Using a Passphrase on Your Hardwallet: Unlocking Maximum Security
If you own a hardwallet but haven’t configured a passphrase yet, you’re not using the full potential of the security your device offers.
In this article, I’ll clarify everything you need to know about passphrases — what they are, how they can enhance your crypto security, how to set one up, and how to start using new wallet addresses with this added layer of protection.
What Is a Passphrase and Why Use It?
Setting up a passphrase provides an extra layer of protection to your wallet. It can also be used to create hidden wallet addresses on your hardwallet — useful for added privacy and security.
Before diving into passphrases, it’s essential to understand the concept of a seed phrase (also called a recovery phrase), which is often confused with a passphrase despite being fundamentally different.
The Seed Phrase: Your Wallet’s Backup
A seed phrase is a sequence of 12, 18, or 24 words used to recover your private key. Every time you create a new wallet, you're given a unique seed phrase, which you must securely store as a backup.
If your hardwallet is lost or damaged, you can restore access to your wallet — and your crypto — on another device using your seed phrase.
It’s important to note: your cryptocurrencies aren’t stored on the hardware device itself. They reside on the blockchain. Your seed phrase is a mnemonic that represents your private key, which is essentially an encrypted password that enables you to sign transactions.
Most hardwallets today follow the BIP-39 standard to generate seed phrases. This standard uses a list of 2,048 predefined words. The order of these words matters, and words can be repeated — allowing for an astronomical number of possible combinations.
Even though the BIP-39 standard makes it virtually impossible for even a supercomputer to guess your seed phrase, any non-zero risk should not be ignored — especially when your assets are at stake.
Enter the Passphrase: A 25th Word for True Security
That’s where the passphrase comes in.
A passphrase is essentially an additional word (or series of characters) that you add to your seed phrase. You can make it as long or as complex as you wish. Unlike the seed phrase, the passphrase does not come from a fixed wordlist—it can be anything you choose, making it significantly harder for attackers to guess.
By adding a passphrase, you're actually generating an entirely new private key and, therefore, a new public address—essentially creating a brand-new wallet. This “hidden” wallet won’t be accessible unless both the original seed phrase and the passphrase are known.
⚠️ Important: If you create a wallet using a passphrase, you will need both your 24-word seed phrase and your custom 25th word (the passphrase) to recover access. Without both pieces, the hidden wallet is lost.
Key Security Tip
This dual-key setup greatly improves your security. If someone gains access to your written-down seed phrase but not your passphrase, they won’t be able to access your hidden wallet and the funds stored there.
Security tip: Do not write your passphrase on the same piece of paper or metal plate as your seed phrase. Instead, store them separately to reduce risk.
Want to See How It Works?
To better understand how seed phrases and passphrases affect your private key and wallet addresses, visit these resources:
These tools allow you to visualize how the addition of a passphrase changes your private key and generates entirely new wallet addresses.
If you have any questions about setting up your passphrase on a hardwallet or want help securing your crypto assets, feel free to ask.
Comments ()