Your seed phrase (also called recovery phrase) is the human-readable backup of your private keys. Think of it like the master key to a safe deposit box: whoever holds it can move the funds. Short sentence. Long sentence: if the device that holds your private keys fails, is lost, or is destroyed, recovering access to your crypto depends entirely on a correct, intact seed phrase and any optional passphrase you configured.
I believe clear, practical backup choices beat theoretical perfection. In my experience, simple, tested workflows win during stressful recovery situations. (Why test? Because you will be nervous the first time you restore a wallet — better to know the steps beforehand.)
Who this guide is for: beginners and intermediate crypto holders who want to protect long-term holdings and understand trade-offs between 12 vs 24 words, BIP-39 seed phrase compatibility, metal backup plates, and Shamir backup (SLIP-39).
Who should look elsewhere: people building institutional-grade custody with fully audited multisig or HSM solutions (see multisig-setup and cold-storage-strategies).
Which is safer: 12 vs 24 words? Short answer: 24 words increase entropy, making brute-force attacks astronomically harder. Longer answer: a 12-word BIP-39 seed phrase encodes 128 bits of entropy; a 24-word phrase encodes 256 bits. That extra entropy matters mainly for future-proofing and very large balances. But for most personal users today, a correctly stored 12-word phrase is still practically secure against random attacks.
Practical trade-offs:
If you’re unsure, I’ve found that using a 24-word seed for long-term cold storage removes a worry you won’t ever need to test. (Testing restorations regularly is still the better habit.)
BIP-39 seed phrase is a standard that maps entropy to a list of words (and includes a checksum). That standard is widely supported across wallets and restoration tools, which makes BIP-39 useful for recoveries. But remember: some wallets add derivation choices (account paths) or optional passphrases that change the actual private keys generated from the same words.
Compatibility note: always check the restore documentation before assuming your 12- or 24-word BIP-39 seed will map to the same addresses in another wallet. If you want a walkthrough, see restore-recover-wallet and seed-phrase-management.
Shamir backup (SLIP-39) uses Shamir's Secret Sharing to split a master secret into parts (called shares) with a threshold required to reconstruct. For example, create 5 shares and require any 3 to restore — that’s a 3-of-5 threshold.
Pros:
Cons:
A worked example: create 5 shares, store 2 in a safety deposit box, give 1 to a trusted family member, and keep 2 in separate home safes. You can lose up to two shares and still recover (3-of-5). But if you lose more than the threshold, funds are unrecoverable — test restores.
Metal backup plates protect words from fire, water, and decay.
Why use metal? Paper fails in fire and degrades in moisture. Metal lasts decades.
How to use metal plates (short checklist):
But metal introduces its own risks: theft, metal corrosion (if low-quality steel), and complexity in managing multiple plates. I noticed during testing that legibility under poor lighting is often overlooked — use deep engraving, not faint etching.
(Alt image: metal-backup-plate-example)
How to write down recovery phrase safely (basic, for BIP-39 12/24-word seed):
Step by step: how to use metal backup plates:
How to setup a SLIP-39 Shamir backup (high level):
For device-specific setup tips, see nano-s-setup-step-by-step and setup-unboxing.
A passphrase (often called the 25th word) derives an additional secret on top of the BIP-39 seed. It offers plausible deniability and extra security. But there’s a catch: if you forget the passphrase, the funds are unrecoverable — not even the company can help.
If you use a passphrase:
Multisig reduces single-point-of-failure risk by requiring multiple independent keys to sign a transaction. Use multisig for larger holdings or corporate treasuries. It’s more complex but adds resilience: a stolen single seed phrase won’t allow funds to move without other cosigners.
If you’re curious, check multisig-setup and cold-storage-strategies for worked examples and configuration patterns.
Common mistakes I see in testing:
If your device fails, contact recovery documentation and follow the guided restore (see restore-recover-wallet). For firmware integrity questions, read firmware-updates-bootloader and supply-chain-authenticity.
Q: Can I recover my crypto if the device breaks?
A: Yes — if you have the correct seed phrase (and passphrase, if used). Use restore-recover-wallet or follow your wallet’s recovery instructions.
Q: What happens if the company goes bankrupt?
A: Nothing to your funds directly. Your seed phrase controls private keys; as long as you hold those words (and passphrase if used), you can restore in compatible wallets.
Q: Is Bluetooth safe for a hardware wallet?
A: Short answer: Bluetooth increases the attack surface compared with a USB-only, air-gapped flow. But with good device design and secure element protections, many Bluetooth implementations are acceptable for daily use. For high-value cold storage, prefer air-gapped signing or direct USB connections. See usb-otg-bluetooth and connectivity-security.
Q: How should I store my metal backup plates?
A: At least two geographically separated secure locations (home safe + bank safe deposit). Consider trusted custodians for one share if using SLIP-39.
Seed phrase backup is not a single product choice; it’s a workflow. Pick a seed length (12 vs 24 words) that matches your threat model, choose a durable storage medium (metal for long-term), and consider SLIP-39 or multisig for distributed risk. Test restores — seriously, test them.
If you want practical setup steps next, follow the setup-guide and the how-to restore guide. For deeper reading on passphrases, see passphrase-25th-word. And if you’ve got more questions, check common-mistakes-best-practices and multisig-setup.
Safe storing — and test your restores before you need them.