Crypto seed phrase backup
Last updated: 1 Jun 2026
A hardware wallet is only as safe as your backup. Storing a 24-word seed phrase in Apple Notes, Google Keep, or a camera roll photo is one of the most common ways people lose crypto—or leak it.
Why shouldn't I store my seed phrase in Notes?
Notes apps sync to the cloud by default, appear in backups, and lack field-level encryption designed for secrets. A single device compromise or accidental share exposes the entire phrase. NT² encrypts the mnemonic before it touches disk using AES-GCM with your vault key.
Is a photo of my recovery sheet safe?
No. Photos sync to iCloud/Google Photos, appear in gallery search, and survive even after you delete the image from the camera roll. Use a structured Crypto template with masked fields and copy-to-clipboard that auto-clears instead.
How does NT² protect my mnemonic?
Your master password derives a vault key via PBKDF2 (100,000 iterations). The mnemonic is encrypted with AES-GCM and a unique IV per item. Keys stay in browser memory only while unlocked. See How it works.
What if I lose my device?
Export a .nt2vault backup to encrypted storage you control. Without your master password or that backup, no one—including NT²—can recover the phrase.
The problem with "just write it down somewhere"
Most crypto losses are not exchange hacks—they are backup mistakes:
| Common habit | Risk |
|---|---|
| Notes app draft | Cloud sync, search indexing, accidental paste |
| Screenshot of phrase | Photo backup, gallery sync, shared albums |
| Email to yourself | Server-side storage, forwarding, breach exposure |
| Paper only | Fire, flood, travel loss—with no encrypted digital copy |
NT² does not replace a fireproof paper backup for cold storage purists. It gives you an encrypted digital copy with structured fields, copy buttons, and offline access when you need to verify or restore.
Use the Crypto wallet template
When you create a vault:
- Add a Crypto wallet item.
- Enter the wallet name and paste the recovery phrase into the dedicated field—it is masked in the UI.
- Optionally store a private key or derivation path in separate fields.
- Export a
.nt2vaultbackup to USB or another device you control.
Your phrase never leaves the browser unencrypted and is never uploaded unless you explicitly enable Premium blind sync (ciphertext only).
Related topics
- Use cases — fictional scenarios including cold wallet setup
- Backup & recovery —
.nt2vaultexport and device migration - Security guidelines — master password and device hygiene