nano-s-plus-guide.com
Login
Independent review. This site is not the official website and is not affiliated with, endorsed by, or operated by the wallet vendor reviewed here. Never enter your seed phrase or private keys on any third-party site.

Seed Phrase Backup & Security (12 vs 24 words, Metal Backups)

Yara Schreiber Yara Schreiber
Try Tangem secure wallet →

Seed Phrase Backup & Security (12 vs 24 words, Metal Backups)

Introduction: why seed backup matters

Your seed phrase (also called recovery phrase) is the human-readable backup of your private keys. Think of it like the master key to a safe deposit box: whoever holds it can move the funds. Short sentence. Long sentence: if the device that holds your private keys fails, is lost, or is destroyed, recovering access to your crypto depends entirely on a correct, intact seed phrase and any optional passphrase you configured.

I believe clear, practical backup choices beat theoretical perfection. In my experience, simple, tested workflows win during stressful recovery situations. (Why test? Because you will be nervous the first time you restore a wallet — better to know the steps beforehand.)

Who this guide is for: beginners and intermediate crypto holders who want to protect long-term holdings and understand trade-offs between 12 vs 24 words, BIP-39 seed phrase compatibility, metal backup plates, and Shamir backup (SLIP-39).

Who should look elsewhere: people building institutional-grade custody with fully audited multisig or HSM solutions (see multisig-setup and cold-storage-strategies).

Try Tangem secure wallet →

12 vs 24 words — what changes and why it matters

Which is safer: 12 vs 24 words? Short answer: 24 words increase entropy, making brute-force attacks astronomically harder. Longer answer: a 12-word BIP-39 seed phrase encodes 128 bits of entropy; a 24-word phrase encodes 256 bits. That extra entropy matters mainly for future-proofing and very large balances. But for most personal users today, a correctly stored 12-word phrase is still practically secure against random attacks.

Practical trade-offs:

  • 12 words: faster to write and restore; slightly less entropy. Good for everyday users or small balances.
  • 24 words: higher entropy; recommended for large, long-term holdings.

If you’re unsure, I’ve found that using a 24-word seed for long-term cold storage removes a worry you won’t ever need to test. (Testing restorations regularly is still the better habit.)

BIP-39 seed phrase: basics and compatibility

BIP-39 seed phrase is a standard that maps entropy to a list of words (and includes a checksum). That standard is widely supported across wallets and restoration tools, which makes BIP-39 useful for recoveries. But remember: some wallets add derivation choices (account paths) or optional passphrases that change the actual private keys generated from the same words.

Compatibility note: always check the restore documentation before assuming your 12- or 24-word BIP-39 seed will map to the same addresses in another wallet. If you want a walkthrough, see restore-recover-wallet and seed-phrase-management.

Shamir backup (SLIP-39): split-and-share explained

Shamir backup (SLIP-39) uses Shamir's Secret Sharing to split a master secret into parts (called shares) with a threshold required to reconstruct. For example, create 5 shares and require any 3 to restore — that’s a 3-of-5 threshold.

Pros:

  • Distributes risk (no single physical point of failure).
  • Useful for family, geographically separated copies, or trustees.

Cons:

  • More complex to manage and restore.
  • Not universally supported — some wallets/tools don’t implement SLIP-39.

A worked example: create 5 shares, store 2 in a safety deposit box, give 1 to a trusted family member, and keep 2 in separate home safes. You can lose up to two shares and still recover (3-of-5). But if you lose more than the threshold, funds are unrecoverable — test restores.

Metal backup plates: durability, how-to, and trade-offs

metal-backup-plate-placeholder

Metal backup plates protect words from fire, water, and decay.

Why use metal? Paper fails in fire and degrades in moisture. Metal lasts decades.

How to use metal plates (short checklist):

  1. Engrave or stamp each word and its index number.
  2. Verify readability after engraving.
  3. Store plates in at least two geographically separated secure locations.
  4. Consider tamper-evident packaging or sealed envelopes for extra protection.

But metal introduces its own risks: theft, metal corrosion (if low-quality steel), and complexity in managing multiple plates. I noticed during testing that legibility under poor lighting is often overlooked — use deep engraving, not faint etching.

