A passphrase is an optional security feature that adds an extra layer of security to your crypto accounts. This option is only recommended for advanced users. Carefully read this article and watch the video before setting up a passphrase.
Security tip
The recovery phrase and passphrase functionalities enable a range of security setups. You may use them to design the security strategy that meets your personal situation. Please do not overcomplicate things, the best security setup is one that you master and can execute with confidence.
How the passphrase works
The 24-word recovery phrase saved during initial setup of your Ledger hardware wallet fully backs up the private keys providing access to your accounts. You must store it in a secure place.
- The passphrase is essentially a password added to your 24-word recovery phrase that provides access to a whole new set of accounts.
- The passphrase protects your crypto assets if your 24-word recovery phrase were to be compromised. To access passphrase-protected accounts, an attacker will need your recovery phrase as well as your secret passphrase.
- Each different passphrase unlocks a unique set of accounts. You can use as many passphrases as you like.
Before you start
- Your device is set up and runs the latest firmware.
- Ensure your recovery phrase is accessible, just in case.
- Read this article fully before you start.
Instructions
- Connect your Ledger device and enter your PIN code.
- Hold both buttons to access the Control Center.
- Navigate to the Settings menu.
- Go to Security.
- Go to Passphrase and choose either of two options:
- Attach to PIN: Creates a second PIN code to unlock passphrase-protected accounts
- Set temporary: Enter the passphrase each time you wish to access passphrase-protected accounts
- Continue with the section below that matches the option you've chosen
How it works
Attaching a passphrase to a new PIN code creates a new set of accounts on your Ledger device based on a secret passphrase of your choice. You can access the accounts protected by this passphrase by entering a secondary PIN code.
- Only one passphrase can be attached to a PIN code. If you add another passphrase to the PIN code, you will overwrite the secondary PIN code and the passphrase.
- The passphrase will be stored on the device until you overwrite it with another passphrase or until the device is reset.
- Store a physical backup of the secret passphrase in a secure place. The device cannot display it after you've set it.
Instructions
- Choose Attach to PIN option from the Passphrase menu in the device security settings.
- Press both buttons to validate Set secret passphrase.
- Create a secondary PIN code.
- Re-enter the secondary PIN code to confirm it.
- Choose and confirm a secret passphrase (max 100 characters).
- Enter your primary PIN code to validate.
- Your device will continue managing the accounts based on your recovery phrase without passphrase. Please turn off the device and enter your secondary PIN code to access the passphrase-protected accounts.
You can only create one secondary PIN code attached to a passphrase that provides access to a unique set of passphrase-protected accounts.
How it works
Using a temporary passphrase provides access to a new set of accounts on your Ledger device for the duration of the session. Follow the instructions below each time you wish to access the accounts protected by the passphrase.
- The accounts are based on a secret passphrase of your choice.
- Store a physical backup of the secret passphrase in a secure place. The device cannot display it after initial setup.
Instructions
- Choose Set temporary option from the Passphrase menu in the device security settings.
- Press both buttons to validate Set secret passphrase.
- Choose and confirm a secret passphrase (max 100 characters).
- Enter your primary PIN code to validate.
- Your device will now manage the accounts protected by this passphrase. To access your primary accounts, please restart the device and enter your PIN code as usual.
Adding accounts to Ledger Live
When you add an account, its extended public key (xpub) is stored in Ledger Live's user data folder, where it is encrypted by your password if you've set up password lock.
To be sure that Ledger Live does not store information about passphrase-protected accounts, you may can simply remove these accounts after you've managing them in Ledger Live. Some users have requested the ability to automatically forget accounts.
Plausible deniability
To protect yourself in case of physical threat, make sure your primary PIN code unlocks only a minor part of your crypto assets. Then set up a passphrase attached to a PIN code and store more significant amount of crypto assets on the passphrase-protected accounts.
If you are under duress to unlock your Ledger device, you can surrender your main PIN code to the attacker while hiding the PIN code that unlocks your passphrase-protected accounts.
Recovery phrase protection
It’s a good security practice to keep multiple copies of your Recovery sheet and to store them in different geographic locations. To mitigate the risk of losing your crypto assets if one of the copies of your recovery phrase is compromised, you can set up a passphrase. If you do so, make sure to store paper backups of your passphrase, preferably in geographic locations that are different from the locations where you keep a backup of your recovery phrase.
Learn more
- Learn how to optimize your account security.
- Contact Ledger Support if you require assistance.