What is a passphrase in crypto? If you've set up a real hardware wallet, you've probably been asked whether you want to add one. Most people skip the option and never think about it again. The setting is buried in advanced menus, the explanation is vague, and the consequences of getting it wrong are scary.

This is a plain-English explainer for what a passphrase is in crypto, what it does, when you should use one, and what the trade-offs look like.

The short version first

A passphrase is an extra word or sentence you add on top of your seed phrase when you set up a crypto wallet. Together, the seed phrase plus the passphrase produce a different set of wallet addresses than the seed phrase alone. Think of it as a password but for your seed phrase.

It's the equivalent of a 25th word in a 24-word seed, except you choose it yourself.

If somebody finds your seed phrase but doesn't know your passphrase, they can't access the funds in your real wallet. They might find an empty wallet or a "decoy" wallet, depending on how you set things up.

That's the upside. The downside is that if you forget your passphrase, your funds are gone. The seed phrase alone won't recover them.

What a passphrase is technically

In wallets that follow the BIP39 standard (which is most of them), the seed phrase is a human-readable encoding of a 256-bit secret. That secret gets fed through a key-derivation function called PBKDF2, which mixes it with an optional "salt" parameter to produce the master private key.

The salt is what BIP39 calls the passphrase. By default, the passphrase is empty. When you set one, PBKDF2 mixes it with your seed phrase before producing the master key.

The result is that the same seed phrase plus two different passphrases produce two completely different wallets, with different addresses, different balances, and different transaction histories. There's no way for an outside observer (or an attacker who has only the seed) to know how many wallets exist behind a given seed.

This is why people sometimes call the passphrase "plausible deniability." Somebody who steals your seed phrase has no way to prove that the wallet they recovered (the empty one with no passphrase) is the only wallet on that seed.

When a passphrase helps

A passphrase helps in two specific scenarios.

Coercion attacks. Sometimes called "the $5 wrench attack." If someone is forcing you to hand over your wallet, you can hand over the seed phrase that opens an empty or low-value wallet, and your real holdings stay invisible behind a passphrase you don't disclose.

Backup compromise. If your seed phrase backup gets discovered (a roommate finds it, somebody breaks in and copies the steel plate, a family member sees it during cleanup), the passphrase prevents the discovery from translating into stolen funds.

A passphrase doesn't help if your wallet is compromised at sign time, if your phone is infected with malware, or if you sign a malicious transaction yourself. Those are different problems.

When a passphrase hurts

The trade-off is that the passphrase becomes the single most important secret in your custody setup, and it's not written on the seed plate.

If you forget the passphrase, your funds are gone. The seed phrase alone produces a different (empty) wallet. There's no recovery mechanism, no support line, no reset.

This is why a lot of well-meaning passphrase setups go wrong:

  • People pick a passphrase that "they'll remember" and forget it within 18 months.
  • They write it on a sticky note that gets lost.
  • They mistype it during setup (BIP39 passphrases are case-sensitive and whitespace-sensitive) and never know that the wallet they backed up isn't the one they're using.
  • They use one passphrase across many wallets, defeating the deniability argument.

If you're going to use a passphrase, you need a backup plan for the passphrase itself that's at least as durable as the backup plan for the seed phrase. And the two backups should never live in the same place.

How wallets handle passphrases

Different wallets handle the passphrase prompt differently.

Some wallets prompt for the passphrase every time you connect the device. You type it on the host computer or directly on the device.

Other wallets store the passphrase encrypted on the device, so you don't have to retype it every time. The trade-off is that the device now contains both halves of the secret.

Some wallets also allow multiple passphrases on the same seed, letting you maintain several "hidden" wallets simultaneously. Each is its own keyspace.

The right choice depends on how often you sign and how comfortable you are typing the passphrase. For a long-term holder, the per-session prompt is fine. For an active trader, it gets tiresome fast.

Practical guidance

If you're new to self-custody, skip the passphrase. The risk of losing your funds to a forgotten passphrase outweighs the risk of someone discovering your seed phrase backup, especially in your first year. Get good at the basics first.

If you've been holding for a while and your stack is large enough that coercion is a real concern, the passphrase is worth setting up. Pick something long, written down in a separate location from your seed plate, and verified at setup time.

A few rules of thumb:

  • Pick a passphrase you didn't generate from a wallet's "suggest" feature. Use a high-entropy phrase you control.
  • Test recovery before you fund the wallet. Restore the wallet from seed plus passphrase on a fresh device and confirm the address matches.
  • Store the passphrase in a separate location from the seed phrase. The whole point of the passphrase is that finding the seed alone doesn't unlock the funds.
  • Never put the passphrase in the same password manager or cloud note as anything else recoverable from your phone or laptop.

Where self custody comes in

A passphrase is a powerful tool that solves a specific problem (backup compromise and coercion) and creates a different problem (the user is now responsible for a second secret with no recovery path).

We built Ryder One around the same threat model the passphrase tries to address, but without forcing the user to remember a second secret. TapSafe Recovery splits the wallet backup across a battery-free Recovery Tag, your phone, and an optional circle of Recovery Contacts. A thief who finds one piece can't unlock anything. A you who forgets one factor can recover with the others.

A stamped steel plate is more durable than paper, but it's still one piece of metal carrying the entire backup. The passphrase tries to fix that by adding a secret you have to remember. TapSafe fixes it by splitting the backup across components no single attacker can collect, and no single mistake can wipe out.

The seed phrase is still on-device as a last resort, so you can use a passphrase the standard way if you want to. You're never locked in.

The short version

A passphrase is a 25th word you add to your seed phrase. It produces a different wallet, hides your real holdings from anyone who finds the seed, and removes the single-point-of-failure that comes with backing up only on metal.

The cost is that you now have a second secret to remember and back up. Get it wrong and the funds are gone.

For most people new to self-custody, the passphrase isn't worth it yet. For long-term holders with significant holdings, it's a tool worth understanding.

Meet Ryder One
Meet Ryder One

The only crypto wallet you can install on a crowded subway.
Set it up in less than 60 seconds and just tap your phone to send, swap, and recover.

Learn More