Guides ·

Generate a Bitcoin Seed Phrase Offline (Step-by-Step)

Generating your Bitcoin seed phrase offline is the single most important step you can take to protect your crypto holdings. When you generate a seed phrase on a connected device, you are trusting that no malware, browser extension, keylogger, or network sniffer is watching. An air-gapped generation eliminates all of these risks simultaneously.

This guide walks through the complete process of generating a BIP39 seed phrase for Bitcoin in a fully offline environment, from preparing your hardware to verifying your checksum and securely storing the result.

Why Generate Offline?

Every Bitcoin wallet starts with a seed phrase, typically 12 or 24 words selected from the BIP39 word list. This seed phrase is the master key from which all your private keys, public keys, and addresses are derived through the HD wallet hierarchy. Anyone who obtains your seed phrase controls all of your funds.

The threat model for online generation includes:

Malware and spyware. Keyloggers can record what appears on your screen. Screen-capture malware can take screenshots at regular intervals. Clipboard monitors can intercept copied data. Even if the generation tool itself is trustworthy, the operating system it runs on may not be.

Browser extension attacks. A malicious or compromised browser extension can inject code into any webpage, including a seed phrase generator. It could replace the cryptographic random number generator with a deterministic one that the attacker can predict, or simply transmit the generated phrase to a remote server.

Network interception. While HTTPS protects data in transit, a compromised Certificate Authority or a sophisticated man-in-the-middle attack could theoretically intercept your connection. More practically, DNS hijacking could redirect you to a phishing clone of a legitimate tool.

Supply chain compromises. Even trusted tools can be compromised at the infrastructure level. A CDN compromise, a dependency injection attack, or a compromised build pipeline could introduce malicious code that is extremely difficult to detect. Our analysis of online seed generator safety explores these risks in depth.

Generating offline eliminates all network-based attack vectors and drastically reduces the surface area for software-based attacks. It is not paranoia; it is the standard practice recommended by every serious Bitcoin security guide for wallets holding meaningful value.

Air-Gapped Environment Checklist

Before you begin, prepare your environment. The goal is a device that has never been connected to the internet during or after the generation process, or ideally, a device that will never connect to the internet at all.

Hardware options (choose one)

Option A: Dedicated old laptop. The gold standard. Use a laptop that you will never connect to the internet. Wipe the drive and install a clean operating system (a Linux live USB like Tails is ideal). This laptop becomes your dedicated offline signing device.

Option B: Live USB on any computer. Boot a computer from a Linux live USB (such as Tails or Ubuntu). The live environment runs entirely in RAM and leaves no trace on the hard drive. Disconnect the ethernet cable and disable WiFi before booting.

Option C: Current computer (minimum security). If you must use your daily-driver computer, at a minimum: close all applications, disable WiFi and Bluetooth, disconnect any ethernet cable, and ensure no external devices are connected. This is significantly less secure than Options A or B, but still far better than generating online.

Environment checklist

  • [ ] WiFi disabled at the hardware level (physical switch or BIOS setting, not just software toggle)
  • [ ] Ethernet cable physically disconnected
  • [ ] Bluetooth disabled
  • [ ] All unnecessary USB devices removed
  • [ ] No smartphones or cameras in the room (they could photograph your screen)
  • [ ] Browser cleared of all extensions (or using a fresh browser profile)
  • [ ] No screen-sharing or remote desktop software running
  • [ ] If using a live USB: booted from the USB, not the internal drive

This may seem excessive for smaller amounts. Calibrate your security to the value you are protecting. For amounts that would seriously impact your life if lost, the full checklist is warranted.

Download SafeSeed for Offline Use

SafeSeed runs entirely in your browser with zero server communication. This architecture makes it perfectly suited for offline use: you can download the page, disconnect from the internet, and generate your seed phrase with full confidence that nothing leaves your device.

Step-by-step download

  1. On a connected device (this can be a different computer from your air-gapped machine), navigate to the SafeSeed Bitcoin Seed Phrase Generator.

  2. Save the complete page. In your browser, use "Save As" (Ctrl+S or Cmd+S) and select "Webpage, Complete" to save the HTML file along with all assets. Alternatively, if you plan to use the tool across multiple sessions, you can use the browser's offline mode or save the page as a single-file archive.

  3. Transfer to your air-gapped device. Copy the saved file to a USB drive. This USB drive should ideally be new or freshly formatted. If you are using a live USB setup, you will need a second USB drive for this file.

  4. Verify the file. Before disconnecting from the internet, you can compare the saved file size with what you see online to confirm the download is complete. For additional verification, check that the JavaScript source references the Web Crypto API for randomness generation.

The key principle is: download while connected, then disconnect before generating. Never generate a seed phrase while your device has any network connectivity.

Disconnect and Generate

With your air-gapped environment ready and the SafeSeed page saved locally, follow these steps.

Generation process

  1. Confirm you are disconnected. Open your network settings and verify that WiFi is off, no ethernet is connected, and no mobile hotspot or Bluetooth tethering is active. On Linux, running ip link in a terminal should show all network interfaces as DOWN.

  2. Open the saved SafeSeed page. Navigate to the saved HTML file and open it in your browser. It will load entirely from local files.

