Choosing a\u00a0hardware wallet<\/a> is a serious and extremely responsible decision.<\/p>\n
This is a must.<\/p>\n
BIP39 compatibility means portability.<\/p>\n
If, for whatever reason, you don’t have access to your device anymore, you should be able to easily import your seed phrase<\/a> in another wallet and access your funds.<\/p>\n
This is more of a nice-to-have, but since it’s an industry standard to support it, there’s no need to settle for 12 word seed phrases.<\/p>\n
Both 12 and 24 word seed phrases are practically impossible to guess. But a scrambled set of 12 words can be brute-forced.<\/p>\n
Now, of course, I disapprove of becoming too creative<\/a> with seed phrase management, but if someone gets a hold of (a part of) your words, they might be able to figure it out.<\/p>\n
The device shouldn’t be able to be used by simply having physical access to it.<\/p>\n
Most solutions are protected by a pin, but if there are infinite tries available, an attacker might figure it out.<\/p>\n
Also, some devices lack a secure element<\/a> and thus can be hacked with physical access.<\/p>\n
Diversity of coin support sounds cool to n00bs, but if you have a concentrated position, you don’t really care if the device supports 100 tokens you’re not interested in.<\/p>\n
Also, every extra functionality is a potential attack vector, so for maximum security, you’d prefer a hardware wallet that supports only the assets you’re holding.<\/p>\n
For example, all three, BitBox02<\/a>, Keystone 3 Pro<\/a>, and Trezor<\/a> have Bitcoin only editions.<\/p>\n
Some hardware wallets become unnecessarily fancy.<\/p>\n
This is not always at a cost of security, which is great, but it introduces more components that can break.<\/p>\n
Of course, given the portability it’s not the end of the world. But you don’t want a hardware failure preventing you from transacting at the worst possible time.<\/p>\n
That’s why I always recommend having multiple hardware wallets<\/a> readily available, but if you’re going for your first and single one, you might optimize for simplicity – doing one thing and doing it good.<\/p>\n
This is crucial.<\/p>\n
The ability to access infinite sets of addresses by adding an extra word on top of your seed phrase is of massive value.<\/p>\n
Whether for purposes of plausible deniability, pedantic portfolio management, inheritance planning, or anything, supporting a passphrase is important.<\/p>\n
This is already a part of the BIP-39 standard, but it’s always good to double check if and how passphrases are supported.<\/p>\n
Again relating to the point of not trapping users in an ecosystem.<\/p>\n
Ideally, the hardware wallet is a\u00a0signing device<\/em>, not a product that needs to optimize for UX, given the options available on the market.<\/p>\n
Thus, I’d always prefer hardware wallets that can be used with third-party software instead of just with the native app of the company.<\/p>\n
This also allows you to pick preferred software (i.e. open source, no analytics, etc.) and just use the hardware wallet for its single intended purpose.<\/p>\n
If the software and\/or firmware aren’t open source, you can’t know whether your device satisfies the\u00a0only\u00a0<\/strong>qualification:<\/p>\n
The keys should never be exposed to a device connected to the internet.<\/em><\/p>\n
This is the only improvement of hardware wallets<\/a> over software wallets, so it shouldn’t be taken lightly.<\/p>\n
A notable example is Ledger’s ability to extract the seed phrase<\/a>, effectively making it a hot wallet.<\/p>\n
Most devices have a self-destruct mechanisms for various attack vectors.<\/p>\n
For example, after 3-10 wrong pins, the devices wipes out all the data and does a factory reset.<\/p>\n
Or if the device detects physical tampering, it self-destructs, wiping all the data.<\/p>\n
This is a layer of security that can make users comfortable in losing their hardware wallets or not panicking if it gets stolen etc.<\/p>\n
And lastly, a less technical requirement, but still an important one:<\/p>\n
The track record of the company.<\/p>\n
This is not about “trust”, but about the history of good decisions, customer support, and high-quality solutions the company brought.<\/p>\n
I put it last because it should be considered lastly – given two equally suitable options, one might consider the provider’s\u00a0reputation to make a final decision.<\/p>\n
<\/p>\n","protected":false},"excerpt":{"rendered":"
Choosing a hardware wallet is a serious and extremely responsible decision. A user has to do dedicated homework instead of picking the cheapest or the first available option. When I was evaluating which hardware wallets to buy, I relied on the following list of requirements. Read on and see the reasoning behind each. 1) Has to …<\/p>\n","protected":false},"author":1,"featured_media":3971,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,9,23],"tags":[],"ppma_author":[4],"class_list":["post-3910","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-bitcoin","category-cryptocurrency","category-self-custody-security"],"yoast_head":"\n