⚠️ WARNING ⚠️
Bitcoin.com does not store your password or secret phrases! If you lose access to your device, the only way to access your funds is with your password / secret phrase.
Keeping your crypto-assets secure
Digital assets like Bitcoin, Bitcoin Cash, and Ethereum are 'peer-to-peer.' This means you can send them anywhere in the world without asking for permission. This 'permissionless-ness' is a huge part of what makes cryptocurrencies so powerful for supporting economic freedom globally. However, it also means you - and you alone - are responsible for protecting your assets.
Like a vault protects physical assets, the Bitcoin.com Wallet protects crypto-assets - and in both cases, you need the right access key. However, since the Bitcoin.com Wallet is 'non-custodial,' no third party (neither Bitcoin.com nor anyone else) holds the key. It's just you. This means you have to be very careful about how you store your key. If you lose your key, you lose access to your digital assets!
Backing up your wallet
When you first install the Bitcoin.com Wallet on your device, you have the option of setting up biometrics or a PIN. This acts as the key to your Wallet, but what happens if you lose or break your phone?
That's why it's important to "back up" your Wallet. Backing up your Wallet just means you're creating a backup key and storing it outside of your phone.
There are a few ways to do that. Perhaps the easiest way is to use our cloud backup service (go to 'Settings' > 'Backup & security > Cloud Backup' to set it up). With the cloud backup, you create a single custom password that decrypts a file stored in your Google Drive or Apple iCloud. If you lose access to your device, you can reinstall the Wallet app on a new device, enter your password, and you'll again have access to all your crypto-assets!
Alternatively, you can create manual backups ('Settings' > 'Backup & security > 'Manual backup'). In this case, you'll be assigned a random set of 12 words (a "passphrase") for each of the digital wallets within your Bitcoin.com Wallet. Then, when you reinstall the app on a new device, you'll need to enter each 12-word passphrase to gain to access each wallet.
Password management best practices
Whether you choose a single password that decrypts your entire Wallet or multiple auto-generated 12-word passphrases corresponding to each wallet in your Bitcoin.com Wallet, it's essential that you adhere to password management best practices.
Firstly, you should never store your passwords in digital form, as doing so opens you up to the possibility of having them stolen by hackers. This includes taking screenshots or digital photos of your handwritten passwords.
For most people, the best strategy is to physically write down the password/passphrases on a piece of paper and store that paper somewhere safe. If the crypto-assets in your Wallet are worth a lot, you'll want to (manually) make copies of the paper, and store them in separate locations (eg. one at your house, one at a family member's house).
Note that for manual backups, anyone with the passphrase can gain access to your wallet (and steal the assets in it) while for the Cloud Backup Service, you have an extra layer of protection because an attacker will need to first get into your Google or Apple account. If you set up your Google or Apple account with 2-Factor Authentication, you're making it very difficult for an attacker.