Passphrase

From Trezor Wiki
Jump to: navigation, search

Passphrase is an optional feature of the Trezor device that is recommended for advanced users only. It is a word or a sentence of the user's choice. Its main purpose is to access a completely new wallet.

See also the blog articles Recovery Seed, PIN and Passphrase and Hide your wallets with multiple passphrases

What should the user know before using passphrase with Trezor

There are several aspects of the passphrase encryption that all users should know before using it. Each passphrase creates a new unique wallet with new unique addresses. It can consist of any case-sensitive word or set of letters from the ASCII charset. Its length is limited to 50 characters. Passphrase has to be enabled again manually in the Advanced settings of Trezor Wallet after each recovery process.

Let us imagine, that you already have a wallet that you have been using for some time. When you enable the passphrase protection and start using the passphrase, it will open a new and empty wallet. To access your original wallet, you need to leave the passphrase space empty. If you want your funds in your new passphrase-protected wallet, you need to send them there from the original wallet.

For advanced security measures using the passphrase functionality, see Multi-passphrase encryption (hidden wallets). For more information about sending and receiving funds, see Making payments and Receiving payments.


Warning:Keep your passphrase in a safe place. In case you forget your passphrase, your funds protected by it are lost forever.


Important remarks

The selected passphrase works like the additional word of the recovery seed that is not stored on the device. Every time you access your wallet you need to enter exactly the same passphrase. If you mistype the passphrase, a different (typically empty) wallet is opened. Of course, you can use this feature to have more independent wallets based on the same recovery seed.

This means that both the recovery seed and the passphrase (if used) are essential for the recovery of a wallet. Also, the passphrase feature does not really encrypt the seed or the wallet, it is itself part of the seed. So maybe the term passphrase encryption should not be used.

Technical explanation

The passphrase is defined by the BIP39 standard. It is an optional part of the master seed of a wallet. When the passphrase feature is turned on in Trezor device, the user is asked to enter a passphrase every time the device is connected. In accordance with BIP39, the selected passphrase is mixed with the seed stored by the Trezor device to create a unique master seed and thus a unique cryptocurrency wallet.