When you’re holding bitcoin or cryptocurrencies in general, wallet security should always be a number one priority to prevent unnecessary losses to one’s funds. Having your funds stored in an unsecure manner is simply a disaster waiting to happen.

No matter how knowledgeable you are with bitcoin or how good you are at picking coins and tokens to invest in, none of these things really matter if your funds aren’t secure to start with.

In this guide, we’re going to go in depth to the types of bitcoin and cryptocurrency wallets, along with their advantages and disadvantages.

Table of Contents

Custodial Wallets

Non-Custodial Wallets


Custodial Wallets

Custodial wallets are wallets whereas you don’t have control and or access to your wallet’s private keys; instead, you are entrusting your wallet’s private keys to the company that owns the exchange/wallet service, whereas your private keys are stored online on the company’s servers. Custodial wallets are mostly accessed via logging in on a website/app using a username/email address and a password, instead of a 12-24-word recovery seed.

You can think of a private key/recovery seed as the login credentials of your PayPal or online banking account; whereas if someone gains access to them, they can effectively steal your funds. But in bitcoin’s case, if your money gets stolen, it’s final. The chances of you getting back your coins from hackers is next to impossible.

While some of the more reputable custodial wallets are quite secure and haven’t been hacked yet, storing your coins that are worth significant amounts of money on custodial wallets is still heavily not recommended, as you could potentially lose access to all your coins if ever the custodial gets hacked or suddenly shuts down.

“There are only two types of companies: those that have been hacked, and those that will be”

-Robert Mueller, FBI Director, 2001-2013

Risks of confiscation

While it might be unlikely, besides of hackers, one of the major risks with custodial wallets is that they can revoke your access to your wallet by simply disabling your account; sometimes due to them requiring strict know-your-customer(KYC) and anti-money laundering(AML) verifications, sometimes due to very shallow reasons like you withdrawing funds from gambling sites, and sometimes even without any provided reason at all.

“Not your keys, Not your bitcoin”

–Andreas Antonopoulos

Save yourself the headaches, and use a reputable custodial wallet instead. Preferably, a good hardware wallet.

Custodial wallet’s include:

1. Cryptocurrency Exchanges

While exchanges are technically not wallets, bitcoin and cryptocurrency exchanges are often one of the most preferred choices for people who hold a bigger variety of coins, due to them being able to store most if not all of their coins on certain exchanges.

Unfortunately, exchanges being hacked are a fairly common occurrence, due to the huge potential reward for the hacker(s) if the exchange’s security is successfully cracked. Hence, it’s only recommended to leave coins on exchanges if you’re actively trading them.

If you do frequently leave your funds on exchanges for trading, we heavily suggest learning how to properly secure your exchange accounts.


  • Support for bigger variety of coins
  • Being able to buy/sell coins quickly
  • Convenience due to the usage of a username and password


  • Constantly a very hot target for hackers
  • Can be very insecure depending on the exchange
  • Exchange account credentials can be easier to crack

Some past exchange fraud and hacks:

If you’re interested, here’s a timeline of the cryptocurrency exchange hacks that occurred since 2011.

2. Web wallets

Just like with exchanges, web wallets, which are also referred to as “online wallets”, are wallets whereas you access your funds by logging in to a website/app using a username/email address and a password; and whereas your wallet’s private keys are stored on the wallet company’s servers.

Some web wallets like Coins.ph of the Philippines has some great features built in like being able to buy prepaid load, buy gift cards, pay bills, and such, within the wallet itself, which is definitely a handy feature if you like spending your bitcoin.

Another great feature would be instant off-chain transactions with wallets like Coinbase, whereas you wouldn’t need to wait for confirmations like in a typical bitcoin transaction if the person you’re transacting with is also using a Coinbase wallet.


