A "25th word" passphrase is an optional extra word or phrase that you add to a standard 24-word seed phrase to create a different, hidden wallet. On devices that support it, the passphrase acts as an additional input when deriving private keys from your seed phrase (BIP-39). The result: the same 24 words + one passphrase produce a different set of private keys than the 24 words alone.
This concept is often searched as "25th word passphrase ledger" or "ledger passphrase 25th word" because many hardware wallet users want to know how the extra word changes recovery and access. In plain terms: the passphrase is like a second password that changes which safe your seed phrase opens.
Think of your 24-word seed phrase as a master key that always unlocks a primary safe. The passphrase is another key you can tack on; if you enter it together with the 24 words you open a different safe. Mathematically, the passphrase gets combined with the seed phrase to derive a new private-key set. (That’s BIP-39 behavior.)
I should be clear: the passphrase itself is not part of the 24-word seed. It’s a separate secret you must remember or store. In my testing, this is the most common point of confusion — people assume the seed alone is enough to restore everything.
Example: I once stored a small spending wallet for daily use and a hidden wallet with larger holdings. The separation let me use the easier wallet for daily operations while keeping long-term holdings out of sight.
And yes, that extra layer does increase complexity.
Using a passphrase is not without cost. Here are the main concerns I see in real-world use:
But you can't skip testing after setup. Test restores. Seriously.
How to (practical) — follow these steps to reduce risk:
But don't write the passphrase in an email, cloud note, or any place tied to your identity.
Q: Can I recover a passphrase-protected wallet if my hardware wallet breaks?
A: Yes — if you have both the 24-word seed phrase and the exact passphrase, you can restore the wallet on any compatible hardware or software wallet that supports BIP-39 passphrases. However, without the passphrase, the protected wallet is unrecoverable. This is why people search for "passphrase recovery ledger" — combining the two pieces is mandatory for recovery.
If you plan to recover on third-party software, verify that the software supports entering a passphrase (sometimes called an additional BIP-39 passphrase or a hidden wallet). Always test in advance using tiny amounts.
For additional planning around device failure and company risk, see recovery-when-device-breaks and company-bankruptcy-and-business-risk.
| Strategy | Security against seed-theft | Recovery complexity | Best for |
|---|---|---|---|
| No passphrase (24 words only) | Low (seed alone grants access) | Simplest | Beginners, low balances |
| 25th-word passphrase (hidden wallet) | Medium-High (attacker needs both) | High (must remember/passphrase backup) | Individuals needing plausible deniability or single-device extra protection |
| Multisig (multiple keys) | High (attacker needs N-of-M keys) | Moderate-High (coordination for recovery) | Advanced users, high-value holdings, shared custody |
This table gives a practical view. In my experience, multisig is the safer long-term option for large holdings, but passphrases are useful when you need a single-device extra layer.
Q: What happens if I forget my passphrase?
A: Forgetting it means you cannot derive the private keys for that hidden wallet — funds are lost. Always keep a tested backup.
Q: Is the passphrase the same as the device PIN?
A: No. The PIN unlocks the device locally. The passphrase changes the derived wallet and is required for risk mitigation and hidden wallets.
Q: Should I engrave my passphrase on metal?
A: You can, but keep it separate from the seed phrase. Metal backups resist fire and water, but anyone who finds both metal pieces gains access.
Q: Is a "hidden wallet passphrase" safe against phishing?
A: Phishing targets your interaction flows (fake apps, compromised computers), not the cryptographic protection the passphrase provides. Always verify firmware and use air-gapped signing when possible (air-gapped-signing).
A passphrase (the so-called 25th word) gives you an extra layer of control and plausible deniability, but it also transfers responsibility: you must manage another secret reliably. In my testing since 2017, the users who benefit most are those who understand the recovery trade-offs and who test restores before moving significant funds.
If you plan to use a passphrase, start small, test restores, and separate backups. For practical next reads, check seed-phrase-basics, backup-metal-slip39, and multisig-setup-ledger.
Ready to set one up? Review your firmware and device guides first (firmware-updates-and-verification), then follow the step-by-step setup in your device's walkthrough (walkthrough-nanos-step-by-step).
And if you want to discuss a specific recovery scenario, check the FAQ page or open a troubleshooting guide.
But remember: extra secrecy helps until you forget it. Secure planning beats last-minute panic.