A Bitcoin wallet does not hold Bitcoin. It holds the private keys that prove you own Bitcoin on the blockchain. Get the wrong wallet and you risk losing everything. Get the right one and self-custody becomes second nature.
Your wallet choice is the single most important security decision you will make in Bitcoin. Not your exchange. Not your trading strategy. The wallet. It determines who controls your private keys, how vulnerable you are to hacks, and whether you truly own your Bitcoin or just have an IOU from a company. This guide walks through every wallet type, when to use each one, and the backup strategies that keep your coins safe for decades.
The name is misleading. A Bitcoin wallet does not contain any Bitcoin. Your Bitcoin exists as entries on the blockchain, a global distributed ledger that thousands of computers maintain simultaneously. What your wallet stores are private keys: large numbers that prove you have the right to spend specific Bitcoin.
When you set up a new wallet, it generates a seed phrase: 12 or 24 random words that encode your master private key. From that single seed, the wallet derives all your individual private keys and Bitcoin addresses using a standard called BIP-32 (Hierarchical Deterministic key derivation). This means your seed phrase is the complete backup of your entire wallet.
Lose that seed phrase and you lose access to your Bitcoin. Keep it safe and you can restore your wallet on any compatible device, from any manufacturer, at any time. The device is disposable. The seed phrase is everything.
When you want to send Bitcoin, your wallet creates a transaction, signs it with the relevant private key (proving you are authorized), and broadcasts it to the Bitcoin network. When you receive Bitcoin, someone sends it to one of your public addresses (which your wallet generates from your private keys). That is the entire flow: private key signs, public address receives.
Not all wallets give you the same level of control. Bitcoin custody exists on a spectrum, from fully trusting a third party to holding multiple keys yourself across separate locations. Understanding where each wallet type falls on this spectrum is the first step in choosing the right one.
| Custody Level | Who Holds the Keys? | Example | Risk Profile |
|---|---|---|---|
| Exchange custody | The exchange | Coinbase, Kraken | Exchange hack, bankruptcy, account freeze |
| Custodial wallet | A third party | Wallet of Satoshi | Company failure, censorship |
| Non-custodial hot wallet | You (on a connected device) | Blue Wallet, Green | Phone malware, theft, SIM swap |
| Hardware cold wallet | You (on an offline device) | Trezor, Coldcard, BitBox02 | Physical theft, lost seed phrase |
| Multisig | You (across multiple devices) | Sparrow + 3 HW wallets | Losing too many keys at once |
As you move down that table, your security increases but so does your personal responsibility. Exchange custody is easy but means you do not actually own your Bitcoin. Multisig is the most secure but requires managing three separate hardware wallets and backup locations.
Most people should aim for at least the "non-custodial hot wallet" level for small amounts and "hardware cold wallet" for savings. If you are holding $50,000 or more in Bitcoin, multisig removes the single point of failure that every other setup has. For context on why self-custody matters, read our Bitcoin security guide.
There are five main wallet types. Each serves a different purpose, and most serious Bitcoin users end up with more than one.
Hardware wallets (cold storage)
Physical devices that store your private keys offline. They never expose your keys to the internet. When you sign a transaction, the signing happens on the device itself. Your computer or phone sends the unsigned transaction to the hardware wallet, the device signs it internally, and sends back the signed version. The private key never leaves the chip.
Examples: Trezor Safe 3, Coldcard Mk4, BitBox02, Ledger Nano X
Compare hardware walletsMobile wallets (hot storage)
Apps on your phone that make sending and receiving Bitcoin quick. Good for daily spending and small amounts. Not suitable for large savings because phones can be compromised through malware, SIM swaps, or physical theft. Think of a mobile wallet like the cash in your pocket: enough for coffee and lunch, not your life savings.
Examples: Blue Wallet, Phoenix (Lightning), Green Wallet, Muun
Compare mobile walletsDesktop wallets
Software running on your computer. More features than mobile wallets, including advanced transaction building, coin control (choosing which UTXOs to spend), and hardware wallet integration. Sparrow Wallet is the standout for privacy-focused users. Electrum has been around since 2011 and is trusted by veterans. Bitcoin Core is the reference implementation that also validates the entire blockchain.
Examples: Sparrow Wallet, Electrum, Bitcoin Core (full node wallet)
Multisig wallets
Require multiple keys to authorize a transaction (e.g., 2-of-3). Each key lives on a different device in a different location. Even if one key is compromised or destroyed, your Bitcoin remains safe. This is how institutions and serious individual holders protect large amounts. The coordination software (Sparrow, Nunchuk) manages the multi-key signing process.
