Skip to main content

Setup BIP 39 Passphrase in AirGap

Recommendation

This option is recommended for experienced crypto users.

Recommendation

If you want to set up plausible deniability for your secret recovery phrase, you should add both a normal account (without a BIP-39 passphrase, also called “decoy” account), and another account with a BIP-39 passphrase. You then put a small number of coins on the “decoy” account and put the majority of your funds on your hidden account.

How to set up a passphrase in AirGap Vault

If you want to generate an account with a passphrase, follow these steps.

  • select the advanced mode and click the let's go button.
- Click the ADD ACCOUNT button.
  • Select any coin you want to use to generate the new account with a passphrase.
  • Toggle the Advanced Mode button and input your passphrase.
  • Click create and tick the “I understand” button.
  • Click ok and a new account will be generated. This account looks and behaves just like any other account, but to use it or generate it again in the future, you will need to provide the BIP-39 passphrase again.

Things you should note while setting up a passphrase

  • Your passphrase is case-sensitive and can include special characters. Lowercase and uppercase characters are distinguished.
  • Your passphrase is not stored anywhere. You take responsibility for keeping it safe, whether that means creating a physical backup or simply remembering it. If you lose your BIP-39 passphrase, you will lose access to your funds.
  • The secret recovery phrase and BIP-39 passphrases are both needed to recover your account. Make sure you properly back up both of them. Don't back them up in the same location though, because an attacker will have immediate access to your hidden wallet if he has both.
  • Always add funds to your “hidden” or “decoy” account so attackers will think they have access to your wallet and stop looking.
  • You should closely monitor any balance changes on your standard or “decoy” account. If the balance ever decreases, you will immediately know that someone has access to your secret recovery phrase and you should move your funds to a new secret recovery phrase immediately.
  • If an attacker has access to your secret recovery phrase, he can try to brute force your passphrase. Depending on how strong your passphrase is, this takes between a couple of seconds and thousands of years. Choose a passphrase that is at least 10 characters long. The longer the better.

Securing your crypto with plausible deniability and BIP-39 passphrases