The "passphrase" (often called the 25th word) is an optional extra input that sits on top of your standard 24-word recovery phrase. Think of the 24 words as the master key to a safe deposit box. The passphrase is an additional tumbler added to that key. Together they produce a different set of private keys and therefore different accounts — often called hidden wallets.
In my experience, the passphrase is powerful. It creates a logical separation between wallets without changing your original recovery phrase. But it also adds human risk. Lose the passphrase and the funds derived from it are effectively unrecoverable (even with the 24-word recovery phrase).
For a deeper how-to, see the passphrase step-by-step guide and general passphrase guide.
At a technical level, the passphrase is an extra string fed into the BIP-39 seed generation process (BIP-39 defines how a recovery phrase becomes a seed). When you add a passphrase, the resulting seed is different and therefore derives a distinct set of private keys. The hardware wallet's secure element still stores and signs transactions, but the derived private keys depend on both the recovery phrase and that extra string.
This is why one seed phrase can produce many hidden accounts (one per passphrase). The concept is simple. The implications are not.
And yes, this feature is useful for experienced users who want an extra layer of separation. But it is not a substitute for safe backups.
Avoid these mistakes. See common mistakes and phishing and seed-phrase management for more.
If you want step-by-step screens and device-specific screens, follow the passphrase 25th-word guide and the general setup guide.
Multisig increases security by requiring multiple signatures to spend funds. Adding a passphrase to a single cosigner complicates the setup because each cosigner must derive the same multisig public keys. In practice that means either:
What I've found is that passphrases are more useful for single-signer self-custody than for everyday multisig setups. If you plan multisig, read multisig-for-ledger and multisig guide before adding passphrases.
Who should consider it:
Who should avoid it:
If you are new to hardware wallets, focus first on seed-phrase basics and standard backup workflows.
| Pros | Cons |
|---|---|
| Adds another layer of separation (hidden wallets) | Forgetting the passphrase means permanent loss |
| Enables plausible deniability in some scenarios | Makes recovery and multisig more complex |
| No change to the original recovery phrase | If stored together with recovery phrase, offers no extra protection |
| Can compartmentalize funds on one device | Host exposure if entered off-device |
Q: Can I recover my crypto if the device breaks? A: Yes — as long as you have the 24-word recovery phrase and the exact passphrase used to create the hidden wallet. Restore the 24 words to a new compatible hardware wallet (or a secure software wallet that supports passphrases) and enter the passphrase to recreate the same accounts. If you lose the passphrase, recovery is not possible. See recover if device lost.
Q: What happens if the company goes bankrupt? A: The hardware company’s financial status does not affect your private keys. With the recovery phrase and passphrase, you can restore to any compatible wallet. (Hardware vendors may stop producing updates, so consider firmware and long-term support policies; see firmware update guide and company bankruptcy what happens.)
Q: Is Bluetooth safe for a hardware wallet when using a passphrase? A: Bluetooth increases attack surface compared with a direct USB or air-gapped workflow. If you must use wireless, prefer on-device passphrase entry and keep firmware attestation current. For details, see bluetooth-usb-nfc-security and advanced air-gapped.
Q: What if I forget my passphrase? A: You cannot derive it from the recovery phrase. Losing it usually means permanent loss of funds in that hidden wallet. Test recovery procedures before moving significant balances.
A passphrase (the so-called 25th word) is a powerful tool that gives you extra separation and the ability to create hidden wallets, but it also introduces a hard-to-reverse single point of failure if mismanaged. In my testing, it offered clear operational benefits for experienced users who planned backups carefully. For most beginners, it adds unnecessary complexity.
If you plan to use a passphrase, follow the step-by-step guide, test restores, and store the passphrase separately from your recovery phrase. Start small and iterate. For practical walkthroughs and device-specific steps, read the full passphrase step-by-step guide and review seed-phrase management.
Want more device-specific notes or a walkthrough for your model? See model reviews and setup pages like /ledger-nano-s-review, /ledger-nano-x-review, and the firmware update guide to keep your device secure.