Generating a strong, secure IOTA seed is easy. Follow this 10 step guide:
It is possible to generate a seed from the command line but storing the seed in plaintext is often the downfall of many IOTA enthusiasts. This method uses the OpenSource KeePass password manager to generate and manage IOTA seeds. You can, if you wish, use the command line to generate seeds and then use KeePass to store them. Alternately you can use KeePass to generate seeds.
If you want follow this guide later and buy now you can do so on Binance by clicking on the button to the left. We recommend moving your tokens off exchanges as soon as possible because while they are on an exchange you have only an IOU.
Step 1: Download Keepass (1.34) from https://keepass.info
Step 2: Check the FIle is legitimate
We will use the same procedure as we used to check the IOTA wallet file was legitimate. See here for our Prior Guide if you don’t know how to do this.
Compare this SHA256 hash with that listed on the KeePass website (https://keepass.info/integrity.html)
It’s easy to find the file by searching for the version you downloaded (e.g. 1.34) using CTRL-F.
Step 3: Housekeeping – Delete old Installers
Get rid of the IOTA Wallet installer and the Keepass Installer to avoid confusion.
Find the program shortcuts by going searching for IOTA and KeePass in windows. You can drag them to your desktop for ease.
Step 4 – Making a new KeePass Database
Open KeePass and enter a Master Password. It need to be something you have never used for anything – ever. Remember that it is far easier to remember a secure password which is a string of multiple words rather than throwing random numbers and capitals around.
You MUST somehow backup this master key. Maybe send parts of the password to friends and don’t tell them what it is just to keep it safe. Whatever you do – you cannot loose this password.
Step 5: Make your first IOTA seed (…FINALLy!!!)
Right click the empty space and click add entry.
Click the little Key Icon (Pointed to with the red arrow below) and set the password generator as follows:
Length of generated password: 81 Upper Case - Tick Also Include the following characters: 9
Then click Generate. You can then rename the password. We recommend something like IOTA-Seed-001
KeePass generates seeds with sufficiently random sources of entropy to satisfy us (you can read about the details here). If you want to be extra secure you can delete a few random letters in the password and change them to be sure that if the KeePass password generator was found to have a flawed design your seed would not be compromised. If you do this make sure you save AFTER changing the password, not before.
Step 6: SAVE the database
Call it something you will recognise but preferably not something like IOTA-Password.
Step 7: find the checksum
Now open your IOTA Wallet. If you haven’t got this installed follow our comprehensive guide here.
Copy the password (CTRL-C whilst selecting the IOTA-Seed-001 Entry in KeyPass) and paste it into the seed entry box (If the box isn’t visible see how to change your node with our guide).
You will now be able to see the Checksum of your seed. This is very useful because you can use this to make sure that malware has not affected your system and changed the seed you pasted in. To make sure we remember this lets rename out KeePass seed to include this. Right click the seed and select edit. Add this checksum (In this case MBY) to the end of the seed NAME (NOT THE PASSWORD).
Step 8: Check everything is working
Save your KeePass database again and close it down.
Check you can find where you saved the file and move it somewhere you can easily find it.
Open it up and paste the Seed into your IOTA wallet and check the checksum’s match.
Step 9: Back up your KeePass Database
Your seed is now securely stored in your keepass database which is encrypted with a password.
You must now back up your KeePass database somewhere where it is safe (preferably in multiple places).
This could be on a memory stick in a safe, on an old computer or even in the cloud. Because you set a masterpassword the database is encrypted and without the master password no-one can get in. That said – if your password is not strong and someone manages to get hold of your KeePass Database they may be able to brute force their way in (by guessing thousands of passwords per second using a computer). Because of this you are best keeping your KeePass database secure – treat it like you would a private key, especially if you haven’t used a strong master password.
Step 10: DONE
You are now done. You should send a small amount of IOTA from an exchange or other wallet to an address generated from this seed. Always attach a new address to the tangle before sending any balance to it to eliminate/minimise the risk of a double-spend. Don’t reuse addresses which you have spent from.
If you liked our guide and want to tip us our dontation address is below. Many thanks.
If you want to buy IOTA you can do so on Binance by clicking on the button to the left. We recommend moving your tokens off exchanges as soon as possible because while they are on an exchange you have only an IOU.