Examples: Sparrow + multiple hardware wallets, Nunchuk, Unchained Capital
Compare multisig setupsCustodial wallets (exchange accounts)
Not really wallets at all. When you leave Bitcoin on an exchange, the exchange holds the private keys. You have an account balance, not ownership. Convenient for trading but risky for storage. Exchanges get hacked (Mt. Gox, FTX), go bankrupt, and freeze accounts. If the exchange disappears, so do your coins.
Examples: Coinbase, Kraken, River (all custodial until you withdraw)
Compare exchangesA note on paper wallets: Paper wallets (a printed private key and address) were popular in 2013-2016 but are now considered obsolete. They are fragile, hard to spend from safely (you must import the entire balance at once), and prone to user error. Hardware wallets replaced them entirely. If you still have Bitcoin on a paper wallet, move it to a hardware wallet as soon as possible.
Here is how the four main self-custody wallet categories compare across the factors that matter most.
| Factor | Hardware | Mobile | Desktop | Web/Exchange |
|---|---|---|---|---|
| Keys offline | ✓ Yes | ✗ No | ✗ No | ✗ No |
| You hold keys | ✓ Yes | ✓ Yes | ✓ Yes | ✗ No |
| Malware resistant | ✓ Yes | ✗ No | ✗ No | ✗ No |
| Coin control | Via desktop app | ✗ No | ✓ Yes | ✗ No |
| Lightning support | ✗ No | ✓ Yes | Limited | Some |
| Convenience | Low | High | Medium | High |
| Cost | $79-199 | Free | Free | Free |
| Best for | Savings ($500+) | Daily spending | Power users | Trading only |
Hardware wallets are the most important category for anyone holding meaningful amounts of Bitcoin. They deserve a closer look at how they work under the hood and what separates a good one from a great one.
Most hardware wallets contain a secure element: a tamper-resistant chip designed specifically for cryptographic operations. This is the same type of chip in your credit card and passport. It stores your private key in a way that makes physical extraction extremely difficult, even if someone dismantles the device. The Trezor Safe 3 uses an OPTIGA Trust M chip. The BitBox02 uses an ATECC608B. The Coldcard Mk4 uses two separate secure elements for dual verification.
Some wallets, like older Trezor models, do not use a secure element. They rely on a general-purpose microcontroller and strong firmware. This makes the code fully auditable (good for transparency) but means a physical attacker with lab equipment could theoretically extract the key. Both approaches work. The secure element adds a layer of physical tamper resistance.
Never buy a hardware wallet from Amazon, eBay, or a third-party reseller. Tampered devices with pre-loaded seed phrases are a documented attack vector. The scam works like this: an attacker buys a legitimate device, sets it up with a seed phrase they control, repackages it, and sells it as "new." You receive Bitcoin on addresses derived from their seed phrase. They drain the wallet whenever they want.
Every legitimate manufacturer ships devices with tamper-evident packaging and holographic seals. Some, like Coldcard, ship in sealed anti-static bags with unique serial numbers printed on both the bag and the device. Always verify the seal. Always buy from the official website: trezor.io, shiftcrypto.ch, coldcard.com. The small markup over Amazon is your insurance against supply chain attacks.
Before you trust a hardware wallet with real Bitcoin, verify the firmware. Most wallets display a hash or checksum on their screen during setup that you can compare against the manufacturer's published values. This confirms the firmware has not been modified in transit. Update your firmware regularly (through the official companion app only), since updates patch security vulnerabilities. Never click firmware update links in emails. See our hardware wallet comparison for a breakdown of which devices support which verification methods.
An air-gapped wallet has no USB, Bluetooth, Wi-Fi, or any other electronic connection to other devices. Transactions are transferred using QR codes or microSD cards. The private keys never come close to an internet-connected device, which eliminates an entire class of remote attacks.
You build a transaction on your internet-connected computer (using Sparrow Wallet, for example). The computer does not have your private key, so it creates an unsigned transaction. You transfer that unsigned transaction to the air-gapped device via QR code or microSD card. The device signs the transaction offline. You transfer the signed transaction back to the computer, which broadcasts it to the Bitcoin network. At no point does the private key touch a networked device.
Air-gapped wallets make the most sense for large, long-term holdings that you rarely move. If you hold $20,000+ in Bitcoin and move it less than a few times per year, the extra inconvenience is worth the additional security layer. For daily transactions, a standard hardware wallet over USB is faster and still very secure.
