This is the most critical step in setting up your Bitfi hardware wallet and as such you should give this section the most attention. The phrase that you set for your wallet is what controls all your money and assets and if you do this properly the phrase will offer impenetrable protection (better than any other form of cold storage) and simultaneously give you the option to commit this phrase to memory so that there are no long term security weaknesses. If you give this some thought and effort, you can easily store millions of dollars with greater security than any bank account or vault on earth. To put this in perspective, the security of a properly set secret phrase as required by the Bitfi hardware wallet is approximately one billion times greater than the encryption offered by SSL encryption, which is the most commonly used technology for websites to securely transmit data from browser to server. First, let’s get some tech stuff out of the way. The primary factors that drive brute force attack by powerful computers are 1.) A key derivation function which requires 2s cryptographic operations to compute, the cost of performing a brute-force attack against passwords with t bits of entropy is raised from 2t to 2s+t operations and 2.) A memory-hard algorithm on a Random Access Machine is an algorithm which uses S(n) space and T(n) operations, where S(n) ∈ Ω T (n)1-ǫ). For those who are not interested in the math, these equations among other considerations govern the cost that an attacker would incur in order to achieve brute-force entry. Just as with the blockchain itself, it is simply not practical to pursue for any amount of money or assets currently stored at any address on the Bitcoin blockchain. Minimum requirements for setting your secret phrase If you desire the absolute most secure method that exists then we recommend using the Diceware method. It is a simple method but makes truly impenetrable secret phrases (for example, an attacker who has computer equipment capable of one trillion guesses per second will need 27 million years to guess a 7 word passphrase that was set using Diceware). Add to this the additional anchor phrase that is required by your wallet (phone number, social security number, email address, etc) and this adds millions of additional years to access your wallet. For more information on this method, please see PASSPHRASES THAT YOU CAN MEMORIZE - BUT THAT EVEN THE NSA CAN’T GUESS. The only drawback to using this method is that the phrase set using Diceware is not as easy to memorize as a phrase that you can create yourself using unique words and you may have to write it down somewhere which is a security threat, especially in some environments. Remember: the most powerful passphrase ever created will completely fail if someone finds a document with that phrase written on it. Therefore in some circumstances it may be better to settle for a phrase that can be guessed by a sophisticated attacker in only 10 million years but without writing down anything. If you do it this way, there is no trace of your secret phrase anywhere. Therefore please consider the type of environment you are in and whether it makes more sense to create a completely unique password that you can remember and never need to write down or if its safe enough to write down a back-up and use the Diceware method. (In all examples above, it should be noted that even if an attacker had computer hardware capable of one trillion guesses per second, he/she would also have to match those attempts against an associated public address and so we can realistically say that brute-force entry is impossible even if computers become significantly faster.) Recommendations When you are setting your phrase, you will be required to enter a minimum of 34 characters which includes a minimum of 3 special characters (such as: $, #, ^, %, etc.) or a phrase with at least 45 characters if you wish to not use special characters. Here are some examples of acceptable phrases: MyHubandIsAUn^cornAndLoves$ushi??? !Why Is Dan So Crazy About Monero and Mustard? What you should NOT do If you will not use the Diceware method, you need to take some time and invest some effort into creating your secret phrase. This single phrase will control all your money and assets and will give you access into all blockchains that are supported by the Bitfi hardware wallet and ones that will be added to the wallet in the future. It is very important that you consider the information provided in this section.