Physical Security

Last updated: 2026-04-13

The biggest threat to most Bitcoin holders isn't a hacker — it's someone who knows they have bitcoin and shows up at their door.

Keep a Low Profile

Best defense: nobody knows you have anything worth stealing.

  • Don't advertise your holdings. No social media posts, no stickers on your laptop, no bitcoin t-shirts at the airport.
  • Be vague at meetups. You can be interested in Bitcoin without disclosing your stack.
  • Assume KYC data will leak. If you bought on an exchange with identity verification, your name is in a database. Exchanges get hacked. Plan accordingly.
  • Reduce your digital footprint. P.O. boxes instead of home addresses. LLCs for property ownership where legal. Email addresses without your real name for Bitcoin-related accounts.

Duress Planning

A five-dollar wrench attack is someone using physical force to make you hand over your bitcoin. Having a plan for this matters more than the fanciest security setup.

Decoy Wallets

Keep a small, believable balance in a wallet you can hand over under duress:

  • Bare seed (no passphrase): Anyone who gets your seed words sees this wallet. Enough to satisfy an attacker, not enough to devastate you.
  • Passphrase wallet: Your real holdings. The attacker doesn't know this exists.

COLDCARD Trick PINs

COLDCARD has special PINs for duress scenarios:

  • Duress PIN: Opens a wallet with a decoy balance. The attacker thinks they're in.
  • Wipe PIN: Silently wipes the seed. The device appears reset. Restore from backup later.
  • Countdown PIN: Forces a time delay (hours or days) before unlock. Buys time to get safe or alert authorities.
  • Brick PIN: Permanently destroys the secure element. Device is dead forever. Last resort only.

Set these up in Settings > Login Settings > Trick PINs.

Geographic Distribution

If everything is in your home — device, backups, passphrase notes — a single burglary or house fire wipes you out.

For single-sig with passphrase:

  • Home: COLDCARD + one seed backup
  • Second location (30+ miles away): Second seed backup + passphrase backup

For 2-of-3 multisig:

  • Location A: COLDCARD #1 + seed #1 + wallet descriptor
  • Location B: COLDCARD #2 + seed #2 + wallet descriptor
  • Location C: COLDCARD #3 + seed #3 + wallet descriptor

No single location gives full spending power.

Device Security

Your COLDCARD is air-gapped and physically secure by design. The computer or phone running your wallet app is not.

  • Use a dedicated device for Bitcoin operations. A laptop running only Sparrow has a far smaller attack surface than your daily driver.
  • Enable full-disk encryption on all computers and phones.
  • Enable Apple Lockdown Mode on iPhones for protection against sophisticated attacks.
  • Don't install random browser extensions. Many have been compromised to steal cryptocurrency.
  • Use a password manager with a strong master password for all online accounts.

Authentication Security

  • Never use SMS-based 2FA. SIM swap attacks are common and trivial. Use hardware security keys (YubiKey) or authenticator apps.
  • Be skeptical of phone calls. Someone claims to be from a bitcoin company, bank, or exchange? Hang up. No legitimate company asks for your seed, passphrase, PIN, or 2FA codes by phone.
  • Verify addresses through multiple channels. Before sending large amounts, confirm the destination address via a second communication method.

Regular Security Maintenance

Review your setup quarterly:

  • Are your backups still accessible and intact?
  • Have you tested a restore recently?
  • Has your threat model changed (moved, new family situation, changed jobs)?
  • Are your wallet apps and device firmware up to date?
  • Does your inheritance plan still work?