The Coldcard Mk4 supports fully air-gapped operation via microSD. The SeedSigner is an open-source, DIY air-gapped signing device you can build from a Raspberry Pi Zero for about $50. The Passport (by Foundation Devices) uses QR codes for air-gapped communication. Each approach has tradeoffs between cost, ease of use, and open-source verification. For a full guide on setting up cold storage, see our Bitcoin cold storage guide.
Mobile wallets are convenient, but your phone is an attack surface in ways most people do not think about. Understanding the threats helps you set appropriate limits on how much Bitcoin to keep on your phone.
Malicious apps can capture your screen, log keystrokes, or read clipboard data (including Bitcoin addresses you copy-paste). Android is more vulnerable than iOS because of sideloading, but neither is immune. A clipboard hijacker replaces the Bitcoin address you copy with one the attacker controls. Always verify the first and last few characters of any address before sending.
An attacker convinces your carrier to transfer your phone number to their SIM card. They then reset accounts tied to that number. This does not directly compromise a non-custodial wallet (your keys are on the device, not tied to your phone number), but it can compromise your exchange account, email, and any 2FA tied to SMS. Use an authenticator app for 2FA, never SMS.
If someone steals your unlocked phone, they can open your wallet app and send your Bitcoin. Good mobile wallets require a PIN or biometric to open, but not all do by default. Enable every lock your wallet offers. Set a short auto-lock timeout. Consider a "duress PIN" if your wallet supports it (a PIN that opens a decoy wallet with a small balance).
Treat your mobile wallet like cash in your pocket. Enough for daily spending, never your entire stack. For most people, $200-500 on a mobile wallet is a reasonable limit. Anything beyond that belongs on a hardware wallet.
Desktop wallets sit between mobile and hardware in terms of both convenience and security. They run on your computer, which means they inherit your computer's security posture (good or bad). The big advantage is features: coin control, custom fee selection, multisig coordination, and direct hardware wallet integration.
Sparrow is the standout desktop wallet for Bitcoin in 2026. It supports every major hardware wallet, has built-in coin control, connects to your own node (or public servers if you prefer), and coordinates multisig setups visually. It is Bitcoin-only (no altcoin distractions), open-source, and designed for users who want full control over their transactions. If you own a hardware wallet, Sparrow is the recommended companion app.
Electrum has been running since 2011, making it one of the oldest Bitcoin wallets still in active development. It supports hardware wallets, multisig, Lightning (via a plugin), and custom transaction building. The interface looks dated compared to Sparrow, but the underlying code is battle-tested. Many veteran Bitcoiners still use Electrum as their daily driver.
Bitcoin Core is the reference implementation of the Bitcoin protocol. It includes a wallet, but its primary purpose is running a full node that validates every transaction and block independently. Using Bitcoin Core as your wallet means you do not trust any third-party server for balance information or transaction broadcasting. The tradeoff is that it requires downloading the full blockchain (500+ GB) and keeping it synced. If you are serious about sovereignty, running your own node is the natural next step. Read our Bitcoin node guide for a full walkthrough.
This is the most fundamental distinction in Bitcoin wallets. It comes down to one question: are your private keys ever on a device connected to the internet?
| Hot wallet | Cold wallet | |
|---|---|---|
| Internet connected | Yes, always | Never (or rarely) |
| Key storage | On phone or computer | On dedicated hardware device |
| Best for | Daily spending ($50-500) | Long-term savings ($500+) |
| Hack risk | Higher (malware, phishing) | Minimal (physical access needed) |
| Transaction speed | Instant | Requires connecting device |
| Cost | Free | $79-199 |
| Recovery | Seed phrase | Seed phrase |
| Examples | Blue Wallet, Green | Trezor, Coldcard, BitBox02 |
The standard advice works: treat a hot wallet like your physical wallet (small spending money) and a cold wallet like your bank vault (the bulk of your holdings). Most security breaches in Bitcoin history happened to hot wallets and exchange accounts, not hardware wallets. Read our cold storage guide for a detailed walkthrough of setting up cold storage properly.
Your seed phrase is the single point of failure in any single-key wallet setup. If you lose it, you lose your Bitcoin. If someone else finds it, they can take your Bitcoin. The goal is to store it durably, securely, and in a way that survives disasters.
Write your seed phrase on paper with a ballpoint pen (not pencil, not printer ink). Store it in a fireproof safe or a sealed envelope in a secure location. Paper degrades over time: water destroys it, fire burns it, and ink fades. Paper is better than nothing, but it is not a long-term solution for significant holdings.
