Home
Round-Ups
Card
Business
Security
Learn Bitcoin
About
Bitcoin price
Categories
Home
Securing your Bitcoins

What is a passphrase on a Bitcoin wallet?

Disponible en podcast
Share article:

If you have followed the series” Securing your bitcoins ” on the Bitstack blog, you now know that bitcoins are generally secured by pairs of cryptographic keys. You also know that, in the case of deterministic and hierarchical (HD) wallets, a sentence composed of 12 or 24 words allows you to recover access to all the keys in your wallet.

This sentence represents a single point of failure for your wallet (SPOF). If a malicious individual has access to it, they could steal all of your bitcoins.

In this article, we study a solution to improve the security of a Bitcoin wallet: the BIP39 passphrase. Find out what a passphrase is, what its role is and what are the best practices to follow when using one.

Understanding the role of passphrase

A passphrase is simply an additional, optional password that the user chooses to add to their Bitcoin wallet.

It should not be confused with software passwords or PINs, which only have a locking function, but do not intervene in the derivation. The passphrase, on the other hand, is involved in deriving the cryptographic keys of the wallet. It is at the same depth as the recovery sentence (24 words).

In other words, if you set up a passphrase on your wallet, the 24-word sentence alone will no longer be enough to recover your bitcoins. You will need to have the recovery phrase and passphrase.

Attention, it is not uncommon to come across other terms that describe the concept of passphrase such as “two-factor seed sentence”, “seed extension” or even “25th word”.

It is important to understand that applying a passphrase to a recovery phrase generates a completely new wallet, with public keys and private keys that are different from the same wallet without a passphrase. In the same way, simply changing a single character on the passphrase will generate yet another Bitcoin wallet.

Thus, it is advisable to secure your passphrase well, in the same way as you would secure your recovery sentence. Both are essential in case of problems.

What is the difference between a passphrase and a recovery sentence?

As mentioned in the previous part, the passphrase and the recovery phrase (24 words) are used together to determine the seed of the HD wallet, the master key, and therefore all the cryptographic keys that derive from it.

The recovery phrase and the passphrase are thus two different elements. Unlike the passphrase, which is absolutely optional, the recovery phrase is not. If you use a deterministic and hierarchical portfolio, you will necessarily have to have your sentence of 12 or 24 words.

In addition, the recovery sentence must respect a certain form. It is established on a list of words indicated in BIP39, and it must have a checksum. On the contrary, the passphrase is completely free. It can be chosen arbitrarily by the user and is not subject to any restrictions (except for a maximum size limit).

➤ For more information on building a recovery sentence, read our complete article on this subject.

In technical terms, passphrase represents what is called a “cryptographic salt.” The function used to go from the mnemonic phrase and passphrase to the seed is called “PBKDF2".

Why use a passphrase?

First of all, the passphrase makes it possible to improve the security of a Bitcoin wallet by distributing the risks associated with the recovery phrase over two different factors. So the single point of failure is removed.

Indeed, in the case of a traditional wallet, if a thief accesses your recovery phrase, he can immediately access all of your bitcoins. On the other hand, if you have set up a passphrase on this wallet, then the recovery phrase alone is no longer enough to access the bitcoins. You need the 24-word sentence and the passphrase.

Since the derivative wallet with passphrase is different from the same wallet without passphrase, this strategy can be used to avoid physical attacks. If you are threatened to steal your wallet, you can give the one without the passphrase. It is even possible to imagine a strategy with a passphrase wallet securing only a small part of your savings, and the same passphrase wallet securing most of your bitcoins. In the event of a physical attack, you can give the wallet without a passphrase in order to satisfy the thief, without losing most of your bitcoins.

Moreover, passphrase can also be useful in order to avoid the need for confidence in the random nature of the generation of the recovery sentence. Since it can be chosen arbitrarily, the user can perfectly control its generation. For example, if you don't have confidence in how your portfolio generates your 24-word sentence, using a passphrase you've chosen on top of it helps mitigate existing risks.

How to properly use passphrase on Bitcoin

A good passphrase is built in the same way as a good password. The aim is to ensure that it is resistant to brute-force attacks.

