I would like to make my "recovery phrase" something meaningful that I will remember and not just word jibberish.
I would like to make my "recovery phrase" something meaningful that I will remember and not just word jibberish. The recovery phrase is currently generated for me and just 12 random words. So, I just save it to a file on my computer and forget about it. That's not very "safe."
I don't think that would be any good privacy/security practice. the more random the more secure.
The recovery phrase should be saved and backed up encrypted on an external drive for exemple (you can have your meaningful phrase to decrypt it) not connected to the internet and/or saved and backed on a secure and encrypted password manager (like bitwarden). It should not be anything you can remember from the top of your head, just like any passwords.
and having more than one copy is preferable...
It's not clear to me how simplifying the phrases would meaningfully increase security.
If Proton changes the recovery phrase to meaningful words, and you store them in a computer file, your security is still going to be only as strong as the computer file itself.
Another concern I have is that making the phrases more memorable would simultaneously make them more predictable. Predictability makes things easier to brute force. The randomness of the phrases is part of the security.
I agree. I tend to use a 32 character key generated using ssh-keygen. I put that text dump in the second slot of my YubiKeys. I just tap and hold the yubikey until it dumps the 32 character password that even I don't know/remember. I'd much rather be able to choose my own "recovery phrase" using the method above.
I think that a meaningful recovery phrase is an excellent idea. I would suggest that you write the words down on paper and keep that paper somewhere secure. You should encrypt the recovery phrase if it stays on your computer. After you encrypt it, you can store the file somewhere conspicuous.
Hopefully, I'll be able to vote when I have more to spend.