  • Instant off-chain transactions on some web wallets
  • Potentially can have great features
  • Convenience due to the usage of a username and password


  • Accounts of certain people can potentially be locked/censored
  • Constantly a very hot target for hackers
  • Can be very insecure depending on the wallet
  • Web wallet login credentials can be easier to crack

Non-custodial Wallets

With non-custodial wallets, you have true ownership with your wallet, as your wallet’s private keys are only stored on your device locally, and not some company’s servers; effectively eliminating most of the security disadvantages when using custodial wallets.

You can pretty much send and receive coins from and to wherever you want, without anyone potentially stopping you, censoring you, or locking up your funds.

With non-custodial wallets though, you really need to make sure that only you have access to your recovery seed; and that you don’t store your recovery seed online to make it next to impossible for the hackers to get a hold of it. Instead, simply write down your recovery seed on pieces of paper instead, and keep them on a fire-proof safe.

NOTE: Private keys come in the form of a 12-24 word “recovery seed” on most wallets

Non-custodial wallets include:

1. Software wallets

Software wallets are wallets whereas you download and install a certain wallet program/app on your computer or mobile device, and whereas you use a 12-24 word seed to access your funds instead of using a username and password.

There are still risks with software wallets though, as certain computer malware/viruses might be able to access your wallet’s private key(s), hence potentially stealing your coins. It’s your responsibility to make completely sure that the device you’re using is free from malware and viruses.


  • Full control over your funds
  • Ability to use custom fee amounts
  • Decently convenient


  • Writing down your recovery seed can be a hassle
  • Wallet security depends on your device’s security

Desktop vs Mobile software wallets:

While both mobile phones and computers can be both infected by malware and viruses, computers, especially devices with a Windows operating system installed, are simply more prone to malware and viruses as most malware and viruses are still mostly targeted towards computers. Chances are, that your mobile phone is more secure than your personal computer.

Some tips:

  • Frequently do virus scans using your favorite antivirus/antimalware software.
  • Stop downloading and installing unnecessary files and programs.
  • If you’re holding coins that are worth significant amounts, store your funds using a hardware wallet instead.
  • Make sure your device and wallet’s software is up to date.

Software wallet recommendations:

Desktop Android iOS
Electrum (bitcoin) Samourai (bitcoin) Copay (bitcoin)
Wasabi Wallet (bitcoin) Mycelium (bitcoin) BRD (bitcoin)
Exodus (multi-coin) Atomic Wallet (multi-coin) Atomic Wallet (multi-coin)

2. Hardware Wallets

The Ledger Nano X

Hardware wallets are mostly small flashdrive-like devices whereas your private keys are only safely stored on the hardware device itself, and never leaves the device even if you make a transaction. Hence, even if transacting on a malware-infected computer, the chances of hackers gaining access to your private keys are pretty much almost next to zero, making a hardware wallet a really ideal way of storing bitcoin or other cryptocurrencies, as it has the perfect balance between security and convenience.

One of the only downsides of hardware wallets is that it costs a bit of money. Hardware wallets might be a bit expensive for some people especially if you only hold coins that aren’t worth that much; but if you’re holding probably at least worth $500+ of funds, and that you’re planning on holding them for a long time, getting a reputable hardware wallet should be one of your main priorities. Better to spend a hundred dollars on a hardware wallet than to risk your funds on exchanges and other wallets from getting locked or stolen.

Take note: Using a hardware wallet for your funds is pointless if you store your recovery seed digitally on your computer or on your phone. Only store your recovery seed on pieces of paper.


  • Full control over your funds
  • Ability to use custom fee amounts
  • Ability to spend your funds even on an infected computer/phone
  • Decently convenient
  • Supports a wide variety of coins


  • Costs a good amount of money
  • Writing down your recovery seed can be a hassle
  • Slightly less convenient compared to software wallets

Hardware wallet recommendations:

3. Paper Wallets

A paper wallet is a wallet that, you guessed it: private keys that are printed on a piece of paper.

Paper wallets are a good alternative to hardware wallets as you only need a computer, a reliable printer, and a clean sheet of paper. While paper wallets is an appealing option for some due to it being non-custodial and pretty much free, we heavily suggest against using paper wallets.

