1: Can I recover a seed phrase not on a Trezor hardware wallet. I have seen software called Coinomi? to recover a Trezor seed phrase. This seems to make seed phrases vulnerable as a compromised seed phrase can be recovered instantly on software rather than a 6 week wait to order a new Trezor hardware wallet.
2: Could the Trezor guides add suggestions on how to store a seed phrase. Not just plain text on paper or metal.
I mean how to protect this plain text seed phrase.
Plain text seed phrases would need to be well hidden to avoid being compromised.
Or hashing a seed phrase and storing the hashed seed phrase on paper or metal seems the final ultimate storage.
The hash could then be stored publicly such as a cloud drive, as a compromised hashed seed phrase would be many times safer than a compromised plain text seed phrase.
I understand the best plain text seed phrase storage would be multi-sig, but I don’t have my head around that yet.
You can recover standard seed phrase using any cold or hot wallet that support BIP39. However you should consider using hot wallet for recovery as you basically loose the main advantage or HW wallet which is storing your private keys offline.
The best way how to store the seed phrase and improve even more the level of security is using Shamir backup. It is a method of splitting the seed into multiple unique shares. To recover the wallet, a specified number of shares has to be collected and used.
For more information please read following article:
Regarding the actual stash:
It is IMO very subjective and this is very subjective and depends on several factors such as layout of your home for example but the more obscure the batter. Also, it is recommended to use products such as this one because of its resistance to physical damage, including fire, flooding, corrosive conditions, electric shock and impact from accidents.
Please note that you should definitely avoid storing your seed online, even when hashed.
If you want to generate recovery seed with different length than default it is possible by using Trezorctl commands. Please note it is rather for advanced users.
Please note that seedphrase and passphrase are two different things.
When first initialized, a Trezor device generates a random number which is converted into a mnemonic sentence (recovery seed) and stored in the memory. Subsequently, whenever the device is used, it derives a cryptocurrency wallet from a magical formula; mnemonic+passphrase (extremely simplified).
If the user did not input any passphrase (default setting), an empty string "" is used. When the feature is activated (it is activated by default but can be turned off), the user is prompted to enter the passphrase which is then combined with the recovery seed on the device, and a new wallet is generated.
Mistyping the passphrase will generate a completely new wallet. There is no such thing as an “incorrect passphrase”, so whatever you provide as your input will be used in the process of deriving a wallet.