What is a passphrase and how does it work?
You’ve probably already been told at least once to write down on a piece of paper a combination of words.
This is what we are calling a passphrase and you are supposed to keep it preciously for backup purposes.
It is also sometimes referred to as “backup phrase” or even “mnemonic phrase” or “mnemonic code”, although the term “mnemonic” is misleading as it would be ill-advised to memorize the passphrase instead of writing it down and storing it in a safe place.
Indeed, your passphrase is the only thing that will give you access back to all your coins in case you lose access to your wallet; for example, if your hardware wallet is stolen, or if your computer where your wallet was installed is wiped out.
Definition and standard
A passphrase is composed of 12 words or 24 words depending on the wallet you’re using. They usually comply with the BIP standard, BIP39.
BIP stands for Bitcoin Improvement Proposals. These are the standards used in the crypto industry, and they are not necessarily specific to Bitcoin.
Generation of the passphrase
The method to generate a passphrase is described in the BIP standard BIP39: “Mnemonic code for generating deterministic keys”
This BIP describes the implementation of a mnemonic code or mnemonic sentence — a group of easy to remember words — for the generation of deterministic wallets.
Basically, the method consists of picking words from a list, randomly. The official wordlists are available in several languages, all of them 2048 words long. The main particularity is that all words of each list are uniquely identifiable by typing at most the 4 first letters.
Follow the link to get the full list of the words: official wordlists
Caution: Be aware it is not advised to produce a passphrase by oneself’s, as humans are not good at producing random inputs. This would make it easily breakable by brute force.
An example of 12 words passphrase:
host inch forget coin rule very much thank you mistake target boss
For further read, the standard can be read at Github.
Generation of a seed
From there, the wallet is computing a unique seed using a mathematical function:
Therefore, your passphrase ends up as a seed which is a 128 or 256 long string of 1’s and 0’s.
How do I trust only a few words to keep safe all my money?
Case of the 12-word pass-phrase:
128 bits = chain of 128 characters with 1 or 0. This gives 2128, or a bit over 1038 combinations!
Wait, only 38?? Doesn’t seem to me to be that big of a number, uh?
Actually, 38 zeros is huge! Several serious studies estimate that the number of grains of sand on Earth doesn’t exceed 1025, that’s 10 trillion times less than the above combination of the total number of seeds.
In other words, you’ld need 10 trillion Earth’s worth of sand to get that same number.
Case of the 24 words passphrase:
256 bits gives 2256, that is over 1077 combinations!
Now that’s crazy: imagine each grain of sand on Earth is itself planet Earth, then the total number of grains of sand you would get wouldn’t even getting close to the number of total seeds one could generate with this method!!!
Mind blowing, uh?