According to estimates from Chainalysis, approximately 20% of all Bitcoin in circulation โ equivalent to over 3.7 million BTC โ has been permanently lost. The primary cause? Users losing their seedphrase or having it stolen without even knowing.
Your seedphrase is the only thing that can restore your crypto wallet. Losing it means losing everything โ no bank hotline, no customer support, no one can help you. And if you don't know how to store your seedphrase securely, hackers can steal it and drain all your assets (tokens, NFTs...) from your wallet.
That's why knowing how to safely store your seedphrase isn't optional โ it's a mandatory skill for anyone participating in the cryptocurrency market.
This guide will walk you through everything from A to Z: how seedphrases get stolen, the 6 safest storage methods available today, and manual "encoding" techniques for when you must store it on online platforms like Telegram, Facebook, or Google Drive โ securing it up to 99% even if your account gets hacked or the seedphrase is exposed.
What Is a Seedphrase and Why Must You Protect It at All Costs?
What is a seedphrase?
A seedphrase (also called a recovery phrase or mnemonic phrase) is a sequence of 12 or 24 random English words generated according to the BIP39 standard when you create a new crypto wallet. This is your "master key" โ from the seedphrase, the system can reconstruct all your private keys and wallet addresses.
In other words: whoever owns the seedphrase owns all assets in the wallet. Anyone with your seedphrase can import your wallet on another device and freely transfer tokens and NFTs โ without needing any password or additional verification.
Losing your seedphrase = permanently losing your assets
Unlike a bank or email account โ where you can call support to reset your password โ in the crypto world, no one has the power to recover your seedphrase. Wallet providers (MetaMask, Trust Wallet, Ledger...) do not know and do not store your seedphrase. If it's lost, your assets will be permanently "frozen" on the blockchain and untouchable by anyone.
And if your seedphrase is exposed, whoever stole it has full access to your wallet just like you do.
This is why safe seedphrase storage is more important than any other security measure. Wallet passwords can be reset โ but seedphrases cannot.
How Can a Seedphrase Be Stolen?
Before learning how to protect your seedphrase, you need to understand how it can be compromised. Knowing the threats will help you defend more effectively.
Malware and keyloggers on your device
.png)
If your computer or phone is infected with malware, hackers can record every keystroke (keylogger), access your clipboard, or scan all files on the device looking for your seedphrase. Particularly dangerous when you copy-paste your seedphrase without clearing the clipboard afterward.
Phishing attacks โ impersonating projects and exchanges
.jpg)
Hackers create websites identical to official MetaMask, Binance, or DeFi project pages, then send emails or messages directing you to the fake site to "enter your seedphrase to verify your wallet." This is the most common attack vector โ and even experienced users fall for it.
Golden rule: No legitimate project or exchange will ever ask you to enter your seedphrase on a website. If anyone asks โ it's a scam, 100%. Never enter your seedphrase anywhere online.
Platform data breaches
In 2021, Facebook leaked 533 million user profiles, with data sold widely online. Google, Yahoo, and LinkedIn have also suffered data breaches. If you store your seedphrase as plain text on any online platform โ Messenger, Zalo, Telegram, Google Drive, Notes โ you're gambling with your crypto assets.
Many people choose Messenger, Telegram, or Google Drive to store their seedphrase for convenience, but it's not safe. This guide will show you how to store it securely on these online platforms.
Physical access
Not every attack comes from the internet. Family members, colleagues, or visitors โ anyone who sees a piece of paper with your seedphrase or gains access to your phone can steal your assets in minutes. This is a risk many people overlook.
6 Safest Seedphrase Storage Methods Today
No method is 100% perfect, but combining multiple approaches will get you the highest level of security. Here are 6 methods trusted by the crypto community, arranged from simplest to most advanced.
Method 1 โ Write on paper, store in a safe
This is the simplest and most effective method for most users. Write your seedphrase on paper, verify each word carefully, then store it in a safe or secure location at home.
Pros: completely offline, can't be hacked remotely, easy to implement. Cons: paper can deteriorate from moisture, fire, or get lost. So make at least 2 backup copies stored in 2 different locations โ for example, one at home and one at your parents' house or a bank safety deposit box.
