If you own cryptocurrency, your seed phrase is the master key to your funds. That simple string of words represents your private keys and therefore the ability to move coins. I learned this the hard way early on: a single moist night in a basement destroyed a paper backup and forced a restore from a secondary backup (yes, keep redundancies).
Good seed phrase management reduces single points of failure and addresses threats like physical damage, theft, social engineering, and human error. You can have a hardware wallet with a secure element and air-gapped signing, but if your recovery phrase is exposed, anything on that device becomes recoverable by someone else.
For a primer on how seed phrases are generated, see the seed phrase basics page.
BIP-39 seed phrase backup is the common standard most wallets use to encode entropy into human-readable words. But which length should you pick: 12 or 24 words?
Short answer: 24 words offers higher entropy. Longer answer: 12 words give roughly 128 bits of entropy while 24 words give roughly 256 bits, which translates to vastly higher brute-force resistance. Both are currently secure enough for practical purposes, but the 24-word seed is future-proofed against advances in computing (and against poor passphrase practices).
Which should you choose? Ask yourself: how much convenience are you willing to trade for additional cryptographic margin? For many people storing moderate amounts of crypto, a well-protected 12-word seed with good physical security is fine. For larger holdings, institutional custody, or inheritance plans, 24 words makes sense.
Want the full setup walkthrough? Follow the setup-ledger-step-by-step guide (or the device-specific setup guides linked there).
A passphrase is an additional secret you combine with your BIP-39 seed phrase to produce different wallets. Think of it as a hidden vault on top of your seed phrase. I use passphrases personally for a few small, high-value accounts where I want plausible deniability.
But there are serious risks. Lose the passphrase and the funds are gone forever. Store it with the seed phrase and you've defeated the purpose. So who should use a passphrase? Experienced users who can manage an off-device secret securely (and test recovery). If that sounds like more friction than you're comfortable with, don't use one.
Read the technical trade-offs in the passphrase-25th-word-guide.
Not all backups are equal. Here’s a concise feature comparison I use when advising friends.
| Method | Durability | Visibility / Theft Risk | Ease of Use | Recommended for |
|---|---|---|---|---|
| Paper (handwritten) | Low — vulnerable to water/fire | High if visible; easy to steal | Very easy | Beginners testing recoveries, short-term storage |
| Metal backup plates seed phrase | High — fire/water resistant | Lower if hidden; physical theft still possible | Moderate (requires tools or stamped plates) | Long-term storage, high-value holders |
| Plastic/cards (laminated) | Medium | Medium | Easy | Travel-ready but limited durability |
| Shamir/SLIP-39 shares | High (if distributed properly) | Lower single-point risk | Complex | Advanced users, multisig alternatives |
Metal backup plates seed phrase backups resist heat, water, and time in ways paper cannot. In my experience, a stamped stainless plate stored in a safe or bank deposit box reduces anxiety. And yes, metal plates are more expensive and require planning for what happens to the plate if you die.
For product-specific plate designs and how to mount a phrase securely, see seed-backup-plates.
Shamir's Secret Sharing (SLIP-39) lets you split a seed phrase into multiple shares where not every share is needed to reconstruct the original. For example, a 3-of-5 configuration requires any three shares to restore funds.
Why use it? It mitigates single-point failure (a single compromised backup doesn't give an attacker access). Why avoid it? It increases operational complexity and introduces new failure modes (lost shares). In my testing, SLIP-39 is excellent for estate planning when combined with clear recovery instructions.
See the technical guide: slip39-shamir-backup.
Multisig (multi-signature) spreads risk across multiple keys so one compromised signing device doesn't mean total loss. It is not a cure-all. Multisig requires compatible software and sometimes additional hardware, and it complicates routine withdrawals.
When is multisig worth it? For large balances and organizational treasuries. For everyday users, a hardened single-sig with geographically distributed metal backups is often a simpler trade-off.
If you want to explore multisig setups that pair well with hardware wallets, check multisig-for-ledger and cold-storage-strategies-single-vs-multisig.
But don't stop there: schedule a periodic check and confirm your firmware updates and firmware attestation steps via the firmware-update-guide and firmware-attestation (see the firmware verification procedures). Regular testing prevents surprises.
Common mistakes I still see:
What if the device is lost or the company goes bankrupt? Your seed phrase is the recovery path — not the company. So keep that phrase secure and test restores occasionally. See recover-if-device-lost and company-bankruptcy-what-happens for scenarios and steps.
Phishing attacks remain common. Always verify the app and the device screens match, and never enter your seed phrase into any website or app (seriously — never). For common phishing patterns and how to avoid them, read common-mistakes-phishing.
Seed phrase management is the foundation of self-custody. Protecting that phrase with thoughtful backups (metal backup plates seed phrase included), tested restores, and clear plans for inheritance or loss dramatically reduces risk. What I've found over years of testing is that redundancy plus simplicity beats clever but fragile setups.
Next steps I recommend: choose a backup medium, perform a test restore, and document emergency procedures (who to call, where backups are stored). If you want device-specific setup help, check the setup-ledger-step-by-step and restore-recovery-phrase pages. For deeper reading on passphrases and SLIP-39, see passphrase-25th-word-guide and slip39-shamir-backup.
If you want help planning a multisig or inheritance strategy, the cold-storage-strategies and multisig-for-ledger pages are practical next reads.
Stay practical. Test often. And keep your recovery phrase offline.