The Best Bitcoin Wallets
How We Chose the Best Bitcoin Wallets
3 experts interviewed
6 wallets tested
3 top picks
The Best Bitcoin Wallets
The rise and fall of cryptocurrency looks suspiciously like a bubble. Most people started hearing words like “Bitcoin” and “blockchain” in early 2018, when the market reached its $830 billion peak. Over the next nine months, cryptocurrencies lost 80% of their value, reaching a low in September 2018.
But with that trading frenzy in the rearview mirror, there’s growing evidence that the industry has never been more fertile. Facebook reportedly has 50 engineers working on a project to develop its own coin for users of WhatsApp. Coinbase is issuing a Visa debit card in Europe that will allow purchases in any currencies traded on the exchange. Samsung is investing nearly $3 million in the hardware wallet company Ledger, one of our top picks.
It remains to be seen whether cryptocurrencies will ever reach the heights of January 2018 again. What is clear is that some of the biggest companies in the world think it’s here to stay. And if you’re planning on using bitcoin, or any cryptocurrency, you’ll need somewhere to keep it.
How We Chose the Best Bitcoin Wallets
Storing cryptocurrency is relatively simple on its surface. Private keys — an alphanumeric string of letters and numbers that is randomly generated when you set up a wallet — act as the code to your vault. This gives you access to your coins and creates an address that allows you to send and receive cryptocurrency — all without revealing the keys itself.
As bitcoin expert Andreas M. Antonopoulos wrote in his book "Mastering Bitcoin,” “The digital keys in a user’s wallet are completely independent of the bitcoin protocol and can be generated and managed by the user’s wallet software without reference to the blockchain or access to the internet.”
Think of your private keys as your crypto Social Security number, banking account numbers, username, password, and mom’s maiden name all rolled into one. “Anyone who knows your keys can access your coins,” Mark Moss, founder of cryptocurrency investment firm Signal Profits, told us. Or, as the saying goes in the bitcoin community, “Not your keys, not your bitcoin.”
Protecting those keys is paramount, but each wallet goes about it a bit differently. The two biggest names in the industry, Trezor and Ledger, take different approaches entirely. Trezor embraces the open-source philosophy of the blockchain, which allows the community at large to keep an eye on potential loopholes or bugs in the software or hardware. You don’t have to take anyone’s word for it because you can see it yourself. Because, as cryptocurrency pioneer Nick Szabo wrote all the way back in 2001, “Trusted third parties are security holes.”
Ledger, on the other hand, adheres to a “security through obscurity” approach” — its firmware is proprietary (though maybe not for long), and it uses a bank-grade chip to protect the private key. The “most secure” wallet partially depends on which philosophy you subscribe to.
That said, there are a couple essential features we looked for in every wallet. Like any connected device, the company should provide regular firmware updates to keep up with evolving attacks. As Ledger’s CEO wrote in a blog post, “Since the beginning of the information technology age, security has been a game of cat and mouse between proponents of new systems and hackers wanting to disrupt them.” Fortunately, every one of the wallets we tested installed a firmware update as soon as we set up the device.
We also looked for features that protect against supply chain attacks, in which the device is compromised before you receive it. Wallets from KeepKey and Trezor used tamper-evident packaging, which indicates if a device has been accessed by a third-party, while Ledger relies on an attestation check, a cryptographic process between the device and computer that verifies the wallet’s firmware every time it’s accessed. BitBox attempted to solve this issue by sending the wallet in a heat-sealed mylar bag. While this is better than nothing, it’s still susceptible to being cut open and resealed, and not nearly as attack-proof as tamper-evident stickers or Ledger’s attestation check. As crypto expert Peter Todd tweeted about BitBox’s packaging, “Attackers can cheaply heat seal bags too.”
Finally, we looked at how each wallet addressed “evil maid” attacks, where the attacker could have access to the wallet for a brief period of time.
While it’s certainly good to be aware of these risks, we’re confident that each of the wallets we recommend meets exceptional security standards, which we’ll cover in more detail below.
It’s far more likely that your personal security habits will fail than the device’s will.
“As we’re on the third or fourth generation of hardware wallets, I think we’re at a point where comparing the security of different manufacturers solutions against each other is less important than highlighting the importance of good OPSEC (operations security) when using these devices,” said Rowan Stone, director of business development at blockchain platform Horizen. For more details on keeping your crypto secure in your hardware wallet, check out our guide below.
