BIP39 - Mnemonic Code Converter

Mnemonic

You can enter an existing BIP39 mnemonic, or generate a new random one. Typing your own twelve words will probably not work how you expect since the words require a particular structure (the last word contains a checksum).

For more info see the BIP39 spec.

Generate a random mnemonic, or enter your own below

Words count

Mnemonics with less than 12 words have low entropy and may be guessed by an attacker.

Warning
Entropy is an advanced feature. Your mnemonic may be insecure if this feature is used incorrectly. Read more

Entropy

Some characters have been discarded

Time To Crack

Event Count

Entropy Type

Bits Per Event

Filtered Entropy

Raw Binary

Binary Checksum

Word Indexes

Mnemonic Length

The mnemonic will appear more secure than it really is.

PBKDF2 rounds

Raw Entropy Words

Total Bits

Valid entropy values include:

Binary [0-1]
101010011

Base 6 [0-5]
123434014

Dice [1-6]
62535634

Base 10 [0-9]
90834528

Hex [0-9A-F]
4187a8bfd9

Card [A2-9TJQK][CDHS]
ahqs9dtc

Show entropy details

Hide all private info

Auto compute

Mnemonic Language

English🇬🇧 日本語🇯🇵 Español🇪🇸 中文(简体)🇨🇳 中文(繁體)🇨🇳 Français🇫🇷 Italiano🇮🇹 한국어🇰🇷 Čeština🇨🇿 Português🇵🇹

Warning
You are using a custom number of PBKDF2 iterations. Your BIP39 seed may not show the same addresses on different software. Read more

BIP39 Mnemonic

BIP39 Split Mnemonic

Show split mnemonic cards

BIP39 Passphrase (optional)

BIP39 Seed

Coin

BIP32 Root Key

Show BIP85

Warning
This is an advanced feature and should only be used if you understand what it does.

The value of the "BIP85 Child Key" field shown below is not used elsewhere on this page. It can be used as a new key.

In the case of the BIP39 application, you can paste it into the "BIP39 Mnemonic" field to use it as a new mnemonic.

Please read the BIP85 spec for more information.

BIP85 Application

BIP85 Mnemonic Language

BIP85 Mnemonic Length

BIP85 Bytes

BIP85 Index

BIP85 Child Key

Prefixes Use Ltpv / Ltub instead of xprv / xpub

Derivation Path

For more info see the BIP44 spec.

For more info see the BIP32 spec

Derived Addresses

Note these addresses are derived from the BIP32 Extended Key

Use CashAddr addresses for Bitcoin Cash (ie starting with 'q' instead of '1') Use BitPay-style addresses for Bitcoin Cash (ie starting with 'C' instead of '1') Use legacy addresses for Bitcoin Cash (ie starting with '1')

Encrypt private keys using BIP38 and this password:

Enabling BIP38 means each key will take several minutes to generate.

Use hardened addresses

Table
CSV

Path	Address	Public Key	Private Key

(leave blank to generate from next index)

More info

BIP39 Mnemonic code for generating deterministic keys

BIP32 Hierarchical Deterministic Wallets

BIP44 Multi-Account Hierarchy for Deterministic Wallets

BIP49 Derivation scheme for P2WPKH-nested-in-P2SH based accounts

BIP85 Deterministic Entropy From BIP32 Keychains

Entropy

Entropy values should not include the BIP39 checksum. This is automatically added by the tool.

Entropy values must be sourced from a strong source of randomness. This means flipping a fair coin, rolling a fair dice, noise measurements, etc. Do NOT use phrases from books, lyrics from songs, your birthday or street address, keyboard mashing, or anything you think is random because chances are overwhelming it isn't random enough for the needs of this tool.

Do not store entropy.

Storing entropy (such as keeping a deck of cards in a specific shuffled order) is unreliable compared to storing a mnemonic. Instead of storing entropy, store the mnemonic generated from the entropy. Steganography may be beneficial when storing the mnemonic.

The random mnemonic generator on this page uses a cryptographically secure random number generator. The built-in random generator can generally be trusted more than your intuition about randomness. If cryptographic randomness isn't available in your browser, this page will show a warning, and the generate button will not work. In that case, you might use your entropy source.

You are not a good source of entropy.

Card entropy has been implemented assuming cards are replaced, not drawn one after another. A full deck with replacement generates 232 bits of entropy (21 words). A full deck without replacement generates 225 bits of entropy (21 words). Card entropy changed significantly from v0.4.3 to v0.5.0. The old version can be accessed at https://github.com/iancoleman/bip39/releases/tag/0.4.3 or https://web.archive.org/web/20201018232020/https://iancoleman.io/bip39/

PBKDF2

What is PBKDF2 (Password-Based Key Derivation Function 2) ?

Please refer to this wikipedia article for more detail. Mail about PBKDF2 security here.

Wallet software that implement BIP39 only use 2048 iterations as a norm. Increasing this parameter will increase security against brute-force attacks, but you must store this new parameter. However, as long as you back up your BIP39 seed, you will not risk losing your fund. To access them with custom PBKDF2 iterations, use this file (or other) to compute your targeted BIP39 seed.

Using less than 2048 PBKDF2 iterations is insecure without strong optional BIP39 Passphrase.