Things I wished I knew about Hardware Wallets

1) Use a passphrase for added security for your hardware wallet. It's an added word or phrase that YOU choose in addition to your seed key. This extra layer of security is priceless (well maybe the price of your crypto).

a) You choose it so you won't be likely to forget it vs the seed words

b) If someone figures out your seed words, they won't have access to your actual wallet. Seed word wallet is different than seed word + passphrase wallets

c) You can have 1 seed word wallet and multiple different passphrase wallets.

d) useful if you are under duress and someone forces you to unlock your hardware wallet. Now you can and it will be your dummy (seed word) wallet. (hold a little in there)

e) Choose a longer passphrase. The more characters you use, the more exponentially harder it would be for someone to bruteforce it.

f) Passphrases look at upper and lower case, include numbers and I believe recognize spaces

2) Ledger lets you set up your passphrase tied to a PIN. Type in one pin for your regular 24 seed word account & dif pin to log into your passphrase account.

3) Trezor has 1 PIN for all accounts and makes you type out your passphrase which introduces more risk. I thought getting the Trezor Model T would let me type it via the Trezor but it doesn't always let me do that.

4) What I do to protect myself from keyloggers is using a combination of a text expander (ie typing "abcd" would expand out instead to "password" ). However I expand it out to the wrong password and use my mouse to delete a few letters and replace it.

5) Text expanders protect yourself against most keyloggers but not all. But they don't detect mouse movements so it won't know which letters were deleted and replaced (Unless they also have a keylogger with screenshots tied to mouse movements)

6) Why not just stick to ledgers then? If you use Metamask, it's convenient to have a @ledger and a @trezor because you can set up with 1 of each account and quickly switch between the two. Currently you can't set up 2 ledger or 2 Trezor accounts.

7) Never give out your seed word to anyone and try not to type it out on your keyboard

No one will ever ask for your seed word. There are a lot of scams of people posing as ledger or Trezor support once you ask for help online. DO NOT give it out.

8) If you ever think your seed words are compromised, spend that gas and transfer everything to a new account. (Make a new account and transfer everything there).

9) When you make a new account, it might be worth it to test if the seed words you wrote down work. For a ledger that means, put in the wrong PIN 3 times and it will reset your ledger. Then see if you can get back in using your 24 seed words.

10) If you're ever suspicious of a new hardware wallet just reset the hardware wallet to get brand new seed words. Don't use the default one. Ledger - put in the wrong PIN 3 times. Start fresh.

11) If you've been out of the game for a long time, don't UPDATE your very old version of the LEDGER LIVE software. It could have vulnerabilities and instead of updating, you could be getting malware. Someone recently lost millions this way.

12) You might feel safe going back to the version you used a long time ago because you trust it to work, but it's outdated and vulnerable. Instead if you've been out of the loop for awhile, download a new version of the software from the official site.

13) Know you are at official sites by bookmarking every official site you go to, be it ledger, trezor, DEXes and CEXes.

Good luck and be safe out there!