Keeping your Bitcoin safe might seem like a simple task, but as a myriad of thefts, phishing attacks, and exchange hacks prove—it's easier said than done.
The majority of Bitcoin holders use one of four main types of cryptocurrency wallet: hardware, software, metal, and exchange wallets. Some are better than others for keeping your Bitcoin safe, but there are many ways to maximize your security regardless of which option you choose.
When it comes to keeping your Bitcoin private keys secure, hardware wallets are widely considered to be the safest option. Hardware wallets are physical security vaults that are designed to protect your Bitcoin (and other cryptocurrencies) from a range of possible attacks, while also ensuring you can access and spend your cryptocurrencies with relative ease.
Hardware wallets vary considerably in form, function, and price. They range from the $49 KeepKey wallet, to the $119 Bluetooth multi-asset Ledger Nano X, and $120 Bitcoin-centric Coldcard Mk3 and beyond.
Like most cryptocurrency wallets, hardware wallets use a mnemonic phrase that can be used to recover your wallet; this can be used in the event that the device itself is lost. It's also one of the biggest vulnerabilities for hardware wallets, since anybody who gets their hands on the recovery phrase will have unfettered access to the funds it contains.
This has led to some ingenious workarounds to protect and secure the recovery phrase from prying eyes, including writing it in UV-sensitive ink under a dummy phrase, and even dividing the recovery phrase up between several safety deposit boxes.
Software wallets are one of the most popular ways to store Bitcoin among mobile users, since many can be used to manage a wide variety of cryptocurrencies from most mobile devices. There are also desktop versions of many software wallets, allowing users to manage their own private keys on Linux, macOS, and Windows.
Some of the most popular Bitcoin wallets are software wallets, including Electrum, Jaxx Liberty, and Exodus—all of which are available for both desktop and mobile operating systems. However, even the most secure options lack some of the security features of hardware wallets.
In order to maximize your security with a software wallet, we recommend picking one that features two-factor authentication (2FA). It's also important to ensure you're protected against viruses, keyloggers, and other malware, since these can exfiltrate your private keys and seed phrases if not blocked.
As the name suggests, mobile Bitcoin wallets are downloadable apps that can be used to store, send, and receive cryptocurrencies on a smartphone.
These can generally be downloaded from the Apple App Store or Google Play Store, but sometimes need to be manually installed as an APK (on Android) or through sideloading (on iOS)—particularly for newer wallets that haven’t yet been approved for app stores.
Mobile wallets can vary considerably in the features they offer, but they generally take advantage of the unique capabilities of smartphones—such as fingerprint sensors, cameras, GPS, etc., to add an additional layer of security.
Many of these wallets feature support for multiple cryptocurrencies, while others support just one. In most cases, mobile wallets are considered ‘non-custodial’, which means you maintain control of your private keys.
Some of the most popular multi-asset mobile wallets and their main features include:
- Coin Wallet: Supports multiple assets, optional hardware-backed security (via Yubikey), and has a built-in trading tool
- Coinbase Wallet: Created by the popular crypto exchange Coinbase, this wallet features a built-in Web3 dApp browser, cloud private key backup, and support for ERC721 crypto collectibles.
- BRD Wallet: Simple to use and aesthetic, supports several popular cryptocurrencies, and offers a unique BRD rewards feature.
It’s important to note that while some software wallets are also mobile wallets, not all mobile wallets are software wallets—since software wallets are usually available across a range of operating systems, often including mobile ones like iOS and Android.
Metal wallets are physical metal plates or devices that can be used to securely store recovery phrases, private keys, and potentially other sensitive information offline. Since they're constructed out of metal, they are inherently fireproof and corrosion-resistant, while some, like the Cryptosteel and Cypherwheel, are also crush-resistant.
Unlike the other options on this list, metal wallets are not designed for actually using Bitcoin or other cryptocurrencies. They simply act as a means to store secret information in a more robust way than an insecure paper wallet. They're more resilient than even the most robust hardware wallets, and several feature built-in anti-tamper mechanisms. They're most useful for long-term storage in a secure location, since they won't afford you instant access to your funds.
A wide range of metal wallets are available, ranging from between $20 to over $200—or you can go the DIY route to make one yourself.
Cryptocurrency exchanges have much to recommend them, including instant access to funds, plus the ability to quickly trade your Bitcoin for other cryptoassets. However, compared to other methods of storing your Bitcoin, they are generally considered to be a less secure option. Between 2011 and 2020, $11 billion was stolen in crypto hacking incidents, with a "significant amount" lost in hacks of crypto exchanges, according to research by Inside Bitcoins.
Exchanges are also custodial, which means they hold custody of any fund stored in their accounts, leaving users without access to their private keys. "Not your keys, not your Bitcoin" is a common refrain among those cryptocurrency advocates who reject the idea of storing their crypto on an exchange. Of course, it's worth noting that many exchanges, including the major ones such as Gemini, Coinbase and Bittrex, are insured—protecting users against a range of threats including insider theft and cyberattacks.
Despite their limitations, exchanges remain an extremely popular way to store cryptocurrencies, due to the simple fact that they're typically convenient and easy to use.
They also differ in their security stack, including their use of cold storage and account-side security features. We'd recommend sticking to exchanges that use multi-signature cold storage and offer two-factor authentication for accounts. Some exchanges, such as Binance, also let you use a hardware key for 2FA, adding an additional layer of security.