User manual:Wipe code

From Trezor Wiki
Jump to: navigation, search

Wipe code is an advanced feature that allows the user to set, and later enter, a "self-destruct" PIN code. Entering the wipe code erases all data from the the Trezor device.

The feature was first made available in the firmware versions 1.9.0 for Trezor One and 2.3.0 for Trezor Model T.

The feature is currently accessible only with Trezor command line interface (v0.11.6 or newer).

Enabling the feature[edit]

To enable the feature:

1. Open the terminal

2. Connect the device. Be sure to have the PIN protection enabled on your device. If it is disabled, enable it by using the command trezorctl set-pin

3. Use the command trezorctl set-wipe-code to enable the wipe-code

Configuring the Wipe code[edit]

In the process of configuring your new Wipe code, the device will first authenticate you by requesting your standard PIN.

Then, you set your new Wipe code. The method of entering the Wipe code is identical to that of entering the standard PIN. To enter the Wipe code on your Trezor Model T, use the matrix displayed on the touchscreen. To enter the Wipe code on your Trezor Model One, use your keyboard to enter the digits into the terminal.

NoteThe Wipe code must differ from your PIN.

Using the Wipe code[edit]

Once set, you can enter the wipe code in the PIN dialog whenever you connect your device. When the wipe code is entered, the device immediately erases all private data (the seed).

NoteThe Trezor Model T does not have to be connected to any kind of host interface to use the wipe code. You can wipe your device by entering the wipe code after powering the device with a power bank, USB in your car, or a socket on your bedroom wall.

Like Trezor? Get one here!