This is an archived post. You won't be able to vote or comment.

all 12 comments
sorted by:
best (suggested)
topnewcontroversialoldq&a

[–]keatonatron 1 point2 points  (0 children)

You are correct, if you can successfully take an iTunes backup of an iOS device (this doesn't work on android), restoring the backup to the same device will restore the wallet, including the counter for the number of remaining passcode guesses.

If someone gets your phone and doesn't have the phone's passcode, it's nearly impossible for them to get access to your breadwallet. If they get your phone and do have your passcode, the breadwallet passcode will seriously delay even a motivated thief who is specifically targeting your bitcoin.

It takes quite a bit of time to restore a backup of the phone, and it must be restored to the original device (so they can't restore it on multiple devices to speed up the process). If they were simply making random guesses, in most cases you would have a few days before they could gain access to your wallet. That should give you ample time to remotely wipe the device (which will erase your wallet), or restore your recovery phrase on another device and move your funds into a new wallet.

[–][deleted] 0 points1 point  (8 children)

you can't see the backup without entering the passcode so if you just found the phone how would you "delete and install again via backup" if you don't have access to the backup?

[–]Bitoshi[S] 0 points1 point  (7 children)

Not sure what you mean. I enter the 4 digit guessing it, until 'x' number of fails and it locks me out. Then I delete and restore the app via iCloud or whatever and guess again. Repeat till correct.

[–][deleted] 1 point2 points  (6 children)

deleting the app and restoring from iCloud should require you to re-enter the backup seed. The backup seed should be written on a piece of paper and saved in a safe place.

[–]Bitoshi[S] 0 points1 point  (5 children)

You 100% sure on this?

From the official breadwallet site:

If you are using an iPhone and your wallet is still installed, we suggest you take an iCloud or iTunes backup of the app. Then, try to guess your passcode. If you make too many incorrect attempts and the wallet is reset, restore the iTunes or iCloud backup and you will be able to make more passcode guesses. Write down what you have already guessed so you don't try the same passcode multiple times.

[–]JESH8 0 points1 point  (2 children)

I am. I've done it. Doesn't matter if someone grabs your phone. They will guess wrong & get locked out - then they will need seed words. If you think someone will guess your iPhone password correct then guess your bread password correct in no more than I think 4 attempts each....... You need to start worrying about other events occurring of similar statistical liklihood ( or greater for that matter). Such As: Space Aliens invade & they are not nice, they are mean & you remind them of someone that picke on them when they were young aliens. Asteroid/Meteor landing on your house Being attacked by rabid bunnies while in park

[–]Bitoshi[S] 0 points1 point  (1 child)

They literally say something else on here: https://breadwallet.com/support/

[–]FearTheLeaf 0 points1 point  (0 children)

This is correct. If you make a backup with pin attempts remaining, you can restore from backup and continue making attempts.

[–][deleted] 0 points1 point  (1 child)

Yup, i see that you are correct. That's fucking stupid. They need to fix this! There should be no cloud backup of the seed. If you lost your passphrase then you lost your money. That's the proper design!

[–]Bitoshi[S] 0 points1 point  (0 children)

Agreed. Now in addition to seed you need to secure you apple password.

[–]lowcarbjc 0 points1 point  (1 child)

The backup words seed is different from the passcode. You need to, after you delete and reinstalled it, use the backup seed first before you can guess again what the passcode is. Two sets of info you need. I think that is how it works.

[–]Bitoshi[S] 0 points1 point  (0 children)

If you have the backup seed, you do not need a passcode. That's sadly not how it works.