Your seed phrase (also called a recovery phrase) is the master key to a non-custodial software wallet. One 12-word seed phrase can restore all accounts and private keys the wallet derives, across multiple chains the app supports. Lose that phrase and you lose access. Someone else gets it and they can move your funds. Short sentence. Long sentence that explains the technical reality: the seed phrase encodes the seed for hierarchical deterministic wallets, which then derives private keys for individual addresses (so a single phrase can control many wallets and many blockchains).
Seed phrase backup is the single most important safety step for hot wallet users. I believe spending time on a good backup plan is the best risk-reduction you can do with software wallets.
When you create a new wallet in Trust Wallet the app will present a recovery phrase during onboarding. Most mobile wallets use a 12-word phrase; the app shows the words in a specific order and asks you to confirm them before finishing setup. The on-screen flow normally warns you that the phrase must be kept offline and private.
If you use an iPhone or Android device, follow platform setup steps first: see Install on iPhone and Install on Android pages for compatibility notes.
There are several ways to keep a seed phrase safe. Each comes with trade-offs between durability, convenience, and attack surface.
| Method | Durability | Ease (daily) | Security risk | Notes |
|---|---|---|---|---|
| Paper copy (sealed) | Low (fire/water risk) | High | Medium (physical theft) | Cheap, easy to create; duplicate and store off-site. |
| Metal backup (stamped/engraved) | High | Medium | Low (if stored well) | Best for fire/flood resistance; higher cost. |
| Encrypted offline file (USB air-gapped) | Medium-High | Low | Medium (malware if connected) | Keep device permanently offline. |
| Cloud backup (iCloud/Drive) | Low-Medium | High | High (account takeover) | Convenience vs risk — see next section. |
| Password manager (local-only) | Medium | High | Medium-High (centralized compromise) | Use only reputable, well-configured tools. |
| Social / smart-contract recovery | High (if implemented) | High | Depends | Requires a smart-contract wallet or account abstraction; not the same as a seed phrase. |
And yes, metal backups are bulkier. But they survive things paper won’t.
Cloud backups tempt with convenience: photo sync, automated device backups, or app-integrated cloud storage. But convenience increases attack surface. If your cloud account is compromised (weak password, reused credentials, SIM swap), an attacker can retrieve your seed phrase. Providers may also store backups unencrypted (or decrypt them on their servers), which raises legal and privacy questions.
If you use cloud tools, encrypt locally before upload and protect the encryption key separately. Consider cloud only for encrypted, split backups — not raw seed strings.
What is a BIP39 passphrase? It's an optional extra string (sometimes called the 25th word) that combines with your seed phrase to create a different seed. That makes the phrase useless without the passphrase — essentially a second-factor recovery.
Does Trust Wallet support a BIP39 passphrase? Support varies between wallets and versions, so don't assume it will work unless the app explicitly offers it. If you plan to rely on a passphrase, verify support during setup or test a restore on a separate device. (If a wallet doesn't accept the passphrase, you won't be able to restore that unique seed.) See Backup & recovery for more on validation and testing.
You may see search results promising a "seed phrase generator with balance free" or a "Trust Wallet phrase generator with balance free." These are red flags. No legitimate generator will create a phrase that already has a balance for you to claim. Often these pages try to trick you into entering a phrase or private key — which hands control to attackers.
Never paste your seed phrase into any website or app claiming to check balances. If a service asks for your recovery phrase, it's a scam. For practical guidance on spotting malicious dApps and phishing, read Phishing and scams.
What I've found in practice is that the majority of losses come from lazy backups — photographs, cloud sync, or sharing with an unreliable custodian.
If your device is lost but your seed phrase is safe, install the wallet on a new device and restore using the recovery phrase. If your seed phrase was exposed (e.g., copied to cloud or photographed), assume the wallet is compromised: move assets immediately to a new wallet created on an air-gapped device. Revoke dangerous approvals using Revoke token approvals.
Steps to recover after exposure:
If you’re unsure, consult Lost phone recovery and Someone stole my crypto guides.
Who this software wallet is for:
Who should look elsewhere:
If you need hardware security, see Ledger hardware or consider combining a hardware device with your hot wallet.
Q: Is it safe to keep crypto in a hot wallet?
A: Hot wallets are convenient for daily use but expose you to device compromise and phishing. For large, long-term holdings, combine hot wallet usage with hardware wallets or split funds.
Q: How do I revoke token approvals?
A: Use on-chain approval revocation tools or the revoke feature in many wallets and dApp dashboards. See Revoke token approvals for step-by-step instructions.
Q: What happens if I lose my phone?
A: If you have a working seed phrase backup, you can restore your wallet on a new device. If you don't, funds are unrecoverable. See Lost phone recovery.
Seed phrase backup isn't glamorous, but it's the foundation of self-custody. Take time to create a durable backup plan: write it down, duplicate it, and test restores. If you want a deeper walkthrough on advanced backups, metal tooling, or social recovery options, read the Backup & recovery and Security features pages next.
If you’re ready to secure your wallet now: follow the step-by-step checklist above and test a restore before moving significant funds.
But don’t rush the backup — a single rushed mistake can cost real money.