Passphrase is an advanced feature of the SafePal device which allows users to create hidden wallets. Passphrases serve as a function of second-factor protection of the mnemonic phrase and are ultimate protection against attacks involving physical access to the device or the mnemonic phrase.
Passphrase is an optional feature. Your usage experience won’t be affected if you don’t activate this feature. Users are free to choose whether they prefer to activate and set a passphrase.
Important tips about using a passphrase on a SafePal S1 device.
Please read the following instructions carefully and make sure you have fully understood the characteristics of Passphrase before using the feature. If you are not sure about it, welcome to reach out to SafePal support team [email protected] for feature inquiries.
Rule No.1 Please remember your Passphrase tightly. Once your Passphrase is lost or forgotten, it will result in permanent loss of your assets stored in that Passphrase. No one can help to retrieve your assets back.
The Passphrase is not stored anywhere on the device. It is only used temporarily whenever you enter it. It is impervious to any attacks involving physical access and tampering with the chip.
If somebody compromised your physical copy of the mnemonic phrase, they still would not be able to access your Passphrase-protected wallet unless they know the Passphrase.
A Passphrase, as implemented in SafePal devices, can be letters, numbers or symbols, with a maximum of 60 characters. Passphrases are case-sensitive - lowercase and uppercase characters are distinguished and count as different.
Setting different Passphrase can create different wallets. You can create as many Passphrases in combination with your mnemonic phrase as you like. But please make sure that you can remember them clearly and never forget them! Otherwise, you could lose your asset!
We recommend to keep it in mind rather than in any physical format. If you have to write it on a paper, never keep it in the same place with the mnemonic phrase.
How does it work?
When initializing a new SafePal S1 hardware wallet, you will create or recover a wallet on the SafePal S1 device. To this point, there is only ONE wallet account associated with the mnemonic phrase, and you can start managing your crypto assets with the SafePal S1 already.
If you want to create derivative wallet accounts under the same mnemonic phrase, you can choose to activate the Passphrase feature by the following steps:
1. Go to “Settings” on the SafePal S1 hardware device
Passphrase entrance in the S1 hardware wallet
Note：If you upgrade the wallet from a V1.0.14 and lower, you will need to enter the mnemonic phrase for identity verification before you can continue activating Passphrase feature(shown in the following picture).
2. Verify the PIN code and read through the instructions
3. Now you can set up your own unique Passphrase
4. After creating the Passphrase, don't forget to name this new wallet.
Now you can start to enjoy the hidden wallet created in SafePal!
You can choose to able or disable the Passphrase wallet accounts in the wallet “Settings” at any time. Disabling Passphrase account means that you are going to use the single wallet generated by the mnemonic phrase itself, without any combination with the second-factor Passphrase.
How to disable the Passphrase feature?
If you want to stop using Passphrase wallet account, and want to switch back into the original default wallet account under the mnemonic phrase, you can follow these steps:
1.On the SafePal S1, go to Settings-Passphrase-Set Passphrase.
2.When being asked ‘Do you need to use Passphrase’, click NO. And then enter the PIN code.
3.Then the Passphrase is turned-off, and you can use the original default wallet account without the Passphrase lock.
How to switch between different wallet accounts?
After activating the Passphrase feature in the SafePal S1 hardware wallet, users can create unlimited hidden wallet accounts using the Passphrase feature.
In general, there will be two types of wallet accounts in the wallet under the same set of mnemonic phrase: 1)one original default wallet account with Passphrase feature disabled 2)one or multiple hidden Passphrase wallets
Users can access and switch between different wallet accounts in the SafePal S1 hardware wallet. The following example demonstrates the user flow of switching one Passphrase account into another Passphrase account “Bruce”.
1.On the SafePal S1, go to Settings-Passphrase-Set Passphrase.
2.When being asked “Do you need to use Passphrase”, click YES, and then enter the PIN code.
3.Enter the Passphrase that you want to switch into, and then click the check button.
4.The Passphrase wallet account is now switched. The SafePal S1 hardware wallet will recognize the wallet name set under this Passphrase.
If I forget my Passphrase, how can I get it back?
Because the Passphrase is not stored anywhere on the SafePal device, once you lose or forget the Passphrase, it will result in permanent loss of your assets stored in that Passphrase. No one can help to retrieve your assets back.
It can only be found by guessing (brute-forcing) which is often technologically and economically infeasible (read impossible).
So please remember your Passphrase tightly. We recommend to keep it in mind rather than in any physical format. If you have to write it on a paper, never keep it in the same place with the mnemonic phrase.
How to choose good Passphrase?
There are various approaches to creating good Passphrase for your wallet.
You can go with something that is quick to type but not so easy to remember. Or you can opt for something that is easy to remember but needs to take longer and complex to enter. Another option is to make up a sequence of random words.
In short, it is the best setting a Passphrase that is easy to remember, but also long and random enough to provide a sufficient level of security.
At the end of the day, you know your security needs best. If physical attacks are in your threat model, then use a strong passphrase to protect your wallet. Even if someone gets physical access to your device and extracts the recovery seed, they still absolutely will not be able to break through a strong passphrase.