Is 12 Words Safe
Is 12 Words Enough? The Math Behind Seed Phrase Security
When setting up a new non-custodial wallet, you are usually prompted to write down either a 12-word or a 24-word seed phrase.
Many beginners assume that a 12-word seed phrase must be "half as secure" as a 24-word seed phrase, and worry that hackers using powerful supercomputers can brute-force (guess) their 12-word phrase.
Let's dive into the jaw-dropping mathematics of cryptography to prove why a 12-word seed phrase is so secure that it will survive until the end of our universe.
📐 Entropy: 12 Words vs 24 Words
The strength of a seed phrase is measured in bits of entropy (randomness):
- 12-Word Seed Phrase: Provides 128 bits of entropy.
- 24-Word Seed Phrase: Provides 256 bits of entropy.
To understand what these numbers actually mean, let's look at the total number of unique combinations for each size:
- 12-Word Combinations ($2^{128}$): $$340,282,366,920,938,463,463,374,607,431,768,211,456$$ (Roughly 340 undecillion combinations)
- 24-Word Combinations ($2^{256}$): $$115,792,089,237,316,195,423,570,985,008,687,907,853,269,984,665,640,564,039,457,584,007,913,129,639,936$$ (An unimaginably astronomical number)
To put these numbers into physical perspective, the total number of atoms in the entire observable universe is estimated to be roughly $10^{80}$. A 24-word seed phrase has almost as many combinations as there are atoms in the universe!
🖥️ Brute-Forcing with a Network Supercomputer
Let's assume an attacker builds a supercomputer that harnesses the combined power of the entire global Bitcoin mining network.
This is the largest computer network ever assembled by humanity, performing an astronomical number of mathematical calculations every second:
- Bitcoin Network Hashrate: Roughly 1,000 Exahashes per second (or $1.0 \times 10^{21}$ hashes per second).
Furthermore, according to the BIP 39 specification, a computer cannot simply check a seed phrase instantly. It must perform 2,048 rounds of HMAC-SHA512 hashing (using a key stretching algorithm called PBKDF2) to convert the words into a binary seed key.
Using these parameters, we can calculate how many seeds our global network-scale supercomputer can generate and check every second:
- Seeds Checked per Second: $\approx 4.8 \times 10^{17}$ seeds per second.
⏳ How Long to Crack a 12-Word Seed?
If our global supercomputer runs 24/7 trying to guess your randomly generated 12-word seed phrase, we calculate the time required to run through just half of the combinations (the statistical average to crack a password):
- Total Years to Crack a 12-Word Seed: 11,174,000,000,000 Years (11.1 Trillion Years!)
Let's compare this mathematical reality against our universe:
- Age of the Universe: 13.8 Billion Years.
$$\text{Time to Crack 12 Words} \approx 800 \times \text{The Age of the Universe!}$$
Even if an attacker owned a supercomputer as large as the Bitcoin network itself, it would take them 800 times longer than the entire history of our universe to guess your 12-word phrase.
┌──────────────────────────────────────┐
│ 🌌 AGE OF THE UNIVERSE: │
│ ███ 13.8 Billion Years │
└──────────────────────────────────────┘
┌──────────────────────────────────────┐
│ ⏳ TIME TO CRACK A 12-WORD SEED: │
│ ██████████████████████████████████ │
│ 11,174 Billion Years (800x longer!) │
└──────────────────────────────────────┘
🏆 Conclusion: The Verdict
While a 24-word seed phrase ($2^{256}$) is mathematically more secure, in practical terms you are simply moving from impossible to even more impossible.
Both sizes are completely unbreakable by any computational force known to science.
Why 12 Words Can Actually Be Better:
- Easier to Record: You only have to write down and verify 12 words instead of 24, minimizing the chance of writing down a wrong word or letter.
- Smaller Physical Footprint: It is easier to stamp 12 words onto a compact steel backup plate.
- Memorable Option: If you want to memorize your seed phrase as a temporary, emergency backup, memorizing 12 words is significantly easier and more reliable than memorizing 24 words.
Rest assured, if your 12-word seed phrase is generated randomly on an offline hardware device, your coins are absolutely secure.
TeachMeBitcoin is an ad-free, open-source educational repository curated by a passionate team of Bitcoin researchers and educators for public benefit. If you found our articles helpful, please consider supporting our hosting and ongoing content updates with a clean donation: