my-nano-x-wallet.com
Login
Independent review. This site is not the official website and is not affiliated with, endorsed by, or operated by the wallet vendor reviewed here. Never enter your seed phrase or private keys on any third-party site.

Passphrase (25th word) — Use cases, risks, and recovery

Nicole Castillo Nicole Castillo
Try Tangem secure wallet →

What is the passphrase (the “25th word”)?

The passphrase — often called the “25th word” on many hardware wallets — is an optional extra secret you add on top of your 12- or 24-word seed phrase (recovery phrase). Think of the seed phrase as the master key. The passphrase is a second, independent lock on the same safe. I use that analogy a lot.

Short and practical: the seed phrase alone produces one set of private keys. Add a passphrase and the same seed phrase produces a different set of private keys (a different wallet). This lets a single seed manage multiple wallets depending on the passphrase used.

(Yes — the passphrase is case-sensitive and space-sensitive. Treat it like an exact password.)

See also: Seed phrase management and Hidden wallets.

Try Tangem secure wallet →

How the passphrase works (plain language)

Under the hood, BIP-39 (the standard behind 12/24 seed phrases) accepts an optional passphrase that changes the derived master seed. You don’t have to memorize the algorithm. What matters is this: the passphrase is not stored on the device. Only you keep it. Lose it, and the alternative wallet created by that passphrase cannot be restored from the seed phrase alone.

Why does this matter? Because the passphrase gives you plausible deniability and the ability to segregate funds — but it also adds a single point of failure.

passphrase-derivation-diagram

Common use cases (when people enable it)

  • Hidden wallet (plausible deniability): create a wallet that only appears when a specific passphrase is entered. Useful if you want a decoy public wallet and a private one.
  • Segregation of funds: keep savings and spending pots separate without creating extra seed phrases.
  • Experimental accounts: access test accounts or DeFi addresses without changing your main seed phrase.
  • Additional security after a seed leak: if you believe the seed phrase might be known to others, a passphrase can protect a separate stash.

Concrete example: I use a passphrase for a small, private allocation that I check rarely. My main seed phrase is backed up in metal. The passphrase is recorded separately in a secure place (more on that below). And yes — that setup means two independent vaults from one seed.

Risks and trade-offs (what can go wrong)

  • Forgetting the passphrase = funds unrecoverable. This is the most common and most devastating risk. If you forget the exact string (capitalization, spaces), the derived wallet changes and your funds become inaccessible.
  • Typo or whitespace errors. Human error matters. Everyone types differently on phones and computers.
  • False sense of protection. A passphrase won’t protect you if the device firmware is compromised and the passphrase is captured when entered (rare, but possible). Use verified firmware and trusted hosts: see Firmware updates and verification and Security architecture.
  • Compatibility limitations. Not every wallet or tool supports passphrases in the same way. Restoring on different software can produce surprising address differences. Check compatibility before relying on it (see passphrase usage).
  • Operational risk in inheritance. If heirs only have the seed phrase but not the passphrase, they lose access to passphrase-protected funds. Plan ahead (see inheritance planning).

But should you avoid passphrases because of the risks? Not necessarily. It depends on goals and operational discipline.

Step-by-step: recovering a passphrase-protected wallet

How to restore if your device breaks but you remembered the passphrase:

  1. Obtain a compatible wallet that supports BIP-39 plus passphrases (hardware or software). Check compatibility first. (Yes, check.)
  2. Choose the option to restore from a 12/24-word seed phrase. Enter the seed phrase exactly.
  3. When prompted, enter the passphrase exactly as it was recorded (case and spaces count). If the wallet asks to enable "passphrase" mode, enable it first.
  4. Verify the derived addresses match what you expect (look at the first few receiving addresses).
  5. Move a small test amount first, to be sure everything is right.

If you cannot remember the passphrase: you can attempt controlled reconstruction (notes, partial clues, known patterns). But brute-forcing complex passphrases is impractical. Consider professional help only if funds justify the cost.

Related pages: Restore & recovery guide and Recover if broken.

Passphrase best practices

  • Treat the passphrase as a second private key. Store it separately from the seed phrase. Do not store both in the same place.
  • Use a format that is both strong and recoverable by you. I prefer a short sentence or a combination of unrelated words rather than a single dictionary word.
  • Prefer metal backup plates or other fireproof, durable media for long-term storage. Paper tears, ink fades.
  • Consider splitting the passphrase into physical shares (geographic distribution) if the phrase is long and your child/attorney needs to recover it later (see geo-distribution-storage).
  • Test restores on a new device before you move large sums. This is non-negotiable.

And do a periodic review of your backups (every 12 months is reasonable).

Passphrase vs seed phrase (quick comparison)

Feature Seed phrase (12/24 words) Passphrase (25th word)
Primary role Master recovery of private keys Optional extra secret that creates alternate wallets
Recoverable if lost Not without a backup Not (even with seed)
Stored on device? No No
Use cases Standard recovery across wallets Hidden wallets, segregation, plausible deniability
Recommended backup Durable metal backup for seed phrase Separate backup (different location)

(Short table. Read the sections above for nuance.)

Passphrase vs multi-signature (which to choose?)

A passphrase is single-device, single-secret security. Multi-signature spreads trust across multiple keys (multiple people or devices). Which is better? It depends on what you want.

  • Need shared control or resilience against single-person error? Multi-signature is often safer.
  • Want a quick, private extra lock tied to one person? Passphrase is convenient.

In my experience, long-term self-custody for large amounts benefits from multi-signature setups. But that requires more operational complexity (key distribution, signing policy). See multisig setup compatibility and cold storage strategies.

Common mistakes, inheritance, and final thoughts

Common mistakes I see in my testing and community work:

  • Storing seed phrase and passphrase together in one safe. (Don’t.)
  • Assuming passphrase is backed up by the company or the device. It isn’t.
  • Forgetting to test restores on another device.
  • Using overly complex passphrases without any recovery clue for heirs.

Who should use a passphrase?

  • People who want an additional, private wallet without creating another seed phrase. Good for advanced users who keep disciplined backups.

Who should avoid it?

  • Beginners or anyone who isn’t willing to manage a second secret. If you can’t guarantee secure storage and recovery, do not enable a passphrase for significant funds.

Final thoughts: a passphrase is a powerful tool when used carefully. It gives extra control but shifts responsibility squarely to you. I believe that for serious self-custody users, the passphrase can be part of a layered security strategy — alongside durable seed backups, tested restores, and (for large holdings) multi-signature setups.

FAQ

Q: Can I recover my crypto if the device breaks?

A: Yes, if you have the seed phrase and the passphrase (if one was used). Restore on a compatible device and enter both exactly. If you lost the passphrase, recovery is effectively impossible.

Q: What happens if the company behind my hardware wallet goes bankrupt?

A: Your seed phrase and passphrase are independent of the company. As long as you have both and compatible tooling exists, you can restore. See company bankrupt for planning tips.

Q: Is Bluetooth safe for entering a passphrase?

A: Bluetooth adds potential attack surfaces. If you regularly enter passphrases on a phone via Bluetooth, keep firmware current and avoid untrusted environments. For the highest security, use a fully air-gapped workflow.

Final thoughts: use the passphrase intentionally, test restores, and separate backups. If you want setup walkthroughs and step-by-step recovery examples, see first-time setup, passphrase usage, and how to update firmware steps.

Call to action: review your current backup plan today. Test a restore with a small amount, and update your inheritance plan so heirs can find both seed phrase and passphrase if needed.

Try Tangem secure wallet →