Secure crypto wallet backup solutions are a big theme.
Crypto traders as well as hodlers tend to avoid work on backups, because it’s not fun. As someone pointed out on Reddit, people like to code creative hacks for all kinds of things related to crypto, but they will so often either skip backups entirely or never test them.
Not a good idea with crypto, where you literally are your own bank.
Seed Phrase Backups
Whether you are using Electrum for Bitcoin, Exodus for all kinds of altcoins or a hardware wallet like Ledger, your default cryptocurrency wallet backup is always the backup of the 12+ word recovery seed phrase.
The seed phrase backup should be written on a piece of paper, in case you are writing down the literal full seed phrase.
There are safe ways to back up your seed phrase electronically, too.
Non-Digital Backups
Basic Seed Phrase Backup
If you can store your full seed phrase in multiple safe locations, a good choice is a piece of paper and regular pencil. Not ink or gel pen or anything that catches air humidity – just a regular pencil.
- Electrum will display your seed while you are setting up your wallet, and it won’t let you finish the setup without writing the seed down and retyping it in.
- In user-friendly wallets like Exodus, Jaxx or Blockchain.com you need to go to Settings and Backup. (It’s usually called the same.) That will show you the seed phrase. Write it down.
- Exodus and possibly some other wallet will not display your recovery seed phrase if your wallet is empty.
A decent place to store this seed phrase backup would be a safety deposit box in a bank or elsewhere, or your lawyer’s office.
How to make pencil-and-paper privkey backup safer
-
Get a metal sheet seed phrase storage such as CryptoSteel or BillFodl.
They are equivalent products, CryptoSteel ships from EU while BillFodl from US. Both are made of high grade stainless steel and are resistant to rust, fire and explosion. Sometimes you can get them in bundle deals with Trezor wallets, check our Eternal Black Friday page for more.
-
Split your seed into chunks and divide them between several people. Then give instruction about the order of the pieces to a lawyer. You should not give the whole seed AND instructions to a single person.
-
Shuffle your seed. Example: A 12-word recovery phase splits into three groups by four words. Decide to move every third word to the following group. You should test yourself a few times on how to shuffle your seed back.
Paper wallet crypto backup
A more technical way is to get a paper wallet generator.
A paper wallet generator will print your seed phrase or private key along with a QR code that you will be able to scan with your smartphone.
This way is not so popular anymore, it’s here pretty much to just say the following:
- Do not use a paper wallet generator that is hosted online.
You should use a paper wallet generator that you downloaded from Github, ideally from a release page of your coin’s developer team or from a link that was recommended on the dev’s website
-
Always use a paper wallet generator offline.
-
To print a paper wallet, it is safer to connect to a printer via a cable instead of wifi.
-
The printer should be your own, not a public one. Data sent to print are in some cases retrievable from printers.
You see how much easier it is to just write things down with a pencil.
Paper wallet generators for some popular cryptocurrencies:
Digital Backups
A digital backup of your cryptocurrency wallet is the better option in case you are traveling across the border and are worried you will be searched.
The reason is that the first layer of security in digital backups is obfuscation, not encryption.
It’s about concealing the information that there is something important hidden. This is arguably difficult to do with a twelve-word seed phrase written in a Moleskine notebook. These are not early days of crypto anymore, too many people know what such a note holds and pretty much everyone knows what a Ledger wallet is.
Word of caution.
Digital backups are safe, if you know what you’re doing. Maybe you don’t want to risk it. That’s a fair choice if you are not used to using the command line. However, there are still a few things you should back up digitally even if it’s not going to be the seed phrase.
What to safely back up digitally as a non-techie crypto holder
Location hints
If you have multiple seed phrases physically stored at multiple locations, you should definitely store hints as to where to find them.
No need to store the full directions, just the hint that will help you recall where the storage is.
You will need a hint for a cold storage that has not been accessed in a few years.
Password hints
It is safe to do the same for your password reminders: Back up the hints in an encrypted note in LastPass, or as an email draft in a zero-knowledge email client like Tutanota.
Use 2FA.
Don’t backup the actual full data, just the hints.
That way it’s safe.
Speaking of which…
2FA codes
Backup those. To multiple locations.
And that’s you done if you are not willing to do any commandline-fu. No need to read any further.
How to Make Safe Electrum Wallet Backup
Now onto the more technical way of digital crypto wallet backups.
Obfucation
The reason for coverups is that crypto wallets will be by default stored on your computer as something like walet.dat
or in a directory called wallets
or some other transparent thing.
There is a lot of malware that is programmed to look for these standard files.
Since version 2.8, Bitcoin Electrum will always encrypt the wallet file, unless you choose not to. Your private keys are is therefore behind two layers of encryption: the keys are encrypted, and located inside an encrypted file.
To spend your Bitcoin, you need either the Electrum wallet file with its password or the seed phrase (private keys).
You do not need to back up both the seed phrase and the wallet file, but restoring a wallet from the recovery seed will not restore your transaction labels.
If you use them but you need to get rid of anything crypto (because, say, your laptop might get searched), you are better off backing up the wallet file.
How to backup the Electrum wallet on Mac
- Open the Electrum wallet you want to back up.
-
Go to
File > Save Backup
.This will duplicate the file at
~/.electrum
to any location of your choice. For obfuscation, name the Electrum export file randomly:Photos2015
or so. -
Compress the directory into an encrypted, password protected archive:
$ tar zcvf Photos2015.tar.gz Photos2015
$ openssl enc -in Photos2015.tar.gz -out Photos2015.bak.tar.gz -aes-256-cbc -salt
- You will need to use a password to encrypt the archive. Store a hint to it in a LastPass note.
- Remove the unencrypted files.
Optionally, copy your encrypted backup archive to an external hard drive, on your phone, into drafts in your (well secured) Tutanota mailbox or into cloud storage.
If you are going to cross national border, you can now safely uninstall the Electrum app.
How to restore Electrum wallet from your encrypted backup
-
Decrypt and extract the archive that contains your Electrum wallet backup.
$ openssl enc -d -aes-256-cbc -in Photos2015.bak.tar.gz -out Photos2015.tar.gz
$ tar zxvf Photos2015.tar.gz
-
Now you have the original wallet file that can be opened directly from Electrum.
This is a digital backup method that gives you pretty good security.
Your seed phrase is behind three levels of encryption, the file itself doesn’t give away that it is a cryptocurrency wallet and as long as you can do basic tasks from the command line, it’s all super quick and easy to do.
Advanced: Crypto Wallet Backup with a Decoy File
If you are super paranoid, make use of steganography to insert your crypto wallet backup file into a decoy image.
On Linux and Mac you don’t need any extra software to pull it off. The command you need to do that is one of the default ones:
cat Photos2015.bak.tar.gz > my-avatar-photo.jpg
This will insert Photos2015.bak.tar.gz
into the image file my-avatar-photo.jpg
. You can check that the image now has larger size - in Finder it will still look like any other image though.
To extract your wallet file, you do the same steps as above, but on with your decoy image as the input:
$ openssl enc -d -aes-256-cbc -in my-avatar-photo.jpg -out Photos2015.tar.gz
$ tar zxvf Photos2015.tar.gz
Again, this will yield the original wallet file that can be opened directly from Electrum.
Summary
Crypto wallets can be backed up on paper or digitally. Both ways have their pros and cons, each is more suitable for different situations.
Non-digital backups are better for longer term, digital backups for shorter time, such as when you need to get rid of crypto software from your laptop only for a few days.