Stamp or engrave your seed phrase into a steel or titanium plate. Products like the Cryptosteel Capsule, Billfodl, and Blockplate are designed for this purpose. Metal withstands fire (up to 1,500C for steel), flooding, and decades of storage. It costs $30-80. For any holding worth more than a few hundred dollars, a metal backup is a no-brainer investment.
Do not store your only backup next to the device it protects. If your house burns down, you lose both. Consider storing copies in two or three separate locations: your home safe, a trusted family member's safe, and a bank safety deposit box. Each location should be geographically separate enough that a single disaster (fire, flood, earthquake) cannot destroy all copies at once.
For a full walkthrough on seed phrase security, read our seed phrase guide.
A passphrase is an additional word or phrase you add on top of your seed phrase during wallet setup. It acts like a 25th word. Combined with your seed phrase, it creates an entirely different set of private keys and addresses. The same 24-word seed phrase with a different passphrase produces a completely different wallet.
The passphrase adds plausible deniability and an extra security layer. If someone finds your seed phrase without the passphrase, they will see a wallet with no funds (or a decoy wallet you intentionally funded with a small amount). Your real funds are only accessible with the correct passphrase. This protects against physical theft of your seed backup.
A passphrase makes sense if you worry about physical security of your seed phrase backup, if you travel and want a decoy wallet, or if you hold large amounts and want an extra layer beyond the seed alone. It does not replace a hardware wallet. It complements one.
Warning: If you forget your passphrase, your Bitcoin is gone permanently. There is no recovery mechanism. The passphrase is not stored anywhere. Write it down separately from your seed phrase and store it in a different secure location. Test that you can access the passphrase-protected wallet before sending significant funds to it.
Most wallets use BIP-39, the standard that gives you a 12- or 24-word seed phrase. Write it down, store it safely, done. But there is an alternative called SLIP-39 (Shamir Backup) that splits your seed into multiple shares, adding resilience against theft and loss.
| Feature | BIP-39 (Standard) | SLIP-39 (Shamir) |
|---|---|---|
| Format | 12 or 24 words | Multiple 20-word shares |
| Backup structure | Single phrase | Split into N shares, need M to restore |
| Example config | One backup to protect | 3-of-5 shares across locations |
| Theft resistance | One copy = full access | Single share reveals nothing |
| Loss tolerance | Lose it, lose everything | Lose up to (N-M) shares safely |
| Wallet support | Nearly universal | Trezor (native), limited others |
| Cross-wallet compatible | Yes | No (SLIP-39 only restores in SLIP-39) |
| Best for | Most users | High-value single-key setups |
SLIP-39 is not a replacement for multisig. Multisig distributes signing authority across multiple independent keys. SLIP-39 distributes backup shares of a single key. They solve different problems. SLIP-39 protects your backup from theft (no single share is useful alone). Multisig protects your spending authority (no single device can spend).
If you use a Trezor and want better backup resilience without the complexity of multisig, SLIP-39 with a 3-of-5 share scheme is a strong option. Store each share in a different location with a different trusted person or safe.
Your hardware wallet breaks, gets lost, or gets stolen. Now what? If you have your seed phrase, recovery is straightforward. Here is the process, step by step.
Get a new wallet device
Buy a replacement hardware wallet from the manufacturer. It does not have to be the same brand. Any wallet that supports BIP-39 can restore from any BIP-39 seed phrase. A Trezor seed restores on a Coldcard. A Coldcard seed restores on a BitBox02.
Select "Recover wallet" during setup
Every hardware wallet offers two options at first boot: create a new wallet or recover an existing one. Choose recovery.
Enter your seed phrase
Type your 12 or 24 words into the hardware wallet screen, in exact order. The device derives your private keys from the seed. This takes about 2-5 minutes.
Enter your passphrase (if you used one)
If you set a passphrase during original setup, you must enter it to access the same wallet. Without it, you will see a different (empty) wallet. This is by design.
Verify your balance
Connect the hardware wallet to a companion app (Sparrow, Trezor Suite, BitBoxApp) and verify your balance appears correctly. Check transaction history against your records.
Consider whether the old device is compromised
If your old device was stolen (not just broken), assume someone may eventually extract the seed from it. Transfer your Bitcoin to a freshly generated wallet with a new seed phrase as a precaution.
