How to create a secure seed for IOTA! +Generator

 

Warning: NEVER use an online Seed Generator!  Create Your seed offline!

Since IOTA is relatively new, there is only one wallet available at the moment and it requires the user to create a seed before the wallet is generated. You can read more about the magical powers of Iota here.

A weak seed is a sure way to get hacked. An unfortunate reddit user noar1985 had his wallet hacked since he made a seed that was too easy if you removed the numbers. The seed was composed out of 9 letters and 4 numbers. This led to a hacker ussing a common password list to scan for very simple seeds that people are using.

Therefore, in this small contribution I will try and help you generate a secure seed.

The secure seed

An important bit of information is that IOTA uses balanced ternary instead of binary. This means that each unit is a trit and not a bit. A better explanation of tryte can

  • A secure seed may contain any charachters in the set [A-Z9]
  • It needs to be exactly 81 trytes long. Shorter means less security
  • Close your eyes and type. Make sure you do not have easy combinations like 1234, 9999 or ABCD…

Generate a secure seed with Keepass

One of the safest ways to create a Seed is by using the seed generator in keepass. Thanks to the user omtamal for pointing this out.

Keepass is a password manager. You can download it here for free.

Generate a secure seed with Windows DOS

A nice reddit user created a batch file to generate a seed. source: Link

Steps:

  1. Disconnect from the internet
  2. Open a text editor on your PC
  3. Add the following code to seed.bat then run it by typing seed.bat in the command prompt.
  4. @PowerShell.exe -ExecutionPolicy RemoteSigned -Command "Invoke-Expression -Command ((Get-Content -Path '%~f0' | Select-Object -Skip 2) -join [environment]::NewLine)"&&pause
    @exit /b %Errorlevel%
    # script goes here and below....
    
    param( [int] $len = 81, [string] $chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ9")
    $bytes = new-object "System.Byte[]" $len
    $rnd = new-object System.Security.Cryptography.RNGCryptoServiceProvider
    $rnd.GetBytes($bytes)
    $result = ""
    for( $i=0; $i -lt $len; $i++ ){ $result += $chars[ $bytes[$i] % $chars.Length ] }
    $rnd.Dispose()
    $result

     

  5. Save the fill as all files with .bat extension
  6. Close the file
  7. Double click on the newly created file. Your Iota Seed is in there.
  8. Change several letters and numbers
  9. Save your seed offline by printing it on a label printer:  Best way to store your Iota Keys Offline

credits to 5mincoffee for the script.

Generate a secure seed with Python

Edit: Important. You need to use the secrets module if you want to use Python.  Thanks /u/saipem7000 for the hint.

The 

<span class="pre">secrets</span>

 module is used for generating cryptographically strong random numbers suitable for managing data such as passwords, account authentication, security tokens, and related secrets.

from random import SystemRandom
alphabet = u'9ABCDEFGHIJKLMNOPQRSTUVWXYZ'
generator = SystemRandom()
print(u''.join(generator.c

credit: phx

Edit: I first suggested running this on a third party website but this is definitely not a good idea. Run it offline.

you can also run this python script from xxx

The output is the following

I hope someone found this helpful : )

you can find me on steemit 

1 Response

  1. January 30, 2018

    […] submitted by /u/xtarsy [link] […]

Leave a Reply

Your email address will not be published. Required fields are marked *