How long should my device password be?

The BitBox02 has two unlocking protections to protect against simply trying out all possible passwords:

  1. After 10 failed unlock attempts, the device is reset and must be restored from the backup.
  2. The secure chip contains a lifetime counter and permanently locks the device after ~730'000 unlocks (about 100 unlocks per day for 20 years).
This is called "security in-depth": even if unlock protection (1) can be bypassed, unlock protection (2) will prevent any damage.

We recommend using a password that is hard to brute-force even in the unlikely scenario that the unlock protection (1) could be bypassed. The chance of an attacker guessing the right password before hitting the unlock protection (2) are as follows:

  • 5 random characters: 0.08 %
  • 6 random characters: 0.012 %
  • 7 random characters: 0.00002 %
We recommend using a device password of 5 or more random characters, including uppercase, lowercase letters, and numbers. Using extremely long device passwords with e.g. 30 or more characters hampers usability more than actually improving security.

Avoid confusing the device password for your BitBox02 with an optional passphrase you may have set for your wallet. The latter should be longer and different from the device password, also including special characters, because the protections against brute-force attacks mentioned above don't apply here. Find out more on this topic in our blog post.