The entire recovery process takes about 15-30 minutes. Your Bitcoin never leaves the blockchain. The seed phrase simply gives a new device the ability to access and spend the same coins. For a more detailed walkthrough, read our wallet recovery guide.
When you send Bitcoin, your wallet decides which of your UTXOs (unspent transaction outputs) to use as inputs. This decision, called coin selection, has real implications for your privacy and transaction fees.
Bitcoin does not work like a bank balance. Instead, your wallet contains individual "coins" (UTXOs), each from a specific previous transaction. If you received 0.1 BTC on Monday and 0.05 BTC on Thursday, your wallet holds two separate UTXOs. When you spend 0.12 BTC, the wallet must combine them and send the change (0.03 BTC) back to yourself.
When your wallet combines UTXOs from different sources in a single transaction, it links those sources together on the public blockchain. Anyone analyzing the chain can infer that the same person controls both inputs. If one of those inputs came from a KYC exchange and another came from a private source, you have just connected the two.
Desktop wallets like Sparrow and Electrum let you manually select which UTXOs to spend. This is called coin control. You can label each UTXO by source ("Kraken withdrawal," "P2P purchase," "Mining payout") and avoid mixing them in a single transaction. This is the most practical privacy tool available to individual users.
Mobile wallets do not offer coin control. They select UTXOs automatically, usually optimizing for lowest fees rather than privacy. This is another reason power users prefer desktop wallets for managing their main holdings. For more on privacy practices, see our Bitcoin privacy guide.
One of the most underappreciated features of Bitcoin wallets is interoperability. Thanks to the BIP-39 standard, the same seed phrase works across wallet software from different manufacturers. You are not locked into any vendor.
Generate a seed on a Trezor. Restore it in Sparrow. Check the same wallet in Blue Wallet on your phone. All three apps will derive the same private keys and show the same balance. The seed phrase is the universal key. The wallet software is just a viewer.
There are a few edge cases. Different derivation paths (the technical method a wallet uses to turn a seed into specific keys) can cause wallets to show different addresses from the same seed. Most modern wallets use the same default paths (BIP-84 for native SegWit), but older wallets or custom configurations might differ. Sparrow handles this gracefully by letting you scan for funds across multiple derivation paths.
The main exception to interoperability is SLIP-39 (Shamir Backup). SLIP-39 seeds only work in wallets that support the SLIP-39 standard. You cannot enter SLIP-39 shares into a BIP-39-only wallet. If you use Shamir backup on a Trezor, you need a SLIP-39-compatible wallet to restore.
There is no universal dollar amount that triggers the switch. The right question is: how much would you be comfortable losing if your phone were stolen or hacked today?
For most people, the threshold is somewhere between $500 and $1,000. A Trezor Safe 3 costs $79. A BitBox02 costs $149. If you are holding $1,000 in Bitcoin on your phone, spending $79-149 to protect it is a 7-15% insurance cost, and you only pay it once. The math gets even more obvious as your holdings grow.
Do not wait until you feel rich to get a hardware wallet. The people who lose Bitcoin are the ones who kept putting off the upgrade. If you are stacking sats with DCA, set up your hardware wallet before you start, not after you have accumulated a stack worth protecting.
Good security is not one thing. It is a set of habits that work together. Here are the practices that matter most, ranked by impact.
Back up your seed phrase before anything else
The moment your wallet generates a seed phrase, write it down on paper or stamp it in metal. Verify it by checking each word. Then, and only then, put Bitcoin in the wallet. See our seed phrase guide for the full backup process.
Never type your seed phrase into a computer or phone
Your seed phrase only goes into a hardware wallet screen. Never a website, app, text field, or screenshot. Any digital copy is a theft vector. Even encrypted files on your computer are vulnerable to malware.
Buy hardware wallets only from the manufacturer
Never buy from Amazon, eBay, or resellers. Tampered devices with pre-loaded seed phrases are a known attack. Order directly from trezor.io, shiftcrypto.ch, or coldcard.com. Check tamper-evident seals on arrival.
Verify addresses on your hardware wallet screen
When sending Bitcoin, always verify the recipient address on your hardware wallet's screen, not just on your computer monitor. Clipboard-hijacking malware can swap the address between your copy and paste. The hardware wallet screen shows you the real destination.
Update firmware through official channels only
Firmware updates fix security vulnerabilities. Check the manufacturer's official website or companion app for updates. Never click links in emails, Telegram messages, or tweets claiming to be firmware updates. Those are phishing attacks.
