How to Proceed if Your 24 Word Secret Passphrase Has Been Compromised

A step by step guide.

Image of Donald McIntyre

By Donald McIntyre

September 2nd, 2022

post image

Educational post: What to do to protect your crypto.


You can watch this educational content here:


In this article we will explain what constitutes a compromised 24 word passphrase and how to proceed in that case. Also, what todo with your compromised wallets and passphrases.

1. Sample 24 word passphrase.

Below is an example of a 24 word secret passphrase.

WARNING: THIS IS A SAMPLE PASSPHRASE. DO NOT USE THIS PASSPHRASE. YOU SHOULD GET YOUR OWN AND UNIQUE PASSPHRASE WHEN USING EMERALD.

Sample passphrase.

The 24 word secret passphrase must be written on paper and kept secret.

2. If someone else has seen it or it has been lost, then it is compromised.

If for some reason or by mistake you have shown or left the 24 word passphrase somewhere public and others have seen it, then it is compromised because they can memorize it, write it down, or take a pic of it.

3. Never take photos or store the 24 word secret passphrase as an image on your phone or computer.

This is because your computer or phone may be lost, they may be hacked over the internet, or someone may have access to your machines. Only keep your 24 word passphrase on paper and in a safe place as shown in point 1 above.

4. If it is on an electronic document it may be compromised.

If you wrote the 24 word passphrase on an electronic document such as a text document app, Microsoft Word, or Google Docs, then it is insecure and may be compromised.

This is for the same reasons as in point 3 above.

5. If it is stored in a cloud service it is definitely compromised.

If you stored your 24 word passphrase in a cloud service such as Dropbox, Google Drive, iCloud, or Microsoft OneDrive, then it is definitely compromised.

This is because all cloud companies have 100% access to all the documents and files that their users store in them. They may be hacked or an unethical employee may gain access to you 24 word passphrase.

6. This is what to do if your phrase is compromised.

There are two options:

A. Move your crypto immediately to another wallet: Once you realize that your 24 word passphrase is compromised, you should immediately move your crypto from that wallet to another wallet you may control on Emerald.

B. Create a new wallet and move your crypto there: If you have your wallets categorized, then you may want to create another wallet with a new and unique 24 word passphrase so you can move your crypto to that new wallet.

Then, you should mark the compromised wallet as "compromised" so you know that it should not be used again (see image below).

Create new wallet.

7. DO NOT THROW AWAY YOUR COMPROMISED 24 WORD SECRET PASSPHRASE!!

It is possible that you may receive crypto in your old compromised wallet, so you will need access to it if that happens.

Remember that your addresses on the blockchain will live there forever, so it is possible that someone may send you crypto there in the future.

Also, because you may have given your compromised addresses to third parties in the past, then they may send you crypto there by mistake again.

This is why it is important to change your addresses if they are published somewhere (on social media profiles, websites, or QR codes on ads, etc.) and tell everybody you interact with on the blockchain to use the new addresses.


Thank you for reading this educational post!

Please remember to download Emerald here:

https://emerald.cash/download