๐ก Tip: According to the BIP39 standard, each word in a seedphrase is uniquely identified by its first 4 letters. This means you only need to write the first 4 letters of each word โ saving space and making it harder for anyone who spots it to immediately recognize it.
Method 2 โ Split seedphrase across multiple locations
Instead of storing all 12 words in one place, split them into 2-3 parts and store each in a different location. For example: words 1-4 at home, words 5-8 at work, words 9-12 at a relative's home.
A hacker needs the complete seedphrase to use it. With only one part, it's useless. The downside is that you'll need to visit all locations when you want to restore your wallet โ so weigh the convenience factor.
Method 3 โ Encrypted USB / offline hard drive
Store your seedphrase on an encrypted USB drive or a hard drive with no internet connection. Some USBs have built-in hardware encryption โ even if physically stolen, the data inside cannot be read without the password.
Pros: compact, easy to hide, strong encryption. Cons: USB drives can fail over time โ always keep a paper or metal backup as a fallback option.
Method 4 โ Password manager software
Apps like KeePass, 1Password, or Bitwarden let you store seedphrases in an end-to-end encrypted vault. Data is protected by a master password and usually has an additional 2FA layer.
This is a good balance between security and convenience โ especially if you manage multiple wallets. However, choose reputable, open-source apps (like KeePass or Bitwarden), and never use standard note-taking apps like Google Keep, Apple Notes, or Samsung Notes โ these are not designed for security.
Method 5 โ Hardware wallet + Multisig for large holdings
If you manage significant crypto assets (several thousand USD or more), hardware wallets like Ledger or Trezor are the top choice. Private keys are stored completely offline on the hardware device โ hackers cannot access them remotely.
An even more advanced option is a multisig wallet โ requiring 2-of-3 (or 3-of-5) private keys to co-sign before any transaction can be executed. Even if one key is compromised, assets remain safe. This is the security standard used by crypto investment funds and whales.
Method 6 โ Storing on Zalo, Facebook, Telegram, Drive...
In theory, everyone knows: don't store seedphrases online. In practice, many people still choose Facebook, Telegram, Zalo, or Google Drive for convenience โ accessible anywhere, no risk of losing paper.
If you're in this group, here are "manual encoding" techniques that can secure your seedphrase up to 99% โ even if your account is hacked, attackers will find it nearly impossible to determine the exact seedphrase.
Technique 1 โ Swap word positions
.png)
This is the simplest and highly effective approach. Swap the positions of 2 pairs of words using a formula only you know.
For example: with a 12-word seedphrase, swap word 2 with word 8, and word 4 with word 11. Just remember the formula "2โ8, 4โ11."
For extra security, swap twice โ apply 2 different rounds of swapping. Even if someone knows you're using a position-swapping technique, they'd need to try millions of combinations to find the right one.
โ ๏ธ Important: You must remember your swap formula. Forgetting it = can't import the correct seedphrase = lost wallet. Write the formula in a separate location and never store it with the seedphrase itself.
Technique 2 โ Add fake words
Insert 1-2 arbitrary words into your seedphrase at positions only you know. When you need to import your wallet, remove the fake words and enter normally.
For example: with a 12-word seedphrase, add the word "banana" at position 5. Now the seedphrase stored on Telegram has 13 words โ anyone looking at it will see an "invalid format" and won't know which word is fake.
Technique 3 โ Replace words with personal aliases
.png)
This is a more advanced technique: replace 1-2 words in your seedphrase with different words according to your personal convention. For example: replace "book" with "sach" (Vietnamese for book), replace "send" with "gui" (Vietnamese for send).
This is particularly powerful because even if a hacker knows you're using word substitution, they can't guess your personal convention. Each BIP39 word has 2048 possible choices โ replacing 2 words creates over 4 million combinations to try.
Technique 4 โ Store only half the seedphrase
Instead of storing all 12 or 24 words in one place, split it in two and store each half in a different account. For example: the first 6 words in one account, the remaining 6 in another.
This guarantees that even if one half is exposed, no one can know where the other half is stored.
