How to Keep A Hardware Wallet Safe In 2023 (11 BEST Practices)

A hardware wallet device in front of a lock.

If you understand the importance of securely storing your crypto assets then you’ve likely turned to a hardware wallet as your storage solution. The only problem is that too many people believe just because you use one of these wallets, you’re safe from scams and other threats. This is far from the truth.

For it to be effective, you must know how to keep a hardware wallet safe. Here are my 11 best practices to ensure you’re using your cold-storage device as securely as possible

How to Keep A Hardware Wallet Safe

1. Only purchase your wallet from a trusted seller

Proper wallet security starts the moment you buy your wallet. Purchasing your wallet from a trusted source is the only way to ensure you receive a device that’s authentic and not tampered with.

The best place to purchase any hardware wallet is directly from the manufactures’ website. Even though companies like Ledger have approved resellers, I still prefer to use the brand’s official website to make my purchases. 

Speaking of brands, purchasing your wallet from a brand you can trust is critical to ensure you’re starting off on the right foot.

From what I can tell and from my own experience, there are two hardware wallet manufacturers that a majority of the crypto community trusts, and that’s Ledger and Trezor.

Both companies have a solid reputation in the industry and have been making security devices for years without any major issues or concerns. I use Ledger myself.

2. Don’t tell anyone about your hardware wallet

The rules of hardware wallets—a tribute to the move Fight Club.

The first rule about using a hardware wallet is you do not tell anyone about your hardware wallet (I know, I broke this rule already). People are more likely to attempt to steal your assets if they know how you store them.

That said, this goes for both online and in-person acquaintances. Whether someone wants to steal your hardware wallet in person or attempt to hack your wallet over the internet, letting others know what you have is just asking for trouble.

The better option is to stay quiet, and don’t tell anyone about your investments or how you secure them. This can be hard in the Web3 space, especially considering how common (in some cases even encouraged) it is to flex your collection.

Again, the less others know about your financial situation, the more secure you and your assets remain.

3. Never share your wallet’s secret phrase

This is a no-brainer. Sharing your wallet’s secret phrase is the equivalent of passing out your bank account and routing number—you shouldn’t do it. 

I’d even argue that you should protect your secret phrase more than your bank account info as there are certain scenarios when providing your bank account details is required (such as setting up direct deposit).

However, there is never a scenario where you should share your wallet’s secret phrase. Your secret phrase is the literal key to your crypto assets. Sharing your key with someone grants them complete control over your digital assets. 

So unless you want someone else to have control over your wallet, never share your secret phrase.

4. Store your secret phrase in a secure location

Since you know just how important your wallet’s secret phrase is, you understand why it’s crucial to keep it in a secure location away from potential dangers.

There are a couple of key things to consider when storing your secret phrase.

  • Use a physical storage solution: Consider using a physical storage solution such as a fireproof safe and a metal backup plate (it’s much better than paper) to store your secret phrase. These solutions can provide extra protection against fire, flood, and other disasters.
  • Store multiple copies: Consider making multiple copies of your secret phrase and storing them in different locations. This can provide an extra layer of protection in case one copy is lost or stolen.

Here are a few examples of insecure methods for storing your secret phrase:

  • Storing it on your computer: Storing your secret phrase on your computer, either as a file or in a password manager, can be risky because your computer is vulnerable to online threats such as hacking and malware.
  • Emailing it to yourself: Emailing your secret phrase to yourself may seem like a simple way to keep a copy, but it’s not secure. Your email account could be hacked, or the email could be intercepted by a third party.
  • Storing it in a wallet: Storing your secret phrase in a wallet (a normal fiat wallet, not a crypto wallet) may seem like a convenient way to keep it with you at all times, but it’s not secure. Wallets can be lost or stolen, and it’s important to ensure that your secret phrase is not accessible to anyone else.

5. Use one hardware wallet solely for storage

Using a single hardware wallet for storage is important because it helps to ensure the security and integrity of your digital assets. 

By using a dedicated hardware wallet and using either a separate hardware wallet or even a software wallet like MetaMask for transactions, you can further protect your assets from potential threats.

It’s still possible to get scammed using a hardware wallet. Hence if you keep all your assets on one wallet that’s never used to transact, you greatly reduce the likelihood that your device and the assets on it could be hacked.

6. Use a strong, unique password for your wallet

Setting a strong password is an important step in securely using a hardware wallet. A strong password is a unique, complex combination of letters, numbers, and special characters that’s difficult for others to guess or brute force.

