As a long-time crypto enthusiast, something I often come across is that many people still don’t realize how to properly store their recovery phrase, which puts their crypto assets at risk.
In short, in the crypto space, your recovery phrase, also known as your seed phrase, is your life. If you lose your recovery phrase or someone steals it, you lose all of your assets.
For the sake of simplicity, and because it’s what really matters here, I won’t focus on the deepest technicalities. Instead, let’s look at what this recovery phrase is for and how you should treat it.
What are the words recovery or recovery freeze?
What you really need to understand is that your recovery phrase is the source of all your private keys and public addresses. This means that anyone who has access to your recovery phrase can move your funds at any time.
A recovery phrase, also known as a seed phrase, is a set of 8, 12, or 24 dictionary words. The number of words depends on the standard used.
These words are used to generate a set of private and public keys that will always be associated with those words. This is because the keys are deterministically generated.
This means that if you lose your wallet (software or hardware), as long as you have your recovery phrase, you can always regenerate your keys.
Initializing a new wallet with your recovery phrase will calculate the same keys as the wallet you lost, giving you access to your funds.
In order to decide how to securely store and protect your seed phrase, you first need to understand yourself and your threat model.
What are you trying to protect your crypto from? Yourself or others?
Basic backup
When you initialize a new wallet, it will show you a set of (12 or 24) words that act as your backup.
The most important thing you do here is to store those words carefully.
Usually, you will be prompted to set a password or PIN. This is to encrypt the recovery phrase on your device. If you lose this encryption password, you can still recover your wallet as long as you have the recovery phrase.
Therefore, the most important thing is the recovery phrase, not the password.
You must write down your recovery phrase and store it in a safe place. Remember, anyone who has access to that recovery phrase can move your funds at any time.
By all means, don’t think you can just keep it in your mind and memorize it. This is the worst strategy because people easily lose their memory. If you forget your seed, you will kiss your crypto goodbye forever.
So, just use a piece of paper and write down those words in the exact order they are shown to you. Two backups are better than one.
Never store your recovery phrase digitally.
First of all, it is dangerous to expose it through internet-connected devices due to all kinds of online threats (malware, keyloggers, remote hacker attacks, etc.).
Especially if you use a hardware wallet, never store your seed electronically, otherwise you will defeat its purpose. Hardware wallets are designed to never expose private keys outside of the device.
Additionally, digital media (such as USB sticks) can easily break due to accidents or electrical charges.
Finally, never share your recovery phrase with anyone, except for people you really trust, such as your spouse or children.
Distributed backup
If you can’t find a safe place to store your backup, or if you’re afraid it might be stolen, you might decide to split your backup into multiple parts and store them in different locations.
Let’s take a 24-word recovery phrase as an example. You could split it into 3 groups of 8 words each and store them in three different locations.
The problem with this is that you increase the risk of losing your crypto. If you lose even one piece, you will no longer be able to recover your crypto.
That’s why there is a more secure alternative, which is to split the backup into three parts, but you only need two out of three parts to recover your wallet.
Let me explain in a simpler way that I know.
If your recovery phrase only consists of three words (A, B, C), you would create a first backup of A-B, a second backup of A-C, and a third backup of B-C. By taking any two of these copies, you can reconstruct the complete phrase A-B-C.
Password trick
You might be forced to store your recovery phrase in an insecure location, such as your home that you share with roommates you don’t trust.
In this case, you can decide to use a passphrase.
This is an additional word that you add to your recovery phrase. For 24-word recovery phrases, the passphrase is known as the 25th word.
By adding an extra word to your seed, you can have a new set of accounts that are completely separate from the accounts generated by the original seed (the original words without the passphrase).
Let’s break it down further, assuming we have a 24-word recovery phrase:
- If we enter the 24 words into our wallet, we will have a specific set of private and public keys.
- Now, if you randomly place a word between these words, no one can figure out what your original words were or in what order they were.
Alright, here’s what you need to do: Only keep your crypto in accounts created using the 24 words + passphrase (case 2).
This is because even if an attacker can see or find your recovery phrase, they won’t be able to steal your crypto unless they also have the passphrase.
Do not store your passphrase only on digital media, as it can be corrupted. Use a piece of paper at least, and make multiple backups.
Never lose your passphrase, or your crypto will be lost forever. Therefore, be very careful about storing your passphrase properly.
Keep in mind that all passphrases are valid. If you make a typo, you will see a different set of accounts. If this happens, just try again and enter the correct passphrase without worry.
Each passphrase creates a unique set of private keys and public keys.
You can choose any combination of letters, numbers, and symbols as your passphrase, but you should choose a complex passphrase that is impossible to guess. It should also be resistant to brute force attacks.
Backup in steel protector
Writing on paper is a common task, but over time, paper sheets may get corroded or torn, or damaged in some places, or the writings on paper may fade over time.
Paper backup is not even resistant to accidental incidents. For example, your backup could be lost or irreversibly damaged in the event of a fire, flood, or earthquake.
For this reason, you may prefer to use steel and steel-based backup solutions instead of paper backups.
The tool I tested earlier is “Crypto Steel Capsule” by Ledger.
It is a pocket solution made of 303 and 304 stainless steel, which makes it fireproof up to 1400°C / 2500°F. It is also shockproof and waterproof up to a pressure of 150,000 newtons.
It is easy to use. You must include the first 4 letters of each word using separators in the kernel.
In addition to the crypto capsule, there is also the Steel Cipher Safe Paul, which you can order one of these two products by doing research.
Frequently asked questions about retrieval words