Number of coins supported
Bitcoin currently accounts for more than half of the value of all cryptocurrency assets combined, and the top five coins — bitcoin, Ether, Bitcoin Cash, Litecoin, and Ripple — account for more than 75%. The other 2,124 (and counting) are “altcoins,” or alternative coins created after bitcoin’s rise. How many of these coins each wallet is able to store varies from wallet to wallet. Of the wallets we tested, Bitbox supports the fewest number of cryptocurrencies with five, while Ledger supports the most with 1,185.
If you buy a hardware wallet from a company with a strong reputation, you can feel confident that your coins will be secure. The rest comes down to usability.
“The primary distinguishing factor of a hard wallet is user experience,” Stone said. “There are many wallets on the market, and they all use very similar technology; however, each of the manufacturers have wrapped up this core tech in very different ways.”
To evaluate what it felt like to use these wallets, we ran each one through the same test. First, we set up the wallet according to its instructions, including choosing a PIN and writing down each recovery phrase, a random 12-24 series of words that will restore access to your private keys if your wallet is lost or stolen. Then we bought about $10 worth of bitcoin from Coinbase, sent it to the wallet, and then sent it back to Coinbase. This let us get a feel for how each wallet handled its essential functions: setting up security and transferring cryptocurrency.
The 3 Best Bitcoin Wallets
Why we chose it
Easiest to navigate and set up
Among the six hardware wallets we tested, the Trezor One stood out for how easy it was to navigate and set up. Both the buttons and screen are significantly larger than the other wallets we tested, which makes accessing your coins a little easier. For many people, this might not matter, but if you send and receive crypto often, this would definitely cut down on your headaches.
One of the first steps in the setup process is to choose a PIN up to nine digits long. Most hardware wallets are about the size of a thumb drive and use two small buttons to navigate. The Trezor One’s buttons are a little bigger, and instead of entering the password on the device itself — a finicky process on a lot of wallets — Trezor makes use of the computer. The device arranges the keypad in a random order, then you enter your PIN on a blank keypad on the screen that matches your wallet — resistant to both keylogging malware and clumsy fingers alike.
Trezor takes several steps to ensure the integrity of your wallet before and after you receive it. To prevent supply chain attacks, the Trezor One comes with tamper-evident packaging. It has two holographic seals on the outside of the cardboard, and the entire package is sealed with heavy-duty glue, making it impossible to open without completely shredding the cardboard.
That said, Trezor’s main competitor, Ledger, recently demonstrated that the seals can be removed using a warm scalpel.
Transparent hardware and software
Transparency is at the core of everything Trezor does. Its hardware and software are entirely open-source — all new features and updates are published on its GitHub repository — which allows a community of developers to rigorously poke and prod every aspect of its design. As Trezor’s manufacturer, SatoshiLabs, wrote in its security manifesto: “We do not need to hide anything. Our goal is never to withhold information from you, our clients.”
Proponents of an open-source ideology argue that this transparency allows Trezor to quickly identify and fix bugs or loopholes with the help of an entire community. Detractors would say this also exposes the wallet to attackers, leaving the door open to breaches. If you’d rather use a more closed off wallet, go with Ledger.
Points to consider
Doesn’t support Ripple
One of Trezor One’s biggest weaknesses is that you won’t be able to send or receive Ripple (XRP). Ripple currently has the third-largest market cap of any cryptocurrency, so this could be a dealbreaker for some. Ripple is available on the Trezor Model T, but there are currently no plans to bring it to One.
At 69 euros ($77.57), the Trezor One is one of the more expensive non-touchscreen hardware wallets out there. If you’re just looking to safely store your crypto and don’t anticipate sending or receiving very much, the Ledger Nano S will do just fine for about $19 less.
Why we chose it
Highly secure chip
Unlike Trezor One, which employs single-chip architecture, the Ledger Nano S uses two chips. One of them is a general purpose 32-bit microcontroller (STM32F042K) similar to the one found in Trezor (STM32F205). These types of chips are generally found in products like medical devices, toys, and remote controls — things that aren’t built for security. Ledger’s CEO likens this chip to a set of LEGO blocks: “Practical to build, but trivial to disassemble or reverse engineer.” (Trezor mitigates this risk with it’s abundant tamper-evident packaging, making its hardware all but impossible to access without alerting the user.)
On top of that general purpose chip, Ledger uses an additional one called the Secure Element (ST31H320), which is specifically designed for secure applications like credit cards and passports. This is the chip that stores your private keys. The microcontroller then acts as a barrier between the internet and the Secure Element, providing another layer of security for your keys.
