Backup verification is too easy to bypass.

[Transisto]

Take note of the first word and when asked for word #7 scroll words until you find first word then press next 6 times to get to the 7th word.

I also hate that this stop two people from doing a trusted setup where each person backup half of the words. All words are being given when it's time to verify any word.

[btchip]

Take note of the first word and when asked for word #7 scroll words until you find first word then press next 6 times to get to the 7th word.

Words should be shuffled randomly, or I didn't understand the question

I also hate that this stop two people from doing a trusted setup where each person backup half of the words. All words are being given when it's time to verify any word.

It's not designed to support this use case (which is not very convenient / secure to support anyway, considering most third party recovery software will display the full mnemonic).

[Transisto]

Words should be shuffled randomly, or I didn't understand the question

When I tell you that I bypass the seed verification it's because that's what I do. I've had to do 8 pre-sale firmware update for customer so far and I'm very grateful I don't have to write down the 24 words or even look at the screen when I verify the backup. These words are going to the garbage anyway because I'm not going to let a customer write down his seed and then flash firmware then reenter the 24 words with two button as his first experience with Ledger.

BTW I do this for customers because looking at hand movement when clicking PIN from 5 5 5 5 was to me a big vulnerability in a public setting. I'm almost mind blown that after fixing it in 1.2 you didn't made it the default.

It's not designed to support this use case (which is not very convenient / secure to support anyway, considering most third party recovery software will display the full mnemonic).

I don't think you understand the use-case. We've setup Trezor for OTC trade but do not want any of the business administrator to have complete access to the backup. The device is physically secured, constantly camera monitored and nobody but the employees have the PIN.

Not that I'm interested in this with the Nano but it would support that use case if it didn't show all the words in order at the time of verifying the seed.

[btchip]

I've had to do 8 pre-sale firmware update for customer so far

I believe it should work from recovery mode (keep the right button pressed when booting), then you won't have to personalize the device first.

BTW I do this for customers because looking at hand movement when clicking PIN from 5 5 5 5 was to me a big vulnerability in a public setting. I'm almost mind blown that after fixing it in 1.2 you didn't made it the default.

that's because it's unnecessary and might be confusing for some users. You can keep the button pressed instead.

but it would support that use case if it didn't show all the words in order at the time of verifying the seed.

ok I get it now, that could be doable.

[jonathancross]

@Transisto Can this be closed?

but it would support that use case if it didn't show all the words in order at the time of verifying the seed.

ok I get it now, that could be doable.

Was this implemented or is it still needed?