I recently tried out a decentralized private messaging tool, it didn’t ask for my personal information to register.
Instead, it only asked me to create a username and set a password, after which it provided me with a mnemonic passcode. (I had never used a mnemonic passcode before, but I learned that it’s a web3 or decentralized type of thing.)
On their FAQ page says “The Mnemonic Passcode is your ONLY SOURCE of backup in a scenario where your device breaks down or becomes unusable due to any reason. In such cases, all you need is your Mnemonic Phrase to recover all your account information. It must be copied, screen-shotted, or written down and kept in a safe and secret place until it is needed.”
Does Mnemonic Passcode more secure than usual password? Plus, is there any other ways to keep you mnemonic phrase?
Extending/modifying the words does extend the number of unique symbols, thus giving you much more possible symbols, but it does defeat the purpose of mnemonic passphrases, since they then aren’t mnemonic anymore.
If you want to add more security, you could just add another word. Gives you more additional security while keeping the amount of memorizing lower.
The point of mnemonic passphrases is that they are easier to remember since you only have to remember fewer symbols. So “high entropy” symbols are chosen.
A single word out of a 120000 word dictionary carries ~16.5 bits of entropy (that’s the unit of measuring information density). A single character out of a set of 64 possible characters only carries 6 bits of entropy, and a single digit only carries slightly over 3 bits of entropy.
So for memorizing a word, you get about as much entropy as you get for memorizing 2.5 characters or 5.5 digits.
So say your password consits of 4 words with one digit added to each of them, you need to memorize 8 symbols and get ~79 bits of entropy.
If you just remember 5 words, that’s 5 symbols to remember and you get 82.5 bits of entropy out of it.
Remember: each bit doubles the difficulty to guess your password. So 3.5 additional bits is ~11 times as difficult.