I am trying to understand how the PIN is handled after a Trezor recovery. I can’t see anything that really explains what to expect.
I understand that after recovery you can access your device and your wallets and from here you can set a new PIN.
However, if you don’t set a PIN after recovery does the device have the old PIN from before recovery or is there simply no PIN set (which would seem strange)?
Hi @andy612
Once you perform factory reset everything is erased; including firmware, private key, and PIN.
Hi Pavel.
You are talking about something different. I’m talking about having done a recovery using the recovery phrase which takes you back to accessing your wallet and definitely reloads your private key (otherwise you couldn’t access your wallets).
A recovery is different to a factory reset.
You can only perform recovery on a cleanly wiped Trezor.
So either it’s a new Trezor, that never had any PIN on it – or it’s your old Trezor, which you needed to factory-reset before doing recovery, which would have erased the old PIN too.
In either case, no PIN is set on the Trezor unless you set it yourself manually.
To clarify: PIN is not bound to your private keys. It’s a completely separate setting, same as, e.g., a homescreen is not bound to your private keys. You can change your PIN at any time and the private keys stay the same.
So given that there is no relation, recovering the private key can’t recover your PIN.
By wiping memory, you delete private key, all data associated with the pre-existing accounts, and settings associated with the device, such as the PIN, name, homescreen, and passphrase settings.
Hence, after recovery, there is no PIN stored on your Trezor device.
This make sense but seems odd to me from a security perspective. That is that you can recover your wallets to the Trezor without a PIN being set - although I do understand that you can set the PIN after the recovery and that would be recommended I’m sure.
Why I think this is odd is that when you setup a new Trezor you are forced to set a PIN after the new firmware is installed and before you send any coins to your newly setup Trezor.
By comparison, if you recover your wallets to a new Trezor you don’t have to setup a PIN and presumably never have to. Why wouldn’t it force you to setup a PIN prior to recovery.
Am I missing something here.
You can always skip setting a PIN.
OK so just to complete this discussion. I understand what you are saying and do understand how to set the PIN after recovery.
I do also want to note that when you setup a brand new Trezor that has no firmware that you are taken through a process of installing the firmware, setting the pin and creating a recovery seed. I don’t remember being able to (nor can I find any online videos) that suggest you can skip the creation of the PIN and recovery seed when first setting up a new Trezor.
However when you wipe an existing Trezor and then create a new wallet using trezor.io you aren’t taken through the process of creating a PIN and recovery seed and have to know to do that yourself. This seems like poor security (or at best poor setup process) to me.
I further note that testing on the new beta Trezor Suite today that when you wipe a Trezor and then create a new wallet that it DOES now take you through the process of creating the PIN and recovery seed again.
This is a good change I’m sure you will agree.
At the moment, you cannot wipe a device from the Trezor suite based on what I am seeing. You must use the website. For most, this probably isn’t an issue, but its probably worth editing your instructions here: User manual:Wiping the Trezor device - Trezor Wiki
This wasn’t worth creating a new topic, but figured it was worth mentioning in case others are struggling with this.
**edit: cannot wipe without pin. If you have pin, you can wipe from Trezor Suite after you have logged in with pin.
Is it safe to wipe memory and just create a new wallet? i havent stored any funds yet on my new trezor
yes it is.
Would be safe even if you’d have funds stored on your Trezor as long as you have valid seed.