Paper wallets are really easy to make but are quite difficult to make in a secure manner. Take note that it’s really not advisable to use paper wallets to store your funds if you don’t have the knowledge to create one in a secure manner, in a way whereas hackers have no way of stealing your private keys by removing all potential ways of hackers accessing your computer as you make a paper wallet.

Simply right-off printing a paper wallet from your personal computer without taking huge amounts of safety precautions(like using an air-gapped device) may end you up having a very insecure paper wallet. Potentially even more risky in terms of security than a web wallet if not done well. If you’re not sure how to make one securely, don’t risk it. Go the safe and easy route and purchase a hardware wallet instead.

Also, take note that paper itself is very prone to damages. Simply just soaking your paper wallet with water may make your coins inaccessible; so always make sure to store your paper wallets on somewhere safe and dry.

We only suggest the usage of paper wallets if:

  • You’re confident that you can make one in a secure manner
  • You’re only planning on holding your coins, and not spending them any time soon


  • Costs almost nothing
  • Full control over your funds
  • Can be completely secure if done correctly


  • Can be difficult to create one in a secure manner
  • Prone to damages
  • Inability to spend your funds without exposing the private keys

Wallet security tips

Private key/Recovery seed storage

It’s technically possible to store your recovery seed in a safe and secure manner digitally, but similar to paper wallets, we heavily suggest against this if you don’t know what you’re doing. Do not save your recovery seed on a .txt file, a word document, on your email, your phone’s notes app, an SMS message, or anywhere digitally that can easily be accessed by hackers.

Go with the simpler route: simply write down the 12-24 word recovery seed on pieces of paper and keep them out of reach for anyone else besides you.

Multiple private key backups

We suggest having backups of your private keys on at least 2 different locations, to prevent sudden losses of your backups if ever certain accidents and calamities occur like fires and floods. Again, make sure the sheets of paper are well hidden or difficult to access.

Usage of Custodial wallets

The usage of custodial wallets like web wallets isn’t necessarily bad, as they also have their specific uses. Just make sure to not leave huge sums of money onto your web wallets, due to the risks stated earlier.

Think of custodial wallets as your physical wallet that you bring everywhere, and your hardware wallet as your local bank; whereas you probably wouldn’t leave all your money on your physical wallet. Instead, you leave probably a maximum of around $200 on your wallet(depending on your lifestyle), and you leave all the rest on your local bank(hardware wallet).

Always make sure your software is up to date

Regardless if you’re using a web wallet, a software wallet, or a hardware wallet, always make sure your device’s operating system and your device’s wallet apps/programs are always on their latest versions. Operating systems and wallet apps/programs frequently implement new updates to make sure everything is as secure as possible.

Outdated wallet software and device firmware can be potentially be taken advantage of by hackers.

Avoid keeping funds on exchanges

As much as possible, only leave funds on exchanges if you’re actively trading your coins. If not, there’s really no reason to leave your coins there due to the risks. If you want a wallet that has a wide variety of coins to be stored, grab a hardware wallet.

Invest in a hardware wallet

We can’t stress this enough. People tend to think that certain exchanges and wallets are sort of “unhackable” while in fact, nothing is really unhackable. Even hardware wallets are hackable. The thing is though, is that the security of hardware wallets are significantly a lot harder to crack compared to web wallets and software wallets.

Ledger Nano

Sign up to our Newsletter

Want to get notified when an exchange gets hacked?

 Sign up to our newsletter below to get immediately notified for news concerning security.

3 Responses

  1. July 10, 2019

    […] planning on holding significant amounts of cryptocurrencies long term, investing in a reputable hardware wallet is absolutely […]

  2. July 26, 2019

    […] matter how secure your bitcoin or cryptocurrencies are, even if you own a reputable hardware wallet and have your recovery seed stored safely in a locked safe, these safety precautions can be […]

  3. December 3, 2019

    […] Download Image More @ cryptosec.info […]

Leave a Reply

Your email address will not be published. Required fields are marked *