Seed Phrase Security

Seed Phrase Best Practices — How to Store It

Your seed phrase is the master key to everything in your crypto wallet. Not your password. Not your PIN. The seed phrase is the wallet itself — a human-readable representation of your private keys.

If someone gets it, they own your coins. If you lose it, you lose your coins. There's no customer support line. No recovery email. No "forgot my seed phrase" button.

This guide covers what a seed phrase actually is, the most common ways people lose their funds, and the right way to handle yours.

What Is a Seed Phrase?

When you create a crypto wallet — hardware wallet, software wallet, whatever — the wallet generates a random number and converts it into 12 or 24 common English words. This word list is your seed phrase (sometimes called a recovery phrase or mnemonic phrase).

Example format (not a real one — do not use this): > abandon ability able about above absent absorb abstract absurd abuse access accident

Every private key in your wallet is mathematically derived from this phrase. That means the seed phrase can regenerate your entire wallet on any compatible device, anywhere in the world.

This is powerful. It's also the single point of failure.

The Ways People Lose Their Crypto

Before getting into what to do, here's what actually happens when things go wrong:

1. Stored digitally, got hacked. The most common. Someone screenshots their seed phrase, saves it to iCloud Photos, Google Drive, a notes app, or emails it to themselves "just in case." Attackers specifically hunt for these. Cloud breaches, phishing attacks, malware — any of these can expose a digitally stored seed phrase.

2. Lost the only copy. Paper deteriorates. Houses flood and burn. People throw out "old papers." If your one copy of the seed phrase is gone, so are your coins.

3. Someone else found it. Stored under a mattress, in a drawer, in a desk at work, in a phone notes app visible to roommates. Theft is an underrated threat.

4. Typed it into a fake wallet. Scammers create fake wallet apps and websites that ask you to "restore your wallet" by entering your seed phrase. Once you type it in, funds are swept instantly. Legitimate software never asks for your seed phrase except during initial setup on the actual device.

5. Never wrote it down. People skip the recovery phrase step during setup and only realize it matters when the device breaks or gets lost.

The Rules

Rule 1: Write it down the moment you see it

Your wallet will show you the seed phrase once during setup. Write every word down in order, on paper, right then. Don't think "I'll do it later." Later doesn't happen.

Verify your spelling. Many seed phrases use similar-looking words (abandon vs. abide). Get it right.

Rule 2: Keep it offline. Completely.

No exceptions to this one. Your seed phrase should never touch a networked device. That means:

  • ❌ No photos
  • ❌ No typing into any app — ever
  • ❌ No cloud storage (iCloud, Google Drive, Dropbox, OneDrive)
  • ❌ No password managers (they sync to the cloud)
  • ❌ No email drafts
  • ❌ No text messages to yourself
  • ❌ No screenshots
  • ✅ Paper
  • ✅ Metal backup (more on this below)

The security model of a hardware wallet depends on the seed phrase staying offline. The moment it touches the internet, that protection is gone.

Rule 3: Make more than one copy

A single piece of paper in your home is a single point of failure. Fire, flood, or an overenthusiastic relative who "cleaned up" can erase it.

At minimum: two copies, two different locations.

Options:

  • Home safe + safety deposit box
  • Your home + a trusted family member's home (in a sealed envelope)
  • Two different fireproof safes in different locations

Rule 4: Consider a metal backup

Paper burns. Paper gets wet. Metal doesn't.

Metal seed phrase backup plates (brands include Cryptosteel, Bilodraw, CryptoTag, and others) let you stamp or engrave your words into stainless steel. These can survive house fires and flooding.

They cost $30–100 and are a one-time purchase. Worth it if your holdings justify it.

Rule 5: Don't tell anyone what it is or where it is

Most people don't need to know you have a hardware wallet. Fewer need to know where the seed phrase is stored. This limits both social engineering and opportunistic theft.

Exception: your estate planning. Someone trusted needs to know how to access your assets if something happens to you. See the Crypto Estate Planning guide for how to handle this without handing a loaded gun to the wrong person.

Rule 6: Never type it into anything except your actual wallet device during recovery

The only legitimate use case for entering your seed phrase is when you're restoring your wallet onto a hardware device you own. Even then, the words go into the physical device — not a computer app, not a website, not a phone app.

If anything ever asks you to "verify" or "confirm" your seed phrase online, it's a scam.

Advanced: The Passphrase (25th Word)

Both Ledger and Trezor support an optional extra passphrase — sometimes called the "25th word" — that you set yourself. This creates a separate hidden wallet.

If someone finds your seed phrase, they still can't access your funds without the passphrase. This is a meaningful security upgrade.

The catch: If you forget the passphrase, the funds are gone. Unlike the seed phrase, passphrases aren't stored anywhere — not even on the device. You have to remember it or write it down somewhere separately from the seed phrase.

If you use a passphrase, treat it with the same care as the seed phrase — and store them in separate locations, not together.

Advanced: Shamir's Secret Sharing

Trezor's Model T offers Shamir Backup — a method that splits your seed phrase into multiple "shares" (e.g., 3 shares where any 2 can reconstruct the wallet). You could store one with a lawyer, one in your home safe, and one offsite.

This eliminates the single-point-of-failure problem and is worth considering for larger holdings. The setup is more complex but well-documented by Trezor.

The "Did I Do This Right?" Checklist

  • [ ] Seed phrase written down in order, all words correct
  • [ ] Stored on paper (and/or metal)
  • [ ] No digital copy exists anywhere
  • [ ] Two or more physical copies in different locations
  • [ ] No one else knows the exact location (except trusted estate contacts)
  • [ ] You've done a recovery test — actually restored the wallet using just the phrase

That last point is underrated. Restore your wallet using your backup before you move serious funds in. If the phrase is wrong, you want to find that out when it's cheap.

What to Do Right Now

If you already have a hardware wallet but haven't followed these steps:

  1. Find your current seed phrase (if you wrote it down)
  2. Make a second copy on paper
  3. Verify both copies against each other
  4. Store them in two separate locations
  5. Delete any digital copies you may have made — check your Photos app, Notes, email drafts, and cloud storage

If you can't find your seed phrase at all, your wallet is already at risk. The safest move is to create a new wallet, generate a new seed phrase properly, and transfer your funds there.

Want to go deeper?

Share this guide

Post on XRedditLinkedIn

Stay ahead of what matters

Three emails a week — what moved, what it means, what to watch. No noise.

Subscribe Free →
This guide is for educational purposes only and does not constitute financial, legal, or tax advice. Cryptocurrency investments carry significant risk. Consult qualified professionals before making financial decisions.