Start Recovery Process

What to do Post-Recovery OR a Top-Level Guide to Securing Crypto

So You Recovered Your Crypto… Now What?

After a recovery with Unciphered your crypto is sitting safely at a trusted custodial exchange. Simple UI, straightforward login, none of the self-custody confusion to worry about. And maybe you’re comfortable with that arrangement.

But maybe you can still hear that common crypto mantra in the back of your mind.

“Not your keys, not your crypto.”

The next decision is often a mystery. How much of that balance do you want to move into your own custody and how to do it in a way that doesn’t land you back where you started: locked out.

At Unciphered, we want to only have you as a client once. To do this, we help past clients set up their wallets, assets, and custody practices in a way that is organized, secure, user-friendly, and, most importantly, reliable over time, so they’re far less likely to lose access again. This article functions as half guide and half menu for navigating the post-recovery hurdles of securing your crypto under your own control.

  • Choosing the right wallet (hardware vs software, hot vs cold)
  • Setting up robust and secure backups
  • Documenting and storing your access credentials
  • Testing your setup before moving large balances
  • Balancing security “complexity” with your ability to manage it over time
  • Using a mix of self-custody and exchanges in a sensible way

 

  •  

Self-custody, exchanges, or both?

First, a clear set of options:

  • Self-custody gives you maximum control, but can make you the single point of failure. You hold the private keys. You’re not relying on an exchange’s solvency, security, or policies.
  • Exchanges give you convenience: quick trades, fiat on/off ramps, and a familiar login/password/multifactor model. 

For most people, the practical solution is both:

  • Keep a portion on the exchange
    • For active trading
    • For short-term liquidity or planned spending
  • Move larger, long-term holdings to self-custody
    • For long-term savings or “do not touch” funds
    • Protected against exchange failures or account freezes

This guide focuses on securing that self-custody portion, assuming your funds are currently on a custodial platform and you’re about to move them off.

Choosing your wallet: hardware, software, and wallet “type”

Hardware vs software wallets

Hardware wallet (crypto-specific hardware)

  • A dedicated physical device that stores your private keys offline.
  • Pros: Strong protection against malware or data scraping, clear separation from your everyday phone/computer.
  • Cons: Costs money, you must securely store both the device and its recovery phrase.

Software (mobile/desktop) wallet

  • Private keys live on your phone, computer, or digital storage device.
  • Pros: Free, convenient, quick to use.
  • Cons: Exposed to bugs, vulnerabilities, data corruption, or other woes of data management. Still have the burden of remembering your recovery phrase

For most Unciphered clients with recovered funds:

Recommended baseline:

  • A reputable hardware wallet for your main long-term balance.
  • A software wallet or exchange account for smaller, day-to-day amounts.

Hot vs cold, single signature vs multi-sig (wallet “type”)

Hot vs Cold

  • Hot wallet: Interfaces with exchanges or defi and used to have readily available funds.
  • Cold wallet: For longer-term storage and larger amounts. Should not interface with defi.

Single Signature vs Multi-sig

  • Single-sig: One key controls the funds. You have that key, you can access the funds.
  • Multi-sig (e.g. 2-of-3): Several keys exist; any “X of Y” combination is needed to move funds. (usually reserved for 3rd party managed wallets)

For most individuals:

  • A single-sig hardware wallet is a good balance of security and usability.
  • Multi-sig can be excellent for larger holdings, businesses, or estates, but it adds complexity. Only use it if you’re willing to document it carefully, test it regularly, and understand it completely.

 

Backups: Always. 

If your device or wallet is lost, damaged, or updated incorrectly, your backup is everything. A good recovery setup has:

  1. A primary backup of your seed phrase
  2. Optionally, a secondary backup or redundancy, preferably off-site from the primary backup
  3. Safe physical storage locations that you control

The 3-2-1 Backup Rule

A simple rule for backups is:

  • 3 Copies 
  • 2 Different Methods of Storage
  • 1 Stored Off-Site (or at a different location)

Seed phrase best practices

Most wallets generate a 12- or 24-word recovery phrase (seed/mnemonic). Follow these rules:

  • Write it down by hand
    • Use pen on durable paper, or, better yet, engrave into metal.
    • Avoid taking photos, screenshots, or storing it on any device that touches the internet.
  • Copy the words exactly, in order
    • Use clear, legible handwriting.
    • Double-check spelling and order.
  • Create at least two copies
    • Store them in separate, secure locations (a home safe and a safe deposit box).
    • The goal is to avoid a single point of physical failure (fire, theft, flood).
  • Don’t mix it with random notes
    • Use a dedicated sheet/card/plate, clearly structured.
    • Don’t “hide” it within a crossword or random sentences; that can confuse you later. “Security by obscurity” is unreliable in guaranteeing access over time.

Advanced backup schemes:

Some wallets offer advanced backup options:

  • Shamir’s Secret  / “shares”
  • Manually splitting the seed

These can protect against physical theft (no single paper reveals everything) but dramatically increase the risk of self-inflicted lockout if you mis-store, mis-document, or misunderstand how it works.

Only use these if:

  • You fully understand the scheme
  • You have clear, written instructions (as if you were unfamiliar with the method entirely)
  • You commit to testing recovery regularly

Otherwise, a straightforward seed phrase with multiple secure copies is usually safer in practice.

Documenting your access credentials (the right way)

Your goal is not just to be secure today, but to make sure that you in five or ten years (or a trusted loved one, if needed) can still understand your setup.

