Some may already know this, but for those who don't...
I've been spending alot time lately thinking about how to maximize security with crypto storage, mapping out all possibilities to account for the unforeseen and how to best prepare for any scenarios...
Everyone says a cold, hard wallet is the most secure way to store your crypto.
But even that has its weakness.
Whether you're using a Trezor with a 12-seed recovery phrase or Ledger with 24-seed recovery phrase, that means there are either 2048^12 or 2048^24 possible combinations to unlock your funds. Sure, it's highly unlikely anyone's going to guess that.
But what if some sophisticated hacker build a program to test all those different combinations?
(If I've been able to imagine the general architecture of what'd be needed to do it, there's probably others who've thought about the same - some of whom might actually have the coding knowledge to pull it off. And there, we loop back to a previous conversation on trust - here, trusting that such people would not do such a thing.)
It's naive to think just that because something's never been done before doesn't mean it never will be. And it's rather disturbing to contemplate the possibility that it could actually be that easy for someone with the coding skills and intent to hack your funds. Small chance, maybe. But does that mean it's worth the risk?
Maybe I'm a little late here, but I just discovered it's possible with both these wallets (and surely some others) to set a passphrase - which is essentially a 13th/25th 'word' or password of your own choosing. Doing so generates a "hidden" set of keys/wallets - which need the passphrase to unlock/access.
So even if someone were to hack your recovery words, they'd just find zero balances - unless they had the passphrase too.
(And thinking several steps ahead - it could theoretically be possible to crack the passphrase with similar software too, given access to a quantum computer that could process equations fast enough. But in the meantime, that would be highly unlikely.)
Do what thou wilt.
Though if you're looking to exponentially multiply the security of your crypto, utilizing a passphrase with your storage options is a pretty simple, effective way to do so.
The next level up would probably be multisig. Though of course, that may get a bit complicated, especially depending on the tokens you'd want to be storing.
We might be at a point now where a standard wallet using a 12 or 24 seed recovery phrase is considered "safe..." yet with increasingly more at stakes, it wouldn't be surprising if there were hackers working to figure out systems of attack on the wallet side to test the finite number of keys.
It's not an idea I like putting out there, but it'd be naive to think that couldn't be a possibility and fail to adjust storage strategy accordingly with such a simple tweak as adding a passphrase that'd effectively throw a wrench in such potential attacks.
Cuz so long as you're not storing your coins with an insured custodian that'd bail your ass out in the case of such a hack, you'd be shit outta luck.
So... play it safe. Consider using a passphrase on your wallets.