words
When we set up a wallet for the first time we are given 24 words. It is a unique combination of words that acts as a different form of expressing our root seed. Each root seed is unique and from that is what we derive our private keys from. If you would like to more about this subject, check out our article on private keys here.
In order to understand what the 25th word is, we first need to explain what the first 24 words entail. Most hardware and software wallets that are compliant with the BIP39 (Bitcoin improvement proposal) generate a list of 24 words. This comes from a word list 2048 strong. This word list represents your root seed in a mnemonic form.
- A system such as a pattern of letters, ideas, or associations which assists in remembering something.
A bip39 root seed is an encrypted alphanumeric code that is 128 characters long.
This root seed is actually derived from the 24 words and is interchangeable!
If you would like to read more about root seeds, check out our private key article.
The 25th word
Unlike the first 24 words, the 25th word does not come from the list of used words. It is in fact a custom passphrase, chosen by you. Hardware wallets such as Trezor and Ledger nano S have the function of adding a 25th word. The purpose of adding this extra passphrase is to further encrypt your root seed. If your 24 words become compromised, the person holding those words will need the 25th word in order to access your root keys. Without this 25th word, your keys are still safe.
Are 24 words not enough?
The encryption involved giving us a 24 word phrase is extremely secure. The problem lies in the fact that if those 24 words are compromised that your keys are gone. Remember: not your keys, not your bitcoin. A 25th word is adding an extra layer of security. If your 24 words fall into the wrong hands and you have a super strong password, it will take potentially months and/or a substantial amount of money to brute force the 25th word. Of course, this is why it is a good idea to use a long but memorable password. Using a password such as the name of your pet dog, or a line from your favourite song isn’t really a good idea.
Does the 25th word change the keys?
Yes it does! When you add a new word to the mnemonic it generates a completely new root key which then derives new public keys, private keys and addresses. If you set up a wallet with 24 words and create a 25th word later, your wallet will hold two separate root keys. If you really want, you can create multiple 25th words!
What is the purpose of the 25th word?
We’ve already explained that the 25th word offers an extra layer of security, but what’s the point? You may feel comfortable having two “accounts” on your hardware wallet. The account without the 25th word could be used as your more day to day wallet. The account with the 25th word can be a sort of savings account. A true cold wallet.
Another reason could be secrecy, perhaps you want to hide your assets? If you are seen as a target because people believe your holdings to be worth a lot of money. In a case of ransom you could choose to reveal the wallet without the 25th word. The lion’s share being kept in the 25th word wallet of course.
Security vs convenience
The 24 word form of encryption is already a strong and secure method of looking after your private keys, however, we believe that setting up a 25th word is exponentially safer for the majority. Storing the 25th word in a safe but convenient manner is essential.
Currently we have two convenient ways to store our 25th word. One, is by simply memorising it. This would make your funds almost impossible to be compromised but comes with the risk of you forgetting your password. The other is to write your 25th word in store it in a separate location. A password alone is meaningless.
Be sure you know what you’re doing, the 24 word method in BIP39 was created by the smartest cryptographers, carefully finding the right balance between safety and inconvenience. Rather than taking extra steps of security into your own hands, it would be wise to follow the guidelines that the experts have already created.