recovery phrases

A recovery phrase (sometimes known as a seed phrase) is a series of words generated by your cryptocurrency wallet that gives you access to the crypto stored within that wallet. Think of a wallet as being similar to a password manager for crypto, and the recovery phrase as being your backup access point. As long as you have your recovery phrase, you’ll have access to all of the crypto associated with the wallet that generated the phrase — even if you delete or lose the private key.

One of the basic principles of cryptocurrency is the idea of “self-sovereignty”: you should be able to access your crypto without having to prove your identity, and you shouldn’t have to rely on a bank or other institution to store it safely.

How does a blockchain know which crypto is yours? It uses algorithmically generated password-like codes that only the holder has access to. When you first set up a crypto wallet — it generates a string of simple words, which is your recovery phrase (sometimes also known as a seed phrase). The wallet also uses the recovery phrase to algorithmically create private keys — which allow you to send or spend your crypto.

The reason recovery phrase is a series of 12 to 24 simple words (like “army,” “energy,” “fabric,” “lucky,” “opera,” “stereo,” “trash,” or “void”) rather than a numeric password is because long strings of numbers are difficult for humans to remember or even transcribe correctly — think of how hard it can be to input a long wifi password. Your recovery phrase unlocks your wallet, along with the private keys associated with all the crypto in the wallet.

Some important points to remember:

  • Since only you know the recovery phrase, keeping track of it is of the utmost importance
  • Anyone with your recovery phrase can gain access to your crypto.
  • If you delete or lose your wallet’s private key without carefully saving your recovery phrase, you lose access to your crypto.

How Does a Recover (Seed) Phrase Work?

When you create a crypto wallet, a recovery phrase is automatically generated (in most wallets). The recovery phrase is a representation of a long string of random numbers — and your wallet uses it to generate the private keys that let you send and spend your crypto. The reason the recovery phrase is given to you in word form (rather than a long string of random numbers) is because humans are better at remembering and interacting with a series of words. But you shouldn’t rely on your memory for storing your recovery phrases. Each recovery phrase is pulled from a list of 2,048 simple words. The recovery phrase idea was widely adopted after 2013’s Bitcoin Improvement Proposal 39 (BIP-39), which established a standard for a “deterministic wallet” — which most wallets are now — in which one recovery phrase would control all of the private keys held in the wallet. The standard also makes major wallets intercompatible: if you want to switch wallets, you just need to enter your recovery phrase into the new wallet and your crypto will be available there. If you lose or delete a wallet, you can even recreate it using your recovery phrase alone. Keeping your recovery phrase safe from hackers, phishing attacks, or just simple loss is absolutely crucial.

How can you store a recovery phrase safely?

There’s a wide range of strategies about how to best secure recovery phrases, which tend to vary based on how much crypto you have and how much you value security vs. convenience.

One very powerful way to secure a recovery phrase would be to split it between safe deposit boxes in multiple locations (making sure there’s redundancy in case something were to happen to any of the locations). Obviously this is not very convenient.

Some people use specialized services to engrave recovery phrases into durable materials like stainless steel but, or many people, simply writing your recovery phrase down and keeping copies in more than one safe location is a solid approach.

Using the mobile version of Coinbase Wallet (which is separate from the main Coinbase app you use to buy or sell crypto) you can opt in to the encrypted Google Drive or iCloud recover-phrase backup feature, which stores an encrypted version of your recovery phrase in the cloud. You should also keep a copy of your recovery phrase somewhere safely offline.

The bottom line is: as long as you have your recovery phrase, you have your crypto. If you lose a hardware wallet on a bus or break a phone containing a software wallet, you haven’t lost your crypto — you can simply enter your recovery phrase into another wallet.

What happens if you lose your recovery phrase?

If you accidentally throw out the scrap of paper your recovery phrase is written on, forget which book you hid it in, or die without passing it on to an heir, you lose access to your crypto.

Remember: If you lose your recovery phrase, you lose access to your crypto.

If I’d prefer not to manage my recovery phrase, are there other options?

Sure. If you buy crypto via centralized exchange, you don’t actually have to immediately move it to a separate wallet (or ever, it’s up to you). Instead, you might choose to leave it in your exchange account, in which case the exchange automatically holds on to it via a “hosted wallet.”

What’s the difference between a recovery phrase and a private key?

Private keys allow you to send or spend some of your Bitcoin, Ethereum, or other crypto — they’re algorithmically derived from the long string of numbers represented by your seed phrase.

Your recovery phrase gives you access to your wallet and all the private keys in the wallet. You can think of a crypto wallet as being like a password manager for your crypto — as long as you have your master password (the recovery phrase) you have access to all the associated crypto.

This article was written by our CryptoCurrency Essentials (CCE) Committee, with special thanks to committee member Manan Vora and Tom Brandl.

Disclaimer

The information presented in this article is for educational and informational purposes only. It does not constitute financial advice, investment recommendations, or any form of endorsement. 

The views and opinions expressed by individuals in this article are solely those of the speakers and do not necessarily represent those of C4 or any other organizations with which they are affiliated.

The mention or inclusion of any individuals, companies, or specific cryptocurrency projects in this video should not be considered as an endorsement or promotion.

Regulations and legal frameworks around cryptocurrencies may vary in different jurisdictions. It is your responsibility to comply with the applicable laws and regulations of your country or region. 

The CryptoCurrency Security Standard (CCSS) has been updated to version 9.0. See the updated CCSS here.

Systems certified under 8.1 are still valid.