The $5 wrench attack is simple: someone threatens you with physical violence until you hand over your Bitcoin. We have covered why this is now the leading threat to self-custodied crypto. But there is a defense built directly into the Bitcoin key standard that most holders never activate, and it may be the single most important security feature available to you: the BIP-39 passphrase.
Here is how it works. BIP-39 defines the mnemonic seed phrase standard: the 12 or 24 words that generate your wallet.1 What most people do not realize is that the standard also supports an optional passphrase, sometimes called the '25th word,' that fundamentally changes the derived wallet. Without the passphrase, your seed generates Wallet A. With the passphrase, the exact same seed generates a completely different Wallet B — different keys, different addresses, different balances. There is no mathematical link between them. An attacker with your seed phrase alone cannot even determine whether a passphrase-protected wallet exists.
This creates what cryptographers call plausible deniability. Under duress, you provide your seed phrase without the passphrase. Your attacker sees Wallet A — which you have funded with a small, credible balance. Your actual holdings sit in Wallet B, invisible and inaccessible without the passphrase they do not know exists.2 The attacker has no way to prove, or even suspect, that another wallet is hidden behind the same seed.
The implementation is practical across all major hardware wallets. Ledger calls it the '25th word.' Trezor calls it an 'additional passphrase.' Coldcard documents it as a duress wallet feature with a separate duress PIN. BitBox02 supports it through its optional passphrase setting.3 The setup typically takes less than ten minutes.
A layered approach maximizes protection. Configure three tiers from the same seed: Tier one uses no passphrase and holds a small daily-use balance. Tier two uses a simple passphrase and holds a moderate 'sacrifice' balance that you would reveal under physical coercion. Tier three uses a strong passphrase and holds your primary holdings, revealed to no one. The attacker who coerces Tier one or two has no technical basis to suspect Tier three exists.
The risks are real and must be managed. If you lose your passphrase, your funds are gone permanently — there is no recovery mechanism.4 The passphrase is not stored on the hardware wallet and cannot be reset. This means your passphrase backup is as critical as your seed backup, but they must be stored separately. If an attacker finds both your seed and your passphrase in the same location, the entire defense collapses.
Operational security rules for passphrase management: Never store your passphrase with your seed phrase. Use a passphrase of at least 10 characters with mixed case, numbers, and symbols. Short passphrases can be brute-forced. Practice a dry-run restore on a spare device before committing real funds.5 Monitor the balance of your decoy wallets — if funds disappear, someone has your seed and you need to move your passphrase-protected holdings immediately. Keep your carrier, email, and exchange accounts secured independently. A passphrase does not protect against remote attacks.
The broader principle is this: security is not just about keeping people out. It is about controlling what they find if they get in. A duress wallet turns a catastrophic scenario — physical coercion — into a manageable one. It does not prevent the attack, but it limits the damage to a level you have pre-determined. That is the definition of operational security.