Skip to main content
Don't invest unless you're prepared to lose all the money you invest. This is a high-risk investment, and you should not expect to be protected if something goes wrong. Take 2 min to learn more.
Start buildingBuy crypto

Hardware vs Software Wallets: Which Do You Need?

The real difference between hardware and software wallets, what each is good and bad at, and a straight answer on which one you actually need.

intermediate7 min readBanxa team

TL;DR

  • The one real difference: a software wallet keeps your keys on an internet-connected device; a hardware wallet keeps them offline. Everything else follows from that.
  • Software wallets (apps like MetaMask or Trust Wallet) are free and convenient, and fine for smaller, everyday amounts you are actively using.
  • Hardware wallets (Ledger, Trezor, around 50 to 150 pounds) sign transactions offline, so the key never touches an online machine. Far harder to drain remotely.
  • Ledger's 2020 data breach (about 1 million emails, around 270,000 home addresses) is the reminder: buy direct, never second-hand, and guard the recovery phrase whatever device you use.
  • The honest rule: match the wallet to the amount. Most experienced holders run both. This is background, not financial advice.

In July 2020 a company called Ledger, which sells little devices for storing crypto offline, got hacked. Not the devices. Its shop database. Out went about a million customer email addresses, and for roughly 270,000 people, their names, phone numbers and home addresses too. No coins moved. The keys had never been on those servers. But criminals now held a shopping list of people who probably kept money at home, with the front doors marked. Phishing emails poured in. Some buyers got threats through the letterbox.

Keep that story in your back pocket. We will come back to it, because it is the bit most wallet guides leave out.

First the choice you actually face. Hold your own crypto and you pick between a software wallet and a hardware one. The marketing buries it in jargon. The real difference is one thing: where your keys live. Software keeps them on a device that is online. Hardware keeps them on a device that is not. That is the whole fork in the road.

A wallet does not hold your coins

Worth fixing this first, because it changes everything after it. Your coins are not in the wallet. They sit on the blockchain, a public ledger anyone can read. What the wallet holds is the private key: the secret that proves the coins are yours and lets you spend them. Lose the key, lose the coins, even though you can still see them sitting there on the chain, taunting you.

So "hardware or software" is really one question wearing a costume. Where does the key live, and who else can get at it? Both kinds here are a non-custodial wallet, meaning you hold the key yourself and no company holds it for you. The split is only about where you keep it.

Software wallets: free, fast, exposed

A software wallet is an app. MetaMask in your browser, Trust Wallet on your phone, that sort of thing. Free. Five minutes to set up. Lovely to use, honestly: pay, swap, check balances, all in the same few taps as your banking app. Tens of millions of people run one.

The catch is the device underneath. Your keys sit on the same phone that runs your email, your browser, and that game you downloaded last week. That phone is online basically every waking hour. This is a hot wallet: always on, always reachable. Pick up malware, or type your recovery phrase into a fake site that is a pixel-perfect copy of the real one, and the keys are gone. No alarm. No warning. You find out when you open the app and see a zero.

The thefts are not clever. A clipboard hijacker sits quietly, waits for you to copy a wallet address, and swaps in the attacker's. You paste, you send, your money lands in a stranger's wallet. Or a fake MetaMask extension. Neither breaks any cryptography. They just need a few seconds on a machine that is already online, which a hot wallet always is. Stealing crypto off hot wallets is a whole grubby little industry.

None of that makes a software wallet bad. It makes it right for one job: small, active money you are spending and moving, where the convenience earns the risk and a worst case would sting rather than ruin you.

Hardware wallets: offline, a bit of faff

A hardware wallet is a small physical thing. A Ledger or a Trezor, usually 50 to 150 pounds. The keys are made on the device and never leave it. To send crypto you confirm on the device, it signs the transaction inside itself, and only the finished signature comes out to your computer. The key never touches your online machine. Ever. That is the trick, and it is a good one.

