TL; DR - Redditor , an information security practitioner, accidentally discovered that the smartphone's "predictive words" function guessed the mnemonic of his bitcoin wallet. He shared the process and the solution for Android and iOS phones. Andre "Predictive Words" Guess the Mnemonic Phrase Redditor previously shared this unique security issue on the Reddit forum. The mnemonic he mentioned refers to the random numbers in the Bitcoin Improvement Protocol (BIP 39). Andre 2,048 Andre pointed out that the prediction function of mobile phone typing will suggest the second word after the user enters the first mnemonic word, which means that when the mnemonic word is entered at that time, the mobile phone has recorded the mnemonic word entered by the user into the personal mnemonic word. In a custom dictionary, it can accurately suggest/predict 12-24 words. According to his actual measurement results: Google keyboard Gboard: No impact (Need to pay attention to whether the prediction function has been manually turned on). Samsung keyboard: Automatically enable "Automatic Alternate Text" and "Suggest Corrections" to record. Microsoft SwiftKey: Download, enable the app and start recording. Clearing the Predicted Text Cache Although it is still difficult to completely predict all the mnemonic words and their order, Andre pointed out that if someone who wants to get a mobile phone can do the followings: Open any chat app, Enter any word from the BIP39 list, and View the suggested words given by the mobile phone. For safety reasons, I suggest you clear the cache of predicted words and take preventive measures. Users can perform the following measures according to their own situations. 1. Check whether the mobile phone can predict the mnemonic: Does the second word suggestion appear after entering the first mnemonic word appear? Andre emphasizes that English is not the primary language on his phone, so when he enters English words, the phone will automatically store less commonly used words. 2. Clear the prediction cache and turn off the predictive word function. , clearing the keyboard history needs to be reset: For Samsung keyboards Go to settings Select language and input keyboard, Select Samsung keyboard reset to clear the personalized prediction, and Click Clear to turn off the predictive word function. Refer to for instructions. Samsung's official website The operations for to clear the keyboard history are as follows: iPhone users Open “Settings” Go to “General” Tap “Keyboard” Select “transfer or reset the iPhone.” Click “to reset the keyboard dictionary.” Please note that this will wash out all the word suggestions. Please consider them for yourself. You can refer to Apple's for predicted words or go to general settings, keyboard, and turn off "predicted words" official website For Gboard users (usually the default keyboard for android devices), you can clear cache and data as follows: Open “Settings” Tap “Apps” or “Apps Manager” Select “Gboard“ from the list Tap “Storage & cache” Tap “Clear data“ and “Clear cache“ You can refer to Google’s to remove dictionary words, privacy settings, and how to turn off “learned words. “ official website To further protect your crypto assets, you can read my previous articles: Crypto Wallets Exposed "Mnemonic Phrase Vulnerabilities" (4 Already Fixed) Hacked: MetaMask User Lost US$81,000 In ETH Protect Your Crypto Wallets With InfoSec - The Three-Tier Wallet System Thank you for reading. May InfoSec be with you🖖.

Apple

Google

Microsoft

Samsung

The Real Reason Why You Don't See iPhones in Hollywood Films

Crypto Wallets Exposed "Mnemonic Phrase Vulnerabilities" (4 Already Fixed)

2021 - HackerNoon Contributor of the Year - CULTURE

Support Me on Coil

2021 - HackerNoon Contributor of the Year - PERSONAL-DATA

Nominated for 2022 - HackerNoon Contributor of the Year - Cybersecurity

Nominated for 2022 - HackerNoon Contributor of the Year - Security

Nominated for 2022 - HackerNoon Contributor of the Year - Privacy

Nominated for 2022 - HackerNoon Contributor of the Year - Beginners Guide

Nominated for 2022 - HackerNoon Contributor of the Year - Containers

Nominated for 2022 - HackerNoon Contributor of the Year - Data Privacy

Too Long; Didn't Read

How “Predictive Text” Functionality can Reproduce Mnemonic Crypto Wallet Phrases

How “Predictive Text” Functionality can Reproduce Mnemonic Crypto Wallet Phrases

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

Time Bombs Inside Software: 0-Day Log4Shell is Just the Tip of The Iceberg

How to Hide Your Private Keys with Colors

How to Keep Your Seed Phrase Safe?

Part 1/3: Can You Turn Your Photos Into Bitcoin Private Keys/Addresses? Hell Yeah !!

5 Basic Tips to Protect Your Crypto Wallet from Theft

What Are Wallet Drainers? How to Protect Yourself From Them!

Time Bombs Inside Software: 0-Day Log4Shell is Just the Tip of The Iceberg

How to Hide Your Private Keys with Colors

How to Keep Your Seed Phrase Safe?

Part 1/3: Can You Turn Your Photos Into Bitcoin Private Keys/Addresses? Hell Yeah !!

5 Basic Tips to Protect Your Crypto Wallet from Theft

What Are Wallet Drainers? How to Protect Yourself From Them!

Light-Mode

Classic

Newspaper

Minty

Dark-Mode

Neon Noir

Minty

HN StartUps