How to back up your recovery phrase safely? (Wallet Security)

Physical Storage Medium Selection

1. Metal seed phrase backups outperform paper in fire, water, and corrosion resistance. Stainless steel or titanium plates engraved with laser or stamping tools maintain legibility for decades without degradation.

2. Avoid laminated paper or plastic cards—these materials warp under heat and degrade when exposed to humidity over time.

3. Do not store recovery phrases on devices connected to the internet, including smartphones, laptops, or cloud-synced note apps—even encrypted ones carry firmware-level or API-based exposure risks.

4. Engraved metal backups must be stored in a dry, temperature-stable environment. Humidity above 60% RH accelerates oxidation in lower-grade alloys.

5. Never use inkjet or thermal printers for phrase transcription—the ink fades, smears, or vanishes under UV light or friction.

Geographic Distribution Strategy

1. Split the recovery phrase using Shamir’s Secret Sharing (SSS) with a threshold such as 3-of-5. Each share is physically isolated across non-overlapping jurisdictions.

2. Avoid storing multiple shares in the same building, safe deposit box facility, or residential property—even if vaults are rated for fire or flood.

3. Use tamper-evident packaging like sealed wax impressions or holographic security stickers when transferring shares to third-party custodians or trusted individuals.

4. Document custody locations with geotagged photos taken outside the storage site—not inside safes or vaults—to avoid exposing access vectors.

5. Maintain an offline master index listing only location identifiers (e.g., “Safe #7, Branch A”) without naming custodians or linking to real-world identities.

Human Factor Mitigation

1. Never verbalize the full phrase during setup, recovery, or discussion—even within private conversations. Use coded references like “the first five words” or “last three indices” when coordinating with auditors or heirs.

2. Train designated successors on air-gapped verification: they must confirm checksum validity using BIP-39 wordlist before attempting import into any wallet software.

3. Remove all digital footprints associated with phrase creation: delete browser history, terminal command logs, clipboard buffers, and temporary files generated by mnemonic generators.

4. Refrain from writing the phrase in native language scripts unless all involved parties possess identical BIP-39 wordlist versions—character set mismatches cause irreversible import failures.

5. Conduct annual physical integrity checks: inspect metal plates for scratches obscuring characters, verify alignment of multi-part engravings, and revalidate SSS share readability.

Cryptographic Augmentation Techniques

1. Apply passphrase protection (BIP-39 second factor) only after verifying that the target wallet firmware supports it—and confirm behavior via testnet recovery prior to mainnet use.

2. Avoid hashing or encrypting the phrase manually—custom transformations break deterministic derivation and eliminate cross-wallet compatibility.

3. When using hardware wallets, disable Bluetooth and NFC interfaces during seed entry to prevent side-channel leakage during manual input.

4. Validate entropy source integrity: if generating offline, verify the RNG used matches NIST SP 800-90A standards and reject outputs showing statistical bias in chi-square tests.

5. Never derive child keys or addresses before confirming the seed’s checksum—invalid seeds produce plausible but incorrect addresses leading to permanent fund loss.

Frequently Asked Questions

Q1: Can I store my recovery phrase in a password manager?Storing a recovery phrase in any password manager—local or cloud-based—is strongly discouraged. These tools are designed for credentials, not cryptographic seeds. Memory dumps, plugin vulnerabilities, or sync conflicts may expose the full phrase.

Q2: Is it safe to take a photo of my metal backup and save it offline?No. Digital images introduce metadata, compression artifacts, and potential thumbnail leaks. Even air-gapped storage can suffer from firmware-level exfiltration if the device was previously compromised.

Q3: What happens if I lose one SSS share?If your scheme uses a k-of-n threshold and you retain at least k shares, recovery remains possible. Losing more than (n−k) shares renders the original phrase cryptographically unrecoverable—no brute-force shortcut exists.

Q4: Should I write down the passphrase separately from the seed?Yes—but never adjacent to the seed. Store the passphrase on a distinct physical medium, in a separate location, and ensure no shared identifiers link the two. Its absence during recovery disables access entirely.