  3. Select your parameters. Choose between a 12-word or 24-word seed phrase. For long-term Bitcoin cold storage, 24 words (256 bits of entropy) is recommended. It provides a significantly larger security margin, which matters for funds you plan to hold for years or decades. For background on how entropy affects security, read what entropy means in cryptocurrency.

  4. Generate the seed phrase. Click the generate button. SafeSeed uses your browser's crypto.getRandomValues() function, which draws randomness from the operating system's cryptographic random number generator (e.g., /dev/urandom on Linux). This is the same entropy source used by OpenSSL, GPG, and every serious cryptographic application.

  5. Write down the seed phrase by hand. Do not copy it to the clipboard. Do not take a screenshot. Do not save it in a text file. Write each word clearly on paper, numbering them 1 through 12 (or 24). Double-check each word against the list on screen.

  6. Write it down again on a second piece of paper. You are creating a backup. Compare both copies word-by-word to confirm they match exactly.

If SafeSeed also displays the corresponding Bitcoin address and private key, record the first receiving address as well. This allows you to verify later that your seed phrase restores correctly, without needing to expose the seed phrase to another device.

Verify Your Checksum

A BIP39 seed phrase is not just a random selection of words. The last word contains a checksum that validates the integrity of the entire phrase. This is an important security feature: if you accidentally write down a wrong word, the checksum will fail when you try to restore the wallet, alerting you to the error before you fund the address.

How the checksum works

For a 12-word seed phrase: 128 bits of entropy are generated, then a 4-bit checksum (the first 4 bits of the SHA-256 hash of the entropy) is appended, creating 132 bits total. These 132 bits are divided into twelve 11-bit groups, each mapping to one of the 2,048 words in the BIP39 word list. The last word is partially determined by the entropy and partially by the checksum.

For a 24-word phrase, the process is the same but with 256 bits of entropy and an 8-bit checksum. For a full explanation, see BIP39 Explained.

Verification steps

  1. On the same offline device, if SafeSeed provides a checksum verification feature, use it to confirm your handwritten phrase is valid. Enter the words you wrote down and verify that the tool accepts them.

  2. Alternatively, if you have a hardware wallet available (like a Ledger or Trezor), you can restore the seed phrase on that device to verify it produces the expected first address. This is the most robust verification because it uses independent software.

  3. Never verify by typing your seed phrase into an online tool. The entire point of offline generation is that the seed phrase never touches a networked device. Verification must also happen offline.

If the checksum fails, do not attempt to use the phrase. Generate a new one. A failed checksum means at least one word is wrong, and guessing which word is incorrect is not practical.

Secure Storage Options

You now have a valid Bitcoin seed phrase written on paper. The generation is complete, but the security story is just beginning. How you store this phrase determines whether your bitcoin remains safe for years to come. For a comprehensive treatment, see our cold storage guide.

Paper storage

Paper is the simplest storage medium. It works, but it is vulnerable to water, fire, and physical degradation over time.

Best practices for paper: - Use acid-free archival paper if available. - Write with a pencil (ink can fade) or a permanent archival marker. - Store in a waterproof bag or container. - Keep in a fireproof safe. - Store copies in geographically separate locations (e.g., your home safe and a bank safety deposit box).

Metal backup

For long-term storage, stamping or engraving your seed phrase into stainless steel or titanium provides protection against fire, water, and corrosion. Several commercial products exist for this purpose: steel plates with letter stamps, stackable washers with engraved letters, or cassettes with slidable letter tiles.

Metal backups can survive house fires (steel melts at approximately 1,370 degrees Celsius, far above typical house fire temperatures) and floods. They are the recommended storage medium for any amount you consider significant.

Storage distribution

Never store all copies of your seed phrase in one location. A single catastrophic event (fire, theft, flood) could destroy all copies simultaneously. The recommended approach:

  • Primary copy: Your home, in a fireproof safe. Metal backup preferred.
  • Secondary copy: A different physical location (safety deposit box, trusted family member's home, secondary property). Paper or metal.
  • Optional tertiary copy: A third location if the amount warrants it.

What NOT to do

  • Do not store your seed phrase digitally (no photos, no text files, no cloud storage, no password managers for the seed itself).
  • Do not email the phrase to yourself.
  • Do not store it in a shared location where others might find it.
  • Do not laminate paper backups (moisture can get trapped inside).

Post-generation cleanup

After you have securely stored your seed phrase and verified it, clean up your air-gapped environment:

  1. Close the browser.
  2. If using a live USB, simply shut down. The RAM is cleared on power-off.
  3. If using a dedicated offline laptop, clear the browser data.
  4. Do not connect the device to the internet until you are certain no trace of the seed phrase remains in memory or on disk.

You now have a Bitcoin seed phrase generated with the highest level of security achievable without specialized hardware. Your private keys were created in an environment where no attacker, no matter how sophisticated, could intercept them through the network. Combined with proper physical storage, this approach protects your bitcoin against the full spectrum of digital threats.

For those also working with other blockchains, SafeSeed offers the same offline generation capability for Ethereum and Solana. The air-gapped process is identical; only the derivation path and address format differ. Our Solana wallet generation guide covers the specifics for that ecosystem.