“Duress” pass-phrases are Dangerous!
Pass-phrases can provide a reasonable-level of defense in scenarios where plausible-deniability is effective, such as at border-crossings & for financial-privacy… So, use it for that and other purposes…
Pass-phrases SUCK for defending against physical-attacks !
You can not keep secrets when someone is hurting you !
Can you deceive or resist the attacker?
trick question!
— how you will respond in such an extreme situation is unknowable!…
and it’s stressful — if this is your perfunctory plan…
“everyone has a plan,
until they get hit in the face”
— Mike Tyson
secrets are also antithetical to the open-source approach
security by obscurity
Andreas Antonopoulos, from 30 Aug 2018
“security by obscurity — relying on the fact that people don’t know……is the weakest form of security…”
Unfortunately, this dangerous advise is common from leaders like SatoshiLabs, nvk and Pamela Morgan …
Not only does this provide a false sense of security,…
the irony of bad advise
Furthermore, not only is this dangerous advise for Hodlers, but it also incentives Attackers to beat and torture you — because they know that the industry-standard-practice is to simply keep a secret !
it also, incentivizes attempts — because there are big pay-offs if saving accounts are simply hidden with a secret word…
Collateral Damage
since “duress” pass-phrases are the industry-standard-practice today,
Attackers will assume that most people are employing this defense…
so, even if you aren’t using them —
“duress” pass-phrases are putting you in danger !
to summarize —
BEFORE — they incentivize attacks !
DURING — they incentivize torture !
AFTER — you lose all your bitcoin !…
Check your friends !
— because this foolish strategy is ubiquitous!
Have a sophisticated plan ready!
Check-out —
Bonus !
- Pass-phrases can also be used to designate heir’s wallets in your Inheritance plan…
i’m so happy to report that nvk agrees —
waiting for coldCard’s site to update…
read more about this topic here —