(Alt image: metal-backup-plate-example)

How to backup your seed phrase — Step by step

How to write down recovery phrase safely (basic, for BIP-39 12/24-word seed):

  1. Initialise the device in a private place, away from cameras.
  2. Write words in order with a pen on the official recovery card (or on plain paper if none supplied). Include the word index: 1., 2., 3., etc.
  3. Double-check spelling against the device, then repeat verification by restoring to a secondary device (test restore).
  4. Make at least two backups and store them in distinct secure locations (home safe + third-party safe deposit box).

Step by step: how to use metal backup plates:

  1. Transfer words to the plate respecting word order.
  2. Stamp/engrave each word with enough depth for future legibility.
  3. Photograph only after sealing (do not keep digital copies unless encrypted and segregated).
  4. Store plates separated by location and with strictly limited access.

How to setup a SLIP-39 Shamir backup (high level):

  1. Choose the number of shares and the threshold (e.g., 5 shares, threshold 3).
  2. Generate shares on the device or a trusted generator (device-based is safer).
  3. Record each share on a metal plate or paper, then store per your distribution policy.
  4. Test restore with the required threshold to ensure recoverability.

For device-specific setup tips, see nano-s-setup-step-by-step and setup-unboxing.

Passphrase (the "25th word"): advantages and risks

A passphrase (often called the 25th word) derives an additional secret on top of the BIP-39 seed. It offers plausible deniability and extra security. But there’s a catch: if you forget the passphrase, the funds are unrecoverable — not even the company can help.

If you use a passphrase:

  • Memorize it or use a secure, offline password manager for the hint (not the full passphrase).
  • Consider writing a legal-backed plan for inheritance (see legal-backup-considerations).

Multisig & advanced cold-storage strategies

Multisig reduces single-point-of-failure risk by requiring multiple independent keys to sign a transaction. Use multisig for larger holdings or corporate treasuries. It’s more complex but adds resilience: a stolen single seed phrase won’t allow funds to move without other cosigners.

If you’re curious, check multisig-setup and cold-storage-strategies for worked examples and configuration patterns.

Common mistakes, troubleshooting, and recovery links

Common mistakes I see in testing:

  • Buying devices from unofficial resellers (link: buying-safely-resellers).
  • Writing words without indices or with unclear handwriting.
  • Storing digital photos or cloud copies of the seed phrase.

If your device fails, contact recovery documentation and follow the guided restore (see restore-recover-wallet). For firmware integrity questions, read firmware-updates-bootloader and supply-chain-authenticity.

FAQ

Q: Can I recover my crypto if the device breaks?

A: Yes — if you have the correct seed phrase (and passphrase, if used). Use restore-recover-wallet or follow your wallet’s recovery instructions.

Q: What happens if the company goes bankrupt?

A: Nothing to your funds directly. Your seed phrase controls private keys; as long as you hold those words (and passphrase if used), you can restore in compatible wallets.

Q: Is Bluetooth safe for a hardware wallet?

A: Short answer: Bluetooth increases the attack surface compared with a USB-only, air-gapped flow. But with good device design and secure element protections, many Bluetooth implementations are acceptable for daily use. For high-value cold storage, prefer air-gapped signing or direct USB connections. See usb-otg-bluetooth and connectivity-security.

Q: How should I store my metal backup plates?

A: At least two geographically separated secure locations (home safe + bank safe deposit). Consider trusted custodians for one share if using SLIP-39.

Conclusion & next steps (CTA)

Seed phrase backup is not a single product choice; it’s a workflow. Pick a seed length (12 vs 24 words) that matches your threat model, choose a durable storage medium (metal for long-term), and consider SLIP-39 or multisig for distributed risk. Test restores — seriously, test them.

If you want practical setup steps next, follow the setup-guide and the how-to restore guide. For deeper reading on passphrases, see passphrase-25th-word. And if you’ve got more questions, check common-mistakes-best-practices and multisig-setup.

Safe storing — and test your restores before you need them.

Try Tangem secure wallet →