Supports over 1,000 coins
Ledger supports more altcoins than any other wallet we saw, including Ripple. It works with 1,185 coins in total. According to CoinMarketCap, there are currently 2,129 cryptocurrencies on the market, so you’ll be able to store more than half of them with Ledger.
Unlike Trezor, Ledger doesn’t come with any tamper-evident packaging. That’s because it uses an attestation check instead. Every time the wallet’s connected to a computer, the Ledger desktop app sends a digital signature to the wallet that can only be accepted by verified firmware.
Points to consider
Security through obscurity
If Trezor is a community get-together that deters attacks by keeping everything out in the open, Ledger is a veritable bank vault. Hardware-based attacks on Ledger are all but impossible, as vital information about the Secure Element is kept secret. But that comes with a downside: If there are vulnerabilities, the developer community won’t be able to catch them before attackers.
When asked on Reddit why Trezor uses open-source firmware, but not Ledger, Ledger’s Chief Technology Officer responded, “We chose to pick hardware that can protect the user against physical attacks and tampering, which is only available under NDA [non-disclosure agreement], and has been used by all security critical industries for the past 40 years.”
More difficult to navigate
The Ledger Nano S’s small buttons and screen made navigation and setup a little more challenging than Trezor’s. Anyone who’s ever put in a password using a remote or game controller will recognize the frustration of entering a 4-8 digit PIN by cycling through 1-9 for each number. It also has you click both buttons at once to confirm many actions — something we messed up about 30% of the time. These aren’t dealbreakers by any means, but if you’re using your wallet on a daily basis, it might be worth upgrading to the Trezor.
Why we chose it
The biggest upgrade from the Trezor One to Model T is its color touchscreen interface. While we thought the One was an improvement on the Ledger Nano S, the Model T is another step up on the One. Now, instead of moving your eyes back and forth between the device and computer to enter your PIN, you can do it all on the touchscreen. Along with the Ledger Blue (another touchscreen wallet), this was by far the easiest method our clumsy fingers found.
The Model T supports an additional six coins compared to the Trezor One, including Ripple. Ripple currently has a 7.6% market share for all cryptocurrency, so this is a big gap for the Trezor One that the Model T fills.
When we first opened the Model T’s packaging, the magnetic dock felt like a superfluous add-on. Why would you need a dock for something that should ideally stay hidden? But the dock could actually be useful for hiding your wallet and making it easily accessible. You can stick it under your desk or in the back of a drawer — out of sight, but still in reach.
Points to consider
Anti-tampering sticker leaves residue on device
While the Trezor One made the packaging tamper-proof, the Model T goes a step further by making the device itself impossible to mess with. It has a holographic tamper-evident seal on the USB port, so you’ll know if your device has been compromised. The only problem? It leaves a sticky residue behind on the device that was impossible to remove. We were extremely careful removing the sticker, and it still left a trail of gunk.
The Model T is about $90 more expensive than the Trezor One, and you’re mostly paying for the improved touchscreen navigation. The headaches saved might be worth that upgrade if you need to access your cryptocurrency often. That said, we thought the Trezor One was already pretty solid in that respect.
Guide to Bitcoin Wallets
How to Store Cryptocurrency Securely
Choose a hardware, software, or paper wallet
There are at least four ways to store your cryptocurrency: Using a hardware, software, or paper wallet, or storing it on an exchange. We wouldn’t recommend the last option. As Antonopoulos said on Twitter after one major exchange hack, “It is risky, it is unnecessary and they are the least aware or capable of understanding and managing that risk.”
Because they’re connected to the internet, exchanges are inherently hackable. The most infamous of these was Mt. Gox in 2014, in which 6% of the world’s bitcoin was stolen. Exchanges have improved a ton since then, but hacks are unfortunately still a somewhat regular occurrence. Exchanges like Bithumb, DragonEx, and Zaif all succumbed to major attacks in the past six months.
A few exchanges, like Coinbase and Gemini, have insurance policies for digital assets held in their exchanges, but we still wouldn’t take any chances. Hardware, software, and paper wallets are regarded as much safer options for storing cryptocurrency. The CEO of one major exchange, Kraken, even tweeted earlier this year, “Please do not store more coins on an exchange (including @krakenfx) than you need to actively trade.”
Hardware wallets are the best choice for most people, offering a balance of security and accessibility.
