A comprehensive guide for securely storing sensitive information such as cryptocurrency seed phrases and root passwords.
This handbook provides a security-focused approach to storing critical secrets that:
- Protects cryptocurrency seed phrases for self-custody wallets
- Secures sensitive text information even when stored in cloud services
- Creates an encrypted backup system for vital credentials
You'll need the following tools:
- BIP39 Tool - Download
bip39-standalone.html - Symmetro - Download
symmetro-v2.0.0.html(or newer version) - Rabby Wallet (recommended browser extension, install only - don't configure yet)
- Optional: AirGap on a smartphone for cold storage
- A memorable password that you will never write down (stored only in your memory)
-
Boot your device in safe mode:
Windows 10/11:
- Press
Windows + R - Type
msconfigand clickOK - Select the
Boottab - Check
Safe bootoption - Click
Applyand close - Restart when prompted (or restart manually)
Ubuntu: - If you have an improvement suggestions, please go into Pull Requests
- Restart your computer
- When the GRUB menu appears, select "Advanced options for Ubuntu"
- Select the recovery mode option (usually shows as "Ubuntu ... (recovery mode)")
- From the recovery menu, select "root" to get a root shell
- Mount the filesystem as read-write:
mount -o remount,rw / - Proceed with your secure operations
macOS: - If you have an improvement suggestions, please go into Pull Requests
- Shut down your Mac
- Power on your Mac and immediately press and hold the Shift key
- Keep holding Shift until you see the login screen
- Log in to your account (you might need to log in twice)
- "Safe Boot" should appear in the top-right corner of the login screen
- Press
-
Verify you have no internet connection
-
Thoroughly check your browser extensions - remove any that could compromise security
-
Open the
bip39-standalone.htmlfile in your browser -
The tool will generate a seed phrase (choose 12 or 24 words)
-
This seed should remain offline and will only be used to derive your wallet keys
-
Select "ETH - Ethereum" in the "Coin" dropdown (or your preferred cryptocurrency)
-
The "Derived Addresses" section will display your public/private key pairs
- Ensure your physical surroundings are private
- Check that no one can view your screen
- Consider using privacy screens or curtains
-
In the "Derived Addresses" section, hover over a private key to display its QR code
-
Scan this QR with your smartphone to import the specific address to your wallet
-
Label your wallets appropriately for future reference
-
Open the
symmetro-v2.0.0.htmlfile in your browser -
Copy your seed phrase into the "Encrypt" section
- You can include additional notes or multiple seeds
- The tool supports multiline text
-
Enter your memorized password in the "Password" field
-
Click "Encrypt"
-
Save the encrypted text to a file
-
This encrypted file is secure enough to store in various locations
- To verify, copy the encrypted text to the "Decrypt" section
- Enter your password - you should see a checkmark ✅
- Click "Decrypt" to view your original text (only do this in a secure environment)
- Reboot your machine to normal mode
- Your wallets are now ready to use with the imported keys
- Never store your unencrypted seed phrase digitally
- Consider storing your encrypted backup in multiple secure locations
- Regularly verify that you can still decrypt your backup, in extreme case, you can still export your private keys and save them encrypted.
- Review this security process annually as tools and best practices evolve
- A malicious browser extension could potentially capture your clipboard data
- Always perform these steps offline in safe mode