How to store crypto safely: wallets and seed phrases

The number one rule in crypto: not your keys, not your coins. When you leave crypto on an exchange, you're trusting that company with your assets — and exchanges get hacked, go bankrupt, or freeze withdrawals. Self-custody means holding your own private keys. It's a responsibility, but also a superpower. This guide explains how to do it safely.

Hot vs cold wallets

A "wallet" in crypto doesn't store coins — it stores private keys. Your coins exist on the blockchain; the wallet just proves you own them. Hot wallets are software applications (MetaMask, Trust Wallet, Coinbase Wallet) that run on your phone or computer — always connected to the internet. They're free, convenient, and great for actively using DeFi or making frequent transactions. But an internet-connected device can be compromised by malware, phishing sites, or browser extensions.

Cold wallets (hardware wallets) are physical devices — essentially USB drives with a secure chip — that store your private keys completely offline. When you sign a transaction, the signing happens inside the device and the private key never touches your computer. Even if your computer is completely compromised by malware, your hardware wallet cannot be remotely drained. The tradeoff is cost ($50–200) and the extra steps required for each transaction.

The standard recommendation: use a hot wallet for everyday DeFi activity with funds you can afford to lose, and a hardware wallet for long-term holdings. Never store more than you'd put in a physical wallet on a hot wallet.

The seed phrase: your master key

When you create any crypto wallet, it generates a seed phrase — a sequence of 12 or 24 common English words drawn from a standardized list of 2,048. This phrase is the mathematical root from which all your private keys are derived. Lose the device but keep the seed phrase, and you recover everything. Lose the seed phrase and lose the device, and your funds are gone forever — no customer support, no password reset, no recovery.

The seed phrase must be written down immediately on paper (the wallet will show it only once) and stored physically. Best practices: use a fireproof metal seed phrase backup product (like Cryptosteel or Bilodeau), store a copy at home and another in a bank safety deposit box or trusted location, and never photograph it, type it into any device, or store it in cloud services like Google Drive or iCloud.

"Your seed phrase is worth exactly as much as your entire crypto portfolio. Treat it accordingly."— Ledger Security Team

Hardware wallet setup

Setting up a Ledger or Trezor takes about 20 minutes. First, buy directly from the manufacturer — never from eBay or Amazon third-party sellers (pre-configured devices with pre-known seed phrases are a scam). When the device arrives, the setup process will generate a new seed phrase on the device itself (the manufacturer never sees it). Write it down during setup. Then install the companion software (Ledger Live or Trezor Suite), add the coins you want to hold, and transfer your crypto from the exchange to your hardware wallet address.

Always verify the receiving address on the hardware wallet's screen — not just on your computer. Clipboard-hijacking malware can replace a copied address with the attacker's address. Your hardware wallet's screen is the source of truth.

Common security mistakes

The most common way people lose crypto isn't hacking — it's human error. Entering seed phrases into websites ("verify your wallet," "claim your airdrop") is the number one attack vector. Legitimate wallet software and websites will never ask for your seed phrase. Another common mistake: using the same password across exchange accounts. A breach at one exchange can compromise all others. Use a password manager and unique passwords everywhere. Finally, never share screenshots of your portfolio — metadata in images can reveal information, and knowing your holdings makes you a target for social engineering.