Seed Phrase Security Guide
Overview
Your seed phrase (recovery phrase, mnemonic) is the master key to all your cryptocurrency. Anyone with your seed phrase has complete, irreversible control over your funds. It's typically 12 or 24 words generated by your wallet using the BIP-39 standard. Protecting your seed phrase is the single most important security practice in crypto. The number one rule: NEVER store it digitally.
Security Features
12 or 24 words following BIP-39 standard, Generated by your wallet during setup, Recovers your entire wallet on any compatible wallet software/device, Must be stored in the exact order, Optional 25th word (passphrase) for additional security, Hierarchical Deterministic (HD) derivation means one seed generates unlimited addresses
Pros & Cons
Pros: universal recovery mechanism, works across compatible wallets, memorisable (for some), enables complete wallet reconstruction. Cons: single point of failure, anyone with the phrase controls your funds, cannot be changed after creation, no recourse if lost or stolen.
Setup Steps
1. Write the seed phrase on paper ONLY (never type it into any device connected to the internet). 2. Verify each word carefully — one wrong word = unrecoverable. 3. Make 2-3 copies on paper. 4. Store copies in separate physical locations (home safe, bank safe deposit box, trusted family member). 5. Consider a metal backup (Cryptosteel, Billfodl) for fire/water protection. 6. Never photograph, scan, email, or cloud-store your seed phrase. 7. Test recovery on a separate device before relying on the backup.
Best For
Absolutely everyone who uses self-custody wallets
Tips & Recommendations
Repeat after me: NEVER. SHARE. YOUR. SEED. PHRASE. No legitimate service, support agent, or application will EVER ask for it. Phishing attacks asking for your seed phrase are the #1 attack vector in crypto. The moment you enter your seed phrase into a malicious website or share it with anyone, your funds are gone permanently.
Related Wallet Guides
Cold Storage Best Practices
Cold storage refers to keeping cryptocurrency completely offline — disconnected from the internet at all times. This includes hardware wallets, paper wallets, and air-gapped computers. Cold storage is the gold standard for securing large holdings because it eliminates remote attack vectors entirely. The key principle: your private keys have never touched an internet-connected device.
Protecting Against Phishing & Scams
Phishing and social engineering are the most common ways people lose cryptocurrency. Attackers create fake websites, impersonate support staff, send malicious links, create fake token approvals, and use urgency to trick users into revealing credentials or signing malicious transactions. In crypto, transactions are irreversible — once you sign a malicious transaction or enter your seed phrase on a fake site, your funds are gone.
Two-Factor Authentication (2FA) Guide
Two-Factor Authentication adds a second layer of security beyond your password. For crypto accounts, 2FA is essential — it means that even if your password is compromised, an attacker still needs access to your second factor. Authenticator apps (Google Authenticator, Authy) are strongly preferred over SMS 2FA, which is vulnerable to SIM-swapping attacks.
Crypto Inheritance & Estate Planning
An estimated $20+ billion in cryptocurrency is permanently lost because holders died without sharing access information. Crypto inheritance planning ensures your digital assets can be transferred to heirs without compromising security during your lifetime. Solutions range from simple sealed envelopes with instructions to sophisticated multi-party schemes using time-locks, dead man's switches, and professional custodians.