Think in layers:

  • Credentials that unlock devices/wallets
    • Hardware wallet PINs
    • Wallet app passwords
    • Passphrases / hidden wallets
  • Context about what each credential is for
    • Which device, which wallet, which network, which account

Build a simple “key inventory”

Create a private, offline document (paper or printed) that describes your setup without writing private keys in plain text all over the place. For example:

  • What hardware wallet model you use
  • Which networks/coins are stored where
  • That you have a seed phrase stored in Location A and a duplicate in Location B
  • That there is an additional passphrase required to access the “real” wallet if you used a hidden wallet (do not write the passphrase on the same sheet if you want additional separation)

This “key inventory” should:

  • Be understandable to your future self and, ideally, a trusted person if a situation arises where that is needed.
  • Avoid revealing exact balances or exchange account credentials keep those separate.

Where to store credentials and documentation

  • Physical safes: Home safe or office safe, bolted down and rated accordingly.
  • Safe deposit box: Good for backup copies and documentation, especially if you move frequently.
  • Separate secure locations for high-risk info:
    • For example, seed phrase in one safe deposit box, passphrase in another, inventory sheet somewhere else.

Obvious things to Avoid:

  • Unencrypted files on an internet-connected computer
  • Password managers
  • Cloud storage without strong encryption and key management (even then, not recommended unless you fully understand and trust the setup)
  • Trusting your memory alone

Testing your setup before you move a large amount

Never send your entire recovered balance to a brand-new wallet setup without testing it thoroughly.

Here’s a safe procedure:

  1. Create the wallet and write down the seed phrase or access credentials.
  2. Fund the wallet with a small test amount.
    • Transfer a small amount of crypto from your exchange to the new wallet.
  3. Verify you can send funds out.
    • Send part of that test amount to another address (back to the exchange or a second wallet).
  4. Test recovery from backup.
    • On a separate device (or after wiping and resetting your hardware wallet):
      • Use the seed phrase or recovery method to restore the wallet.
      • Confirm that you see the right balance and the same receiving addresses.
      • Test sending and receiving small amounts of crypto again.

Only after this full loop has worked should you consider moving larger balances from the exchange to the wallet.

Complexity vs. usability: hidden wallets, passphrases, and future you

Security tools like hidden wallets, passphrases, and multi-sig can be powerful, but they also come with a real risk:

The more complex the setup, the easier it is to forget, skip, or mis-document a detail and lock yourself out.

Hidden wallets and passphrases

Many hardware wallets support a feature where your “real” wallet is only accessible using:

  • The seed phrase plus an extra passphrase, or
  • A “hidden” profile that effectively behaves like a second wallet

Best practice:

  • Always document that a passphrase exists.
    • Your seed alone will not recover the funds.
  • Store the passphrase separately from the seed phrase, but in a way that you or a trusted person can still connect the dots reliably.
  • Test recovery of the hidden wallet, not just the default wallet.

If you create:

  • One visible, small-balance wallet, and
  • One hidden, large-balance wallet

Then you must have a clear written explanation of that setup somewhere secure.

Multi-sig and other “fancy” setups

Multi-sig is excellent for:

  • Partnerships
  • Businesses
  • Managed assets
  • Estate planning

But for an individual, it will introduce:

  • Multiple devices to secure
  • Complex recovery steps
  • Confusion about which key lives where

A simple rule of thumb:

If you can’t explain your setup clearly on one page to a non-technical, trusted person, it’s probably too complex.

For many Unciphered clients, the best choice for a cold wallet setup is:

  • single hardware wallet
  • Solid, well-documented seed backups
  • Possibly a passphrase/hidden wallet if you can document and test it thoroughly

Why keeping some crypto on an exchange can still be a good idea

Self-custody is powerful, but it doesn’t have to be all-or-nothing.

Reasons to keep a portion of your funds on a reputable exchange:

  • Liquidity: Quick access if you need to sell, rebalance, or exit to fiat.
  • Convenience: No need to plug in a device for small trades or payments.
  • Operational simplicity: Less hassle for people who trade frequently or use multiple tokens.

You’re not choosing between “trust an exchange” or “trust yourself” in absolute terms. You’re designing a system where:

  • The risk from using an exchange is limited by not keeping everything there, and
  • The risk from using self-custody is limited by keeping the setup properly documented, tested, and simplistic, yet secure.

 

TL;DR

Here’s a practical set of questions to have answers to before you move your recovered funds to self-custody

  1. Decide your split
    • What amounts stay on the exchange for convenience?
    • What amounts go to self-custody for long-term security?
  2. Choose your wallet(s)
    • Hardware wallet brand/model selected 
    • Optional software wallet for more frequent use
  3. Create and secure your seed phrase
    • Seed phrase written clearly
    • At least two (preferably three) physical backups in separate secure locations
  4. Document your setup
    • Hardware model and where it is stored
    • Where seed backups are located (described, not fully exposed)
    • Whether a passphrase/hidden wallet exists
    • Any PINs/password formats documented
  5. Run a full test
    • Small amount sent from exchange → wallet
    • Small amount sent wallet → exchange or second address
    • Recovery from backup demonstrated and logged
    • Small amount sent again from exchange → wallet→ exchange or second address
  6. Review complexity
    • Can you explain your setup on one page?
    • Could a trusted person follow your instructions if needed?

Following these instructions and guidelines makes moving and storing your recovered funds off the exchange becomes much more safe and reliable over time.

Rss

Lost crypto?
locked out of your wallet?

Unciphered can help.

Start the recovery process