Need help choosing a safe hardware crypto wallet

General
1

I’m looking for advice on picking a reliable hardware crypto wallet to store my long‑term holdings. I’m confused by different brands, security features, and backup options, and I don’t want to risk losing my coins or getting scammed. What should I prioritize when choosing, and which models are truly trustworthy for long‑term cold storage?

2

Short answer for long term storage:

  1. Pick a serious brand

    • Ledger Nano X or Nano S Plus
    • Trezor Model T
    • Coldcard (for Bitcoin only, more advanced)

  2. Security basics

    • Make sure it is bought from the official store, not Amazon or eBay.
    • Check the device is sealed and you set it up from scratch.
    • Ensure it shows the seed phrase on the device screen, not only on a PC or phone.

  3. Seed phrase / backup

    • Write the 12 or 24 words on paper, twice.
    • Store the copies in two different safe places.
    • For higher security, use a metal backup like Cryptosteel, Billfodl, or similar. Fire and water ruin paper.
    • Never type the seed phrase into a computer or photo app.

  4. PIN and passphrase

    • Use a strong PIN on the device.
    • If you want extra security, use a passphrase feature. This creates an extra hidden wallet.
    • If you use a passphrase, write it down and treat it like part of the seed. Lose it and your coins are gone.

  5. Vendor trust and tradeoffs

    • Ledger uses a secure element chip and closed source firmware. Good physical security, less transparency.
    • Trezor is open source, uses a general MCU chip. Easier to audit, slightly weaker to physical attacks.
    • For most people, both are more than secure enough if an attacker does not have your seed.

  6. Daily use vs long term

    • For long term, keep the hardware wallet in a safe, use it rarely.
    • For small spending, use a hot wallet on your phone. Keep large balances on the hardware wallet only.

  7. Simple setups that work

    • Beginner: Trezor Model One or Ledger Nano S Plus, single seed, metal backup later.
    • Intermediate: Trezor Model T or Ledger Nano X, seed on metal, passphrase for high value.
    • Advanced: Coldcard with air gapped setup and multi sig, only if you want to learn more and accept more complexity.

  8. Things that wreck people

    • Storing the seed in cloud notes or screenshots.
    • Letting browser extensions or random “wallet recovery services” see the seed.
    • Using only one paper backup kept at home, then losing it in a fire or move.

If you want simple and safe:
Trezor Model T or Ledger Nano S Plus, two metal backups, stored in two locations, PIN set, no passphrase until you feel confident.

3

I mostly agree with @waldgeist, but I’d look at this from a slightly different angle: threat model and future you.

1. Start with your actual threat model

Instead of “what’s the best wallet,” ask:

  • Who are you worried about: malware, nosy roommate, burglars, government, yourself being forgetful?
  • How big is the stack: “painful if lost” vs “life‑changing if lost”?

For 90% of people:

  • Main risk: phishing, fake apps, typing seed into a PC, bad backups.
  • Not main risk: someone with a hardware lab decapping your chip.

That’s why I slightly disagree with obsessing over Ledger vs Trezor physical attack angles. If someone can physically and professionally attack your device, your opsec is already far beyond normal.

2. Brand choice by use case

Instead of just listing models, I’d group it like this:

  • If you want simple and visual:
    • Trezor Model T: touch screen, clear UI, great for beginners who double‑check addresses.
  • If you want mobility and Bluetooth:
    • Ledger Nano X: works well with phone, solid ecosystem.
  • If you want Bitcoin only & nerd knobs:
    • Coldcard: great for airgapped setups, PSBT via microSD.
  • If you want something in the open‑source + secure element camp:
    • BitBox02 (Bitcoin‑only or multi‑coin): nice middle ground, compact, good UX.

I’d actually put BitBox02 on the list along with Ledger / Trezor. It often gets ignored, but it’s a solid contender.

3. Backup strategy: versioning, not just material

Everyone talks about metal vs paper. The bigger problem is version control.

People do stuff like:

  • Write the seed once
  • Move coins
  • Later change setup (new passphrase / new wallet)
  • Forget which backup corresponds to which wallet

To avoid that:

  • Label backups with a neutral code the future you understands. Example: “Wallet A / created 2026‑01 / no passphrase”
  • Keep a simple written note elsewhere that says something like:
    • “Wallet A = long term BTC + ETH, no passphrase”
    • “Wallet B = long term BTC only, has passphrase”
      No seeds on that note, just mapping.

I partially disagree with “just add a passphrase when you feel confident.” Too many people “feel confident” then forget it. If you use a passphrase, treat it like a different wallet and deliberately document that it exists.

4. Single device vs multi‑device

For meaningful long‑term holdings, I’d consider:

  • 1 primary hardware wallet
  • 1 spare of the same brand/model kept unused

Reason: if the first fails or is destroyed, you restore from seed to the identical model with minimal confusion. You don’t strictly need this, but it removes panic when a device dies.

5. Multisig: when and why

People jump into multisig early because it “sounds safer.” It can be safer, but:

  • More moving parts
  • More ways to screw up backups
  • More things that must be tested

Use multisig only if:

  • You hold an amount that justifies the hassle
  • You are willing to practice recovery before there is a real emergency

A simple 2‑of‑3 with:

  • 2 hardware wallets of different brands
  • 3 separate metal backups in 3 locations
    can be excellent, but only if you fully understand it. Otherwise single‑sig + solid backup hygiene is safer in practice.

6. Don’t skip test restores

Most people never actually test their backup. That’s like saving a Word document and never trying to open it.

Do this at least once:

  • Take the seed
  • Get a fresh device or wipe an old one
  • Restore from the seed
  • Confirm the balance and addresses match

If that feels too scary or complex, then your setup is probably too complex for you right now.

7. Practical picks by profile

  • “I’m new, I want long‑term and not too much brain damage”

    • Trezor Model T or BitBox02 Multi
    • Seed backed up on paper + one metal, two locations
    • No passphrase yet
    • Test restore once

  • “I’m semi‑technical, amount is significant”

    • Ledger Nano X or BitBox02 Bitcoin‑only (if you’re BTC‑focused)
    • Metal backup, two locations, written versioning
    • Consider passphrase, but document that it exists and test restore

  • “I’m Bitcoin only, paranoid, and willing to study”

    • Coldcard + maybe a second vendor for multisig later
    • Airgapped PSBTs
    • Strong metal backups, test restores, maybe multisig

8. The real killers

It’s not usually the device that fails. It’s:

  • Confusing multiple seeds and not knowing which one has the real funds
  • Losing a passphrase you thought you’d “never forget”
  • Falling for a fake Ledger/Trezor/MetaMask “recovery” site
  • Forgetting that you stored the only paper in a drawer you later tossed while moving

If you design your setup around “future tired stressed me” instead of “present focused me,” you’ll be way ahead of most people.