Combining multiple techniques โ 99% secure
The real power comes from combining 2-3 techniques simultaneously. For example: swap positions 2โ8 + add a fake word at position 5 + replace word 10 with a personal alias.
Result: the seedphrase stored on Telegram is completely meaningless to anyone else. Even if the account is hacked, even if the platform suffers a data breach, finding the exact seedphrase from this "encoded" version is virtually impossible.
๐ฌ Experience from Airdrop101: "I still use position-swapping combined with fake words, and many careful members of our community do the same. Even if the 12 words are accidentally exposed, finding the exact seedphrase is very difficult. There's still a 1% chance โ but that's far better than 100% if you use no protection at all."
Deadly Mistakes When Storing Seedphrases
Many people know seedphrases are important but still make these basic mistakes. If you're doing any of the following, change immediately.
Taking a screenshot of your seedphrase
This is the most common mistake. When creating a wallet, many people quickly screenshot the seedphrase and save it to their photo library. The problem: photos on your phone are often automatically synced to Google Photos or iCloud โ meaning your seedphrase is in the cloud without you knowing.
Additionally, anyone who borrows your phone or gains access to your cloud account can see this photo. Malware scanning device images (OCR) can also recognize and steal seedphrases from screenshots.
Storing plain text on Google Drive, iCloud, or Notes
Google Drive, iCloud, Samsung Notes โ all are cloud services. Despite their encryption, they remain prime targets for hackers. If your Google account is hacked (through phishing, weak passwords, or no 2FA enabled), all data in Drive will be exposed โ including any file or note containing your seedphrase.
Rule #1: Never store your seedphrase in plain, 100% accurate form on any online platform. If you must store it online, apply the "encoding" techniques described above.
Sending it via message to "trusted people"
Sending your seedphrase via Messenger, Zalo, or email to a spouse or close friend "just in case something happens to me" โ sounds reasonable but is extremely dangerous. Messages are stored on platform servers, the recipient's account can also be hacked, and trusted relationships can change over time.
Copy-paste without clearing clipboard
When copying your seedphrase to paste into a wallet, the content remains in your device's clipboard. If you don't clear it immediately, any app on the device can read this content. Many people have lost funds due to malware exploiting clipboard access.
๐ก๏ธ Good habit: After pasting your seedphrase, copy some random text to "overwrite" the clipboard. Or better yet, use the Clear Clipboard feature if your wallet app supports it.
Frequently Asked Questions
How can a seedphrase be stolen?
Seedphrases can be stolen in several ways: malware or keyloggers on your device, phishing scams impersonating projects or exchanges, data breaches from online storage platforms (Google Drive, iCloud, Telegram...), and physical access when someone sees a paper with your seedphrase or gains access to your device.
Is storing a seedphrase on Telegram or Zalo safe?
Storing it as plain text is not safe. However, if you must store it online for convenience, you can apply "manual encoding" techniques: swapping word positions, adding fake words, or replacing words with personal aliases. Combining 2-3 techniques provides up to 99% security even if your account is hacked.
What is the safest way to store a seedphrase?
Combine multiple methods: write on paper or engrave on a fireproof steel plate, split into parts stored in different locations, and use a hardware wallet combined with multisig for large holdings. Never store your seedphrase in plain text on any internet-connected device.
Can I recover a lost seedphrase?
If you've completely lost your seedphrase with no backup copies, you'll permanently lose access to your wallet. However, if you've only made a typo or are missing 1-2 words, specialized services can use brute-force techniques to find the correct combination. Airdrop101 provides support for wallet recovery in such cases.
Conclusion
Your seedphrase is the most valuable asset in the crypto world โ more valuable than the tokens in your wallet, because it's the only thing that keeps you in control. Safe seedphrase storage isn't something to "do when you have time" โ it needs to be done the moment you create your wallet.
Three core principles to remember: never store your seedphrase in plain text on any online platform, always maintain at least 2 backup copies in 2 different locations, and if you must store it online, apply "encoding" techniques to make it meaningless to anyone else.
If you're currently experiencing issues with your crypto wallet โ hacked, sweeper bot installed, or need to recover a seedphrase with errors โ contact Airdrop101's wallet rescue service for support.