Here are some tips for creating a strong password:

  • Make it long: The longer the password, the harder it is to guess. Aim for at least 12 characters, but even longer is even better.
  • Use a combination of letters, numbers, and special characters: Mixing up different types of characters makes it harder for a hacker to guess your password.
  • Avoid using personal information: Don’t use your name, address, phone number, or other personal information in your password. This information can be easily found online or guessed by someone who knows you.
  • Don’t use the same password for multiple accounts: Using the same password for multiple accounts increases the risk of your password being compromised. If one account is hacked, the hacker will have access to all of your accounts (yikes).

7. Update the firmware on your hardware wallet regularly

Firmware is software that runs on the device and controls its functions. It’s often updated to fix bugs and improve the performance of the device—hence keeping your wallet functioning how it should.

There are numerous benefits to keeping your wallet’s firmware up to date including:

  • Security patches: Manufacturers release firmware updates to fix security vulnerabilities and protect against hacking and other cyber attacks. By keeping your firmware up to date, you can help ensure that your hardware wallet is secure.
  • New features: Firmware updates may also include new features or improvements to the device. Keeping your firmware up to date will allow you to take advantage of these improvements and make the most of your hardware wallet.
  • Compatibility: Some software or services may require a specific version of firmware in order to work properly. You can ensure that your hardware wallet is compatible with the software and services you use by updating it regularly.

To keep your hardware wallet’s firmware up to date, you’ll need to follow the manufacturer’s instructions. This typically involves downloading the latest firmware from the manufacturer’s website and installing it on your device. 

It’s important to only download firmware from a trusted source otherwise you risk installing firmware with potentially malicious intent.

8. Avoid using an insecure internet connection

Using an insecure internet connection, such as a public WiFi network, exposes your device and any sensitive information you transmit over the internet to potential eavesdroppers and hackers. 

When using a hardware wallet, it’s important to use a secure, private network, such as a personal hotspot or a home network to ensure that your transactions and sensitive information are protected from third-party interference.

If you have to use a public wifi network, at least use a virtual private network (VPN) to encrypt it and keep potential eyes off of whatever it is that you’re doing.

Even at home on my secure network, I utilize VPN software for an added layer of security. I recommend you do the same. 

I use Proton VPN as it’s super simple, secure, and works without any issues on both my computer and phone.

9. Only trust what you see on your hardware wallet

Generally, when you go to make a transaction using your wallet the information regarding the transaction is displayed on your computer. Do NOT trust this info! This is known as blind signing and puts your wallet at risk of being compromised.

Instead, only trust what you see displayed on your hardware wallet. This includes verifying the recipient’s address as well as what you’re sending, along with any other transaction details before confirming the transaction.

This helps ensure that your assets are protected and that you’re making accurate and secure transactions. 

10. Always disconnect your hardware wallet from any sites

It’s important to always disconnect your hardware wallet from any sites when you’re finished using it. This includes websites, decentralized apps, or other online platforms that you may have connected your hardware wallet to.

Before disconnecting your hardware wallet, make sure to disconnect it from the internet. This can help prevent any unauthorized access to your private keys.

Each hardware wallet is different, so it’s important to follow the manufacturer’s instructions for safely disconnecting your hardware wallet.

This typically involves selecting a specific menu option to easily disconnect from the site.

11. Keep your hardware wallet hidden and secured

A Sentry safe used for storing my hardware wallet.

There are several reasons why it’s important to keep your hardware wallet in a safe and secure location. One reason is to prevent it from being lost or stolen. 

If your hardware wallet is lost or stolen, you could lose access to your digital assets, which could be financially devastating (assuming you also lose your recovery phrase).

There are several potential secure locations for your hardware wallet. One of the best options is to keep it in a safe, such as a traditional safe with a lock or a digital combo that can be accessed using the set numbers.

Safes provide a high level of security, as they are difficult to break into and are designed to protect valuables from theft as well as other types of loss including fire, flood, and other harsh elements.

Another option is to use a lockbox or other type of secure storage container.

When choosing a location for your hardware wallet, it’s important to consider the level of security and accessibility.

You want to choose a location that’s secure and not easily accessible to others, but also easy for you to access when you need to use it.

If you’re someone who hasn’t yet purchased a hardware wallet to protect your blockchain-based assets and you’re simply doing some research, check out this article that will help you determine if you need a hardware wallet or not using a simple formula.

Alex Gomez

Alex is a professional writer and the creator of Cyber Scrilla. His passion for Web3 and blockchain tech comes from years of experience in the space as an investor and collector. He previously worked for Gary Vaynerchuk as his NFT Editor at ONE37pm and still contributes to this day.

Recent Posts