“Hardware wallets are purpose-built devices that store your private keys in a secure element chip,” Stone explained. “This means that you can compile a transaction on an internet-enabled machine and then sign it with your offline keys.” Your private keys are never revealed to the computer. The wallet simply sends a message to the computer confirming the transaction, without ever touching the internet itself.
“Hardware wallets are a good mix between security and ease of use,” Moss said. “The device itself cannot be hacked and even has a seed backup in the case of the device being lost or stolen.” The only drawback to a hardware wallet is convenience. Unlike a software wallet or exchange, you have to have the physical device on you to make a transaction.
Software, or “hot” wallets, are desktop, mobile, or online programs that store your coins. They sacrifice some of the security of a hardware wallet for more convenience, and they’re usually available for free.
“A software wallet is usually much easier for newbies to get started with,” Jonha Richman, marketing and partnerships advisor with several cryptocurrency companies, told us.
The problem is that they’re still connected to the internet, so your assets could be susceptible to malware or viruses on your computer. “The risk of malware and internet hacking vulnerability does not provide the best protection. Desktops are constantly connected to the internet,” Moss said.
Most people who dip their toes into crypto start by using hot wallets. “As users become more familiar with the usage of cryptocurrencies or simply want to HODL (a term often used to indicate holding on to cryptocurrencies without any plans in the near future to either spend or transfer) then many often consider the idea of hardware wallets,” said Richman.
There is one type of hot wallet we wouldn’t recommend: your phone. “Mobile is, by far, the absolute worst way to protect access to your coins,” Moss said. “Too much information, such as your geo-location and phone number are associated with mobile apps and therefore, your wallet.”
Paper wallets are arguably the most secure but least convenient options for storing cryptocurrency.
“Paper wallets are just pieces of paper with the key or seed written on them. In order for someone to steal it, they would literally have to physically access your paper key,” Moss told us. The private key is generated within a web browser, along with a public address where you send the coins.
The key is never connected to the internet, which makes it incredibly secure, but it also takes some technical know-how. Once you want to access your coins, you’ll have to import the private key into a software wallet. For most users, this isn’t the best option, as paper wallets are easily destroyed or lost, and not the easiest to use.
Purchase from a verified seller
The biggest threat to your bitcoin wallet happens before it’s even in your hands. Supply chain attacks occur when the device is compromised before you set it up, which can happen when you buy from third-party sellers.
“We've seen cases where even those with cold wallet are often scammed of their coins when they buy them from fake suppliers who have already tampered with their hardware wallet,” Richman told us. We recommend only buying from the manufacturer’s site directly, or from its verified account on Amazon.
Use a unique PIN
Every hardware wallet requires a PIN — usually about eight digits long — to access its private keys. Make sure this PIN isn’t something you’ve used elsewhere. Anyone who can guess this number could immediately empty your entire wallet. That said, most wallets are automatically wiped after a number of unsuccessful attempts (three for ledger, 15 for Trezor). From there, only the recovery phrase will restore access to the wallet’s private keys.
Keep your recovery phrase safe
When you set up your hardware wallet, you’re provided with a series of randomly generated words that you write down. These can be used to recover your assets if your wallet is ever locked or lost. For the Ledger and Trezor One, this phrase is 24 words, while the Trezor Model T is only 12. “Your hardware wallet will only ever be as secure as this seed phrase so you absolutely must keep it somewhere safe and private,” Stone said.
Bitcoin Wallet FAQ
How do bitcoin wallets work?
Cryptocurrency is not actually stored in your bitcoin wallet. The wallet instead stores the private keys that allow you to access the coins on the blockchain or other distributed ledger technology, where all cryptocurrency is stored. “A private key is just a very long string of numbers and letters that acts as the password to your cryptocurrency wallet,” Moss said. “The key creates an address that does not reveal the key itself.”
Is bitcoin bad for the environment?
In short, yes. Cryptocurrency transactions use a staggering amount of energy. According to some estimates, the network of computers used to power bitcoin eats up as much energy in a day as a mid-sized country. And that’s just bitcoin, which currently accounts for about half of the world’s cryptocurrency. While these estimates vary, pretty much everyone agrees a lot of energy is being consumed.
What is the blockchain?
A blockchain is a database of transactions. Everything that happens on the blockchain is time-stamped, immutable, and verified, meaning transactions cannot be erased or altered once they’re recorded. Every time bitcoin is bought, sold, sent, or received, the blockchain records that occurrence. This is the foundation of cryptocurrency in general: ultimate transparency. It’s not owned by any one entity, and it’s open for everyone to see at any time.