A brute-force attack is a cryptoanalysis method used to try to find a password by testing all possible combinations one by one.

So, a good passphrase should:

  • Be long enough;
  • Have a variety of characters (uppercase, lowercase, numbers and symbols);
  • Be as random as possible.


Once the passphrase has been chosen, it is important to make one or more backups, in the same way as keeping the recovery phrase. You can thus write it down on a paper or metal support, making sure to keep it legible and in order. It is often advisable not to store the passphrase copy and the recovery phrase copy in the same place, in order to avoid having both stolen simultaneously.

In the same way as for a recovery sentence, I strongly advise you to check the validity of your passphrase backup by performing a recovery test. While your wallet is still empty, write down witness information, delete the empty wallet, and attempt to recover it only with your backup of the recovery phrase and passphrase.

➤ Discover concretely how to perform a recovery test.

What are the risks associated with using a BIP39 passphrase?

Setting up a passphrase on a Bitcoin wallet is not trivial. It is important that you fully understand its technical functioning and the risks that this involves before implementing it.

First of all, using a passphrase increases the complexity of your Bitcoin wallet, and therefore, mechanically, it increases the risk of loss. Securing bitcoins is only a question of compromise between the risk of loss and the risk of theft. Passphrase reduces the risk of theft, but it amplifies the risk of loss in return.

Then, unlike the recovery phrase, the passphrase has no restrictions on its form. In case of recovery, if the passphrase is saved incorrectly, this can cause problems. Above all, a passphrase does not have a checksum to verify its validity. Care must therefore be taken to make well-readable backups.

Conclusion

A passphrase is an optional password that can be added to a Bitcoin wallet. It acts directly on the basis of the derivation tree of cryptographic key pairs.

Personally, I see passphrase as an intermediate solution between the classic wallet and the multi-signature wallet. It makes it possible to simply improve the security of a personal wallet, without requiring additional investments and while maintaining a much simpler management than that of a multi-GIS.

In next week's article, we will see concretely how you can add a passphrase to a Bitcoin wallet.

➤ Discover the complete tutorial to configure a BIP39 passphrase.

Podcast available

Table of contents

...
Share article
Loïc Morel
Spécialiste Bitcoin
Bitcoin
Cryptography
Cryptographic keys
Self-custody
HD wallet
Securing
Published on24/5/2023et mis à jour le19/9/2025
Bitstack provides its clients with articles and/or educational content on its website and application. All information is provided for informational purposes only, even if it is based on reputable and reliable sources. The articles or educational content are intended solely as general information for the reader. If you choose to invest in digital assets (Bitcoin), you must be aware of and understand the designated service and accept the associated risks.

You may also like these articles

Securing your Bitcoins
Comment configurer et utiliser la Ledger Nano S Plus ?
Securing your Bitcoins
Bitcoin recovery phrase: 12 vs. 24 words
The #1 Bitcoin savings app.
Product
Roundups
Card
What is Bitcoin
Security
Pricing
Bitstack
About
Learn Bitcoin
Business
Media & Press
News
Careers
Help
FAQ
Community
Contact us
Language
© 2025 Bitstack
Terms and conditions
Privacy
Legal agreements
Bitstack SAS, a company registered with the Aix-en-Provence Trade and Companies Register under number 899 125 090 and operating under the trade name Bitstack, is licenced as an agent of Xpollens — an electronic money institution authorized by the ACPR (CIB 16528 – RCS Nanterre no. 501586341, 110 Avenue de France, 75013 Paris) — with the Autorité de Contrôle Prudentiel et de Résolution (ACPR) under number 747088, and is also licensed as a Crypto-Assets Service Provider (CASP) with the French Financial Markets Authority (AMF) under number A2025-003 for the following activities: exchange of crypto-assets for funds, exchange of crypto-assets for other crypto-assets, execution of orders for crypto-assets on behalf of clients, providing custody and administration of crypto-assets on behalf of clients, and providing transfer services for crypto-assets on behalf of clients, with its registered office located at 100 impasse des Houillères, 13590 Meyreuil, France.

Investing in digital assets carries a risk of partial or total loss of the invested capital.
Past performance is not indicative of future results.
DOWNLOAD BITSTACK