This is cold storage: the key kept off the network. It shuts the door on the whole family of remote theft that haunts software wallets. Malware on your laptop cannot read a key sitting in a chip in your drawer, unplugged. To drain a hardware wallet someone generally needs the device itself plus your PIN, or your written recovery phrase. A far higher bar than a dodgy link.

The price is convenience and a little discipline. One more object to buy, to store somewhere sensible, not to lose. You cannot fire off a payment in three seconds on the bus. For money you mean to leave alone, that friction is the feature.

Back to the Ledger leak

Now the story pays off. A hardware wallet guards your keys beautifully. It guards nothing else. In 2020 Ledger's keys were never exposed, which is the design doing exactly its job. What leaked was a list of crypto owners with their home addresses attached. Read that again. The fallout was phishing and, worse, physical threats, because the device protects the key but cannot un-leak your address once a shop spills it.

Two blunt lessons fall out. Buy the device from the maker or an authorised seller. Never second-hand, never some marketplace listing, because a tampered or pre-seeded device is a known trap: the seller already knows the recovery phrase, and the day you deposit, they take it. And be careful who knows you hold crypto at all.

One more thing the Ledger mess drives home. A hardware device protects the key. It cannot protect a recovery phrase you typed into a cloud note or read down the phone to a "support agent". Those 12 or 24 words your device shows you at setup are the master backup. They rebuild the wallet on any device, so anyone who reads them owns your crypto, hardware or not. Same care for that phrase whichever wallet you pick.

So which do you need?

Match the wallet to the amount, and be honest about the number. Pocket money you are actively using? A reputable software wallet is fine, and buying a device for it is overkill. An amount that would genuinely hurt to lose, or money you mean to leave untouched for years? The offline protection of a hardware wallet tends to earn its 50-to-150-pound cost back the first time it stops a bad link doing any damage.

Two cheap gut checks. Could you shrug off losing everything in this wallet to one bad click? Software is fine. Would that loss wreck your year? Buy the device. Most people land somewhere in the middle, which is why a lot of them stop choosing.

The setup most people land on: both

It is not either-or. The arrangement plenty of long-term holders settle into is two wallets, two jobs. A software wallet carries the small, active balance, the bit you spend and tinker with, where speed matters and the stakes are low. A hardware wallet holds the savings, plugged in only the rare times you actually move that money. Same logic as cash: a bit in your pocket for the day, the rest locked away where a pickpocket cannot reach it.

That split gives you the app's convenience and cold storage's protection at once, each wallet sized to what it carries. Not set up your first wallet yet? Start there. For the wider picture on holding your own keys, read the self-custody guide. This is background, not financial advice.

Frequently Asked Questions

It depends how much you hold. For a small amount you are actively using, a reputable software wallet is reasonable. For an amount you would be sick to lose, a hardware wallet removes the biggest risk, your keys being stolen from an online device, and usually earns back its 50-to-150-pound cost the first time it blocks a bad link.

Hot means connected to the internet, which is most software wallets. Cold means kept offline, which is what a hardware wallet gives you. Cold storage is a little more effort day to day, but much harder for a remote attacker to reach, because the key never sits on a networked machine.

No wallet is beyond every risk. A hardware wallet hugely cuts remote theft, but you still have to buy it from the official source, set it up yourself, and protect the recovery phrase. Those 12 or 24 words are still the master key whatever device you use, so they have to stay offline and private.

A second-hand or unofficial device can arrive tampered with or pre-loaded with a recovery phrase the seller already knows, which hands them your funds the moment you deposit. Ledger's 2020 data leak, which exposed roughly a million emails and around 270,000 home addresses, also showed how owning crypto can make you a target, so buy direct and be careful who knows you hold it.

Yes, and many people do. A common setup is a software wallet for small, active amounts and a hardware wallet for longer-term savings, the same way you might keep a little cash in your pocket and the rest locked away. Each wallet then does the job it suits.

By Banxa teamLast updated: 7 June 2026