User Guide: Secret Recovery Phrase, password, and private keys
Does this article need to be translated?
Submit translations, corrections, and suggestions on GitHub, or reach out on our Community forums.
Head to MetaMask Learn for a straightforward learning experience designed specifically for newcomers to web3. It's completely free, available in multiple languages, and includes useful tools such as simulations to help you find your feet with MetaMask.
MetaMask: a different model of account security
Public blockchain technology uses a very different set of tools to secure user data, compared to traditional online technologies. Most of us are used to creating an account with an app, or service and being able to, for example, write to support to reset our password or username. We're used to the app keeping our data, presumably on some sort of computer that belongs to the company.
Well... MetaMask doesn't work like that. MetaMask has three different types of secret that are used in different ways to keep your wallet, and your accounts, private and safe: The Secret Recovery Phrase, the password, and private keys. We'll walk you through these secrets one at a time.
Intro to Secret Recovery Phrases
One of the key (you'll see what I did there) technologies underlying MetaMask, and most user account-related tools in the crypto space is the seed phrase, or as it's referred to in MetaMask, your Secret Recovery Phrase.
All of your accounts are mathematically derived from your Secret Recovery Phrase. You can think of the SRP like a keyring, and it holds as many private keys as you could want: and each one of those keys controls an account.
Now, if you want a technical explanation: Seed phrases as we know them today were codified for usage in Bitcoin, according to a standard referred to as Bitcoin Improvement Proposal 39, or BIP-39. In simple terms, a series of words are selected with a high level of randomness from a specific list of words. In MetaMask and many other Ethereum-compatible technologies, there are 12 words in a seed phrase. Some older seeds generated by the Brave browser, and some hardware wallets, use 24-word phrases.
Each one of these words corresponds to a series of numbers, and when placed in a specific order, represent a much more user-friendly way to remember a very, very long number. That number is then used to deterministically generate your accounts, and you may hear people refer to deterministic wallets. In computer science, deterministic is used to describe a process (usually an algorithm of some kind) that will always generate the same result. In other words, your Secret Recovery Phrase will always generate the same set of accounts derived from it.
There are a number of important features to note here:
- The Secret Recovery Phrase is the secret that controls the wallet. If someone has this secret, they have complete access to the wallet. MetaMask does not keep your SRP : you are the custodian of your wallet. MetaMask representatives will never ask for your Secret Recovery Phrase, even in a customer support scenario. If someone does ask for it, they are trying to scam you or steal your funds.
- Your SRP is used locally to derive private keys, one per account/address. Accounts are stored on the blockchain, and these private keys unlock those accounts.
- If you uninstall the app or the extension, then the local version of the data is gone (the notable exception being the vault), but any transactions you performed with that local version of MetaMask will have been recorded on the blockchain. Therefore, the transactions should be reflected both on a block explorer, and in another instance of MetaMask, so long as you restore using the same Secret Recovery Phrase (with the words in the same order). This means that so long as you have your Secret Recovery Phrase, you will always be able to uninstall MetaMask and restore your wallet.
- Within your wallet, you can have a very large number of separate accounts. When MetaMask creates or restores your wallet from the Secret Recovery Phrase, it initially produces only the first account. However, any additional accounts you create can be re-created in a future instance of MetaMask. As the wallet is deterministic, it will always re-create the same accounts, in the same order. For more on this issue, see the FAQs below. Note, however, that the additional accounts (beyond the first, automatically labelled 'Account 1') will not be automatically re-added to your account in all circumstances. See our explanation here for more information.
- It is possible to import accounts from other Ethereum-compatible technologies into a MetaMask wallet. To do so, the private key of that specific account is used. However, this account will not be automatically restored by MetaMask in another instance; you will have to manually re-add it. Therefore, if you have manually imported accounts, make note of their private keys, in the same way you did your seed phrase, in order to be able to re-import them in the future.
MetaMask Secret Recovery Phrase: Dos and Don'ts
Do
- Write down your Secret Recovery Phrase somewhere safe. We can't tell you precisely where, as that depends on your circumstances.
- The importance of handwriting your Secret Recovery Phrase is that it cannot be stolen online. If you store it in a file in an internet-linked cloud storage folder, for example, it could theoretically be stolen.
- Double-check your spelling and that you wrote down every word in the same order they were given.
- Reach out to MetaMask Support's official channels if you need help.
Don't
- Keep it in an easily discovered location, like a post-it note stuck to your computer.
- Keep it in an easily hacked location, like a cloud-saved document or an email titled 'Seed Phrase'.
- Provide your seed phrase to anyone, even if they say they're from MetaMask Support.
- Change the order of the words.
Secret Recovery Phrase FAQs
My seed phrase restored a different account!
Please consult the knowledge base article on this topic here. In addition, see the Community thread here for more context and background information.
Other FAQs:
How to reveal your Secret Recovery Phrase
How do I access my accounts without my Secret Recovery Phrase?
Importing a seed phrase from another wallet software: derivation path
How to check my wallet activity on the blockchain explorer
What is a Secret Recovery Phrase and how do I keep my wallet safe?
Passwords and MetaMask
MetaMask uses passwords for a single purpose: to secure the app itself; in other words, to open the app, be it the Mobile app or the in-browser Extension. Once you've restored or created your wallet from your Secret Recovery Phrase, you won't need it regularly (although you should keep it backed up and safe), and you will use your password (or more commonly on Mobile, biometric authentication such as facial recognition or your fingerprint) to unlock the app. For more details, see our article here.
Private keys
While a Secret Recovery Phrase is used to create and restore your entire MetaMask Wallet, including all accounts created in that wallet, each account has its own private key. This key can be used to import that account, and that account only, into a different wallet. Similarly, single accounts from other crypto technologies can be imported to your MetaMask wallet.