Do not reuse Bitcoin addresses
Every time you receive Bitcoin, use a new address. Address reuse lets anyone who knows one address trace all your transactions. Good wallets generate new addresses automatically. If yours does not, switch to one that does.
Test your backup before trusting it with large amounts
Restore your seed phrase on a different device to confirm it works. Do this with a small amount of Bitcoin first. Discovering your backup is wrong after your primary device breaks is a catastrophic failure you can prevent with five minutes of testing.
Use a strong PIN and consider a passphrase
Set a PIN of at least 6 digits on your hardware wallet. Consider adding a passphrase (25th word) for additional protection, but only if you understand and accept the risk of forgetting it. A forgotten passphrase means permanently lost funds.
A Bitcoin wallet is software or hardware that stores your private keys and lets you send, receive, and manage Bitcoin. It does not actually store Bitcoin (that lives on the blockchain). It stores the keys that prove you own specific Bitcoin and authorize transactions. Think of it as a keychain, not a piggy bank.
A hot wallet is connected to the internet (phone app, browser extension, desktop software). A cold wallet is not connected (hardware wallet, air-gapped device). Hot wallets are convenient for daily use. Cold wallets are safer for long-term storage. Most people should use both: a hot wallet for small amounts they spend, and a cold wallet for savings.
Hardware wallets (cold storage) are the safest for storing Bitcoin long-term. Your private keys never touch an internet-connected device. For maximum security, combine a hardware wallet with your own Bitcoin node and never reuse addresses. Multisig wallets (requiring 2-of-3 keys to spend) add another layer for large holdings.
No. You can buy Bitcoin on exchanges like Coinbase or Kraken without your own wallet. But your Bitcoin sits in the exchange's custody, meaning they control the keys. To actually own your Bitcoin (self-custody), you need your own wallet. The saying 'not your keys, not your coins' exists for a reason.
A custodial wallet means a third party holds your private keys (like keeping Bitcoin on Coinbase). A non-custodial (self-custody) wallet means you hold the keys yourself. With custodial wallets, you trust the company not to get hacked, go bankrupt, or freeze your account. With non-custodial wallets, you are responsible for your own security and backup.
Yes, if both wallets support the same standard (BIP-39, which most do). You can generate a seed phrase on a Trezor and restore it in Sparrow Wallet, Electrum, or Blue Wallet. Your Bitcoin stays on the blockchain. The seed phrase just lets any compatible wallet derive the same private keys.
If you have your seed phrase backed up, you can restore your entire wallet on a new device. Your Bitcoin is on the blockchain, not on the device. The wallet just holds the keys. If you lose both the wallet AND the seed phrase, your Bitcoin is gone permanently. This is why backup is critical.
A passphrase is an extra word you add on top of your 12- or 24-word seed phrase. It creates a completely different wallet. Even if someone finds your seed phrase, they cannot access funds protected by a passphrase. The risk: if you forget the passphrase, those funds are gone forever. Only use one if you store it separately and securely.
SLIP-39 splits your seed into multiple shares (e.g., 3-of-5). You need a minimum number of shares to restore the wallet, but no single share reveals anything. Trezor supports this natively. It is an alternative to BIP-39 (the standard 12/24-word mnemonic), not compatible with it. You choose one or the other at wallet setup.
For small amounts, yes. Good mobile wallets like Blue Wallet and Phoenix encrypt your keys on the device. But phones can be hacked, lost, or stolen. Do not keep large amounts on a mobile wallet. Use it for spending money, and keep savings in a hardware wallet.
A multisig (multi-signature) wallet requires multiple keys to authorize a transaction. For example, 2-of-3 means you need 2 out of 3 keys to spend. Each key can be on a different device in a different location. Even if one key is compromised or lost, your Bitcoin stays safe. It is the gold standard for securing large amounts.
When your Bitcoin holdings exceed what you would be comfortable losing. For most people, that threshold is around $500-1,000. A hardware wallet costs $79-199 and protects against remote attacks, malware, and phishing. Once you hold more than a few hundred dollars in Bitcoin, the cost of a hardware wallet is trivial compared to what you are protecting.
Start by deciding what you need. For getting started: a simple mobile wallet. For securing savings: a hardware wallet ($79-199). For large amounts: multisig. For maximum privacy: a hardware wallet connected to your own node. For Lightning payments: Phoenix or Muun. Match the wallet to the job.
If you are holding any meaningful amount of Bitcoin, a hardware wallet is worth the investment. It is the single biggest upgrade you can make for your security. For small amounts and daily spending, a mobile wallet gets you started immediately.