BIP-39 Passphrase

Loïc MorelLoïc Morel
Oct 18, 2024
300
Oct 18, 2024

What is a BIP39 passphrase?

HD wallets are typically generated from a mnemonic phrase consisting of 12 or 24 words. This phrase is very important because it allows for the restoration of all the keys of a wallet in case its physical medium (like a hardware wallet, for example) is lost. However, it constitutes a single point of failure because if it is compromised, an attacker could steal all the bitcoins.
This is where the passphrase comes in. It's an optional password that you can freely choose, which is added to the mnemonic phrase in the key derivation process to enhance the wallet's security.
Be careful not to confuse the passphrase with your hardware wallet's PIN code or the password used to unlock access to your wallet on your computer. Unlike all these elements, the passphrase plays a role in the derivation of your wallet's keys. This means that without it, you will never be able to recover your bitcoins.
The passphrase works in tandem with the mnemonic phrase, altering the seed from which the keys are generated. Thus, even if someone obtains your 12 or 24-word phrase, without the passphrase, they cannot access your funds. Using a passphrase essentially creates a new wallet with distinct keys. Modifying (even slightly) the passphrase will generate a different wallet.

Why should you use a passphrase?

The passphrase is arbitrary and can be any combination of characters chosen by the user. Using a passphrase thus offers several advantages. First, it reduces all risks associated with the compromise of the mnemonic phrase by requiring a second factor to access the funds (burglary, access to your home, etc.).
Next, it can be used strategically to create a decoy wallet, to deal with physical constraints to steal your funds like the infamous "$5 wrench attack". In this scenario, the idea is to have a wallet without a passphrase containing only a small amount of bitcoins, enough to satisfy a potential aggressor, while having a hidden wallet. This latter uses the same mnemonic phrase but is secured with an additional passphrase.
Finally, using a passphrase is interesting when one wishes to control the randomness of the HD wallet's seed generation.

How to choose a good passphrase?

For the passphrase to be effective, it must be sufficiently long and random. Just like with a strong password, I recommend choosing a passphrase that is as long and random as possible, with a variety of letters, numbers, and symbols to make any brute force attack impossible.
According to a study conducted by Trezor in 2019, an attacker with access to your seed and using a high-end GPU rented on AWS (NVIDIA Tesla V100) could test nearly 620 million passphrases for 1 dollar. As a rough estimate, with 2019 capabilities, a passphrase made of 12 random lowercase letters would cost on average 77 million dollars to crack.
However, I advise against limiting yourself to 12 characters. Aim instead for current standards for strong passwords: in 2025, aim for at least 13 random characters including digits, lowercase and uppercase letters, and symbols; or 14 characters if using only lowercase and uppercase letters. Naturally, I recommend aiming higher, for example by choosing a 20-character passphrase with symbols, to anticipate future developments and account for human risks that are not considered in these studies.
It is also important to properly save this passphrase, in the same way as the mnemonic phrase. Losing it means losing access to your bitcoins. I strongly advise against memorizing it solely in your head, as this unreasonably increases the risk of loss. The ideal is to write it down on a physical medium (paper or metal) separate from the mnemonic phrase. This backup must obviously be stored in a different location from where your mnemonic phrase is kept to prevent both from being compromised simultaneously.

Tutorials

To set up a passphrase on a Ledger device (Stax, Flex, or Nano), you can consult this tutorial:
passphrase-ledger
BIP-39 Passphrase LedgerHow to add a passphrase to your Ledger wallet?
On a COLDCARD:
coldcard-q-advanced
COLDCARD Q - ExpertUsing COLDCARD Q's advanced options
On a Jade Plus:
jade-plus-sparrow
Jade Plus - SparrowAdvanced configuration of Jade Plus with Sparrow Wallet
On a Passport (batch-2):
passport
Passport CoreConfiguring and using the Passport hardware wallet in manual mode
On a Trezor device (Safe 3, Safe 5 or Model One):
trezor-passphrase
BIP-39 Passphrase TrezorHow do I add a passphrase to my Trezor wallet?
 On a SeedSigner:
seedsigner-passphrase
BIP-39 Passphrase SeedSignerHow do I add a passphrase to my SeedSigner wallet?
 On a SeedSigner with a Seedkeeper:
seedkeeper-seedsigner
Seedkeeper x SeedSignerHow do I use Seedkeeper with my SeedSigner?
Did this work well for you?
30
0

Author

This tutorial has been written by Loïc Morel

You can say thanks by tipping the professor.

Credits

This tutorial has not been proofread yet

0/3Proofreading status

The original content has been translated by AI, but human review is necessary to ensure its accuracy.

Progress: 0/31 149 sats575 sats288 sats
*Rewards may vary based on the $ exchange rate

Every content on the platform is the result of a collaborative effort: each lesson, translation, and revision is made possible by the work of contributors. For this reason, we are always looking for proofreaders who can review our content in many languages. If you want to participate in the proofreading process, please reach out in our Telegram group and read our tutorial. We remind you that this content is open-source - licensed under CC BY-SA - so it can be freely shared and used, as long as the original source is credited.