Passphrase (25th word) explained: benefits and risks
What is the passphrase (25th word)?
The "passphrase" (often called the 25th word) is an optional extra input that sits on top of your standard 24-word recovery phrase. Think of the 24 words as the master key to a safe deposit box. The passphrase is an additional tumbler added to that key. Together they produce a different set of private keys and therefore different accounts — often called hidden wallets.
In my experience, the passphrase is powerful. It creates a logical separation between wallets without changing your original recovery phrase. But it also adds human risk. Lose the passphrase and the funds derived from it are effectively unrecoverable (even with the 24-word recovery phrase).
For a deeper how-to, see the passphrase step-by-step guide and general passphrase guide.
How the passphrase changes key derivation (technical)
At a technical level, the passphrase is an extra string fed into the BIP-39 seed generation process (BIP-39 defines how a recovery phrase becomes a seed). When you add a passphrase, the resulting seed is different and therefore derives a distinct set of private keys. The hardware wallet's secure element still stores and signs transactions, but the derived private keys depend on both the recovery phrase and that extra string.
This is why one seed phrase can produce many hidden accounts (one per passphrase). The concept is simple. The implications are not.
Benefits: why some users add a passphrase / hidden wallet
- Plausible deniability: You can reveal the 24-word recovery phrase without revealing the passphrase, showing a wallet that appears empty (though legal and coercion risks remain).
- Compartmentalization: Separate long-term cold wallet holdings from day-to-day funds. I used this to keep long-term holdings offline and only expose a small hot-like balance for spending.
- Multiple logical wallets: One physical device, many wallets — useful for family accounts or business segregation.
And yes, this feature is useful for experienced users who want an extra layer of separation. But it is not a substitute for safe backups.
Risks and common failure modes
- Single point of loss. If you forget the passphrase, recovery is impossible. No support team can restore it. Short sentence. Very painful outcome.
- Poor storage practices. Storing the passphrase with the recovery phrase (same envelope, same file) defeats the purpose. Keep them physically separate.
- Host exposure. If you enter the passphrase into a computer or mobile app (rather than on-device), that host could capture it (malware, keyloggers, clipboard leaks). On-device entry is safer where available.
- Complexity with multisig and third-party wallets. A passphrase changes derivation paths and can break compatibility unless every cosigner uses the same passphrase setup.
- False sense of protection. Plausible deniability works only to an extent; legal compulsion, metadata, or transaction history can still link you to funds.
Avoid these mistakes. See common mistakes and phishing and seed-phrase management for more.
Step by step: using a passphrase safely (how to)
- Decide why you need it. Separate funds? Plausible deniability? Multisig? If the reason is unclear, skip it.
- Choose where the passphrase will be entered (on-device preferred). Entering it on-device prevents the host from seeing it.
- Pick a strong passphrase. Long, unique, and not guessable. Consider combining words and symbols.
- Create a secure backup of the passphrase separate from the recovery phrase (metal plate, secure safe). See seed backup plates.
- Test with a tiny amount first. Send a small transaction to the hidden wallet and recover it via a new device using the 24-word recovery phrase + passphrase (test the full restore process).
- Document your recovery plan and ensure trusted parties know how to access inheritance instructions (if relevant).
If you want step-by-step screens and device-specific screens, follow the passphrase 25th-word guide and the general setup guide.
Passphrase and multisig: compatibility considerations
Multisig increases security by requiring multiple signatures to spend funds. Adding a passphrase to a single cosigner complicates the setup because each cosigner must derive the same multisig public keys. In practice that means either:
- All cosigners agree on a shared passphrase (operationally risky), or
- Avoid using per-device passphrases and rely on standard multisig derivation instead.
What I've found is that passphrases are more useful for single-signer self-custody than for everyday multisig setups. If you plan multisig, read multisig-for-ledger and multisig guide before adding passphrases.
Who should use a ledger passphrase — and who should look elsewhere
Who should consider it:
- Experienced self-custody users who understand backup discipline.
- People who want to separate funds logically on one device.
- Users with a tested inheritance plan that accounts for passphrase storage.
Who should avoid it:
- Beginners who haven’t practiced restores.
- People who habitually store recovery material together or in the cloud.
- Anyone who needs simple multisig without extra operational overhead.
If you are new to hardware wallets, focus first on seed-phrase basics and standard backup workflows.
Pros & cons at a glance
| Pros |
Cons |
| Adds another layer of separation (hidden wallets) |
Forgetting the passphrase means permanent loss |
| Enables plausible deniability in some scenarios |
Makes recovery and multisig more complex |
| No change to the original recovery phrase |
If stored together with recovery phrase, offers no extra protection |
| Can compartmentalize funds on one device |
Host exposure if entered off-device |
FAQ
Q: Can I recover my crypto if the device breaks?
A: Yes — as long as you have the 24-word recovery phrase and the exact passphrase used to create the hidden wallet. Restore the 24 words to a new compatible hardware wallet (or a secure software wallet that supports passphrases) and enter the passphrase to recreate the same accounts. If you lose the passphrase, recovery is not possible. See recover if device lost.
Q: What happens if the company goes bankrupt?
A: The hardware company’s financial status does not affect your private keys. With the recovery phrase and passphrase, you can restore to any compatible wallet. (Hardware vendors may stop producing updates, so consider firmware and long-term support policies; see firmware update guide and company bankruptcy what happens.)
Q: Is Bluetooth safe for a hardware wallet when using a passphrase?
A: Bluetooth increases attack surface compared with a direct USB or air-gapped workflow. If you must use wireless, prefer on-device passphrase entry and keep firmware attestation current. For details, see bluetooth-usb-nfc-security and advanced air-gapped.
Q: What if I forget my passphrase?
A: You cannot derive it from the recovery phrase. Losing it usually means permanent loss of funds in that hidden wallet. Test recovery procedures before moving significant balances.
Conclusion and next steps
A passphrase (the so-called 25th word) is a powerful tool that gives you extra separation and the ability to create hidden wallets, but it also introduces a hard-to-reverse single point of failure if mismanaged. In my testing, it offered clear operational benefits for experienced users who planned backups carefully. For most beginners, it adds unnecessary complexity.
If you plan to use a passphrase, follow the step-by-step guide, test restores, and store the passphrase separately from your recovery phrase. Start small and iterate. For practical walkthroughs and device-specific steps, read the full passphrase step-by-step guide and review seed-phrase management.
Want more device-specific notes or a walkthrough for your model? See model reviews and setup pages like /ledger-nano-s-review, /ledger-nano-x-review, and the firmware update guide to keep your device secure.
