Everything you need to know about your recovery phrase

You often hear people in the cryptocurrency ecosystem use terms like "seed phrase", "12-word seed", "12 word phrase", "12 words backup", "24 words backup", "mnemonic phrase", "recovery seed" etc. If you have ever wanted to learn more about these magical words, Exodus has you covered!

This article covers the most basic aspects of these magical words which ultimately control the keys of your crypto kingdom.


In this article


What is a recovery phrase?

The 12-word recovery phrase is the master key generated by your wallet. If you have already read our article about private keys, you've learned that each wallet's receive address has its own private key which is used to make transactions and prove ownership of the funds in the address. All your private keys in Exodus are generated from and tied to the 12-word recovery phrase.

These words help you recover your funds in case your computer crashes or anything else happens which prevents you from accessing your wallet on the computer it is installed on.

Anybody else who discovers the phrase can steal the funds, so it must be kept safe like your other valuables. It must not be stored in any electronic or digital form - more on this below.


How to store your Exodus 12-word recovery phrase

You might have heard this already - anything that is online is hackable! The same holds true for your 12-word recovery phrase if you decide to store it on a computer or any device that is connected to the internet.

Write down the recovery phrase on a piece of paper or print them out using a secure network printer. It is always advised to have multiple copies of your recovery phrase and store it in multiple locations to prevent loss from calamities like floods, earthquake, fire, etc. For more tips on 12-word recovery phrase safety, check out our article The Do's and Don'ts of 12 Word Phrases and Private Keys.

Ensure that you write down the recovery phrase in the correct order without any spelling mistakes! Exodus tags each word of your recovery phrase with the order in which it needs to be written down, so make sure you follow the order. Entering the recovery phrase incorrectly (wrong order or spelling) will result in you not being able to access your wallet.

Following are some of the most common places where your recovery phrase  must not be stored: the notepad of your computer, as images on your laptop/mobile/tablet etc., file sharing services like Dropbox, MegaBox, OneDrive, Google Drive, iCloud etc., e-mail drafts, word/excel/ppt files, password protected files, USB drives, etc.

The threats are digital and online, so the best way to protect them is by keeping them in analog and offline storage: good, old-fashioned paper.


How is a recovery phrase generated?

A simple explanation of how recovery phrases work is that the wallet has a list of words taken from a dictionary, with each word assigned to a number. The recovery phrase can be converted to a number which is used as the seed integer to a deterministic wallet that generates all the key pairs used in the wallet.

Exodus uses the English-language wordlist of the BIP39 standard which has 2048 words. If the phrase contained only 12 random words, the number of possible combinations would be 2048^12 = 2^132, meaning 2 to the power of 132, and the phrase would have 132 bits of security. 

However, some of the data in a BIP39 phrase is not random, so the actual security of a 12-word BIP39 seed phrase is only 128 bits. This is approximately the same strength as all Bitcoin private keys, so most experts consider it to be sufficiently secure. If you want to know how many, you can have a look here: http://bugcharmer.blogspot.com/2012/06/how-big-is-2128.html

When your 12-word recovery phrase is converted into a seed integer, or number, for your wallet, the seed integer is used with a standard derivation algorithm, or formula, to derive, or generate, your master private key.

From this master private key, a very large number (almost infinite for all practical purposes) of private and public keys can be derived with the standard derivation formula. Given that the same master private key is used with the derivation formula, the same private and public keys will always be generated.

Also, different blockchain assets have different starting points in the derivation formula, which prevents differing assets from generating overlapping keys.

It is important to understand that the seed doesn't represent the private key, but it is used to derive your private and public keys to a series of processes described in the following Bitcoin Improvement Proposals (BIPs):

This is a rather lengthy and technical bit of reading, but below is a basic summary.

BIP32 describes how to use a master private key to generate (derive) a bunch of child private keys. These child keys are guaranteed to be 256 bit because of the process that is used to derive them.

BIP39 describes the seed generation. Although the 12-word seed is 128 bit, the derivation process described in BIP32 will ensure that the child keys are 256 bit, but the randomness (entropy) of those keys will be equal to 128 bit.

BIP44 describes a derivation path. In basic terms, it sets the properties that used to derive private keys as described in BIP32. These properties, for example, can indicate what type of coin this is (BTC, BCH etc.).


Where does Exodus store the 12-word recovery phrase?

Your 12-word recovery phrase is stored in an encrypted manner on the computer you install Exodus on. We do not store your 12-word recovery phrase on our servers, nor do we have any access to it. This is done in the true spirit of cryptocurrency that gives full control of the funds to the owner of the Private Keys. As Andreas Antonopoulos' famous quote goes: "Your keys, your bitcoin. Not your keys, not your bitcoin".

Also, by doing this, we protect you in the event of a hack on our servers. The hacker wouldn't find any information that gives access to your wallet and funds.

However, this means that you are solely responsible to ensure the safety and security of these words; if you ever forget your password and lose the recovery phrase, your funds are irretrievable! We cannot help you by recreating your recovery phrase or resetting your password as we do not store anything on our end.


Using the 12-word recovery phrase

The average user would never need to use their 12-word recovery phrase, unless their computer gives up and hence the wallet requires restoration on another computer. These days, however, there are hundreds forks/airdrops of every token out there—more often than not these forked/airdropped tokens are worthless but do require the user to enter their recovery phrase or private keys on another wallet to claim them. Doing this is a security risk as your 12-word recovery phrase are may be compromised as soon as you expose them anywhere online—you never know who is lurking around, even an insecure internet router/WiFi password can cause loss of all your digital funds stored inside Exodus.

If you have to absolutely access the forked/airdropped tokens it is recommended to create an additional wallet where your funds can be stored until the fork/airdrop date. This way you can move your funds back to the original wallet while being able to use the new (temporary) wallet's 12-word recovery phrase or private keys to access the airdropped/forked tokens.


Security of your wallet

The online world can be a dangerous place and simply keeping your recovery phrase safe is not always enough. Malware-infected computers can render your wallet vulnerable and susceptible to theft! Our article How do I keep my money safe? dives deep into keeping your computer safe and offers tips for safe online browsing.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us