Why You Should Stop Using Crypto Web Wallets (Online Wallets)


We don’t recommend web wallets due to bad security, try one of the alternatives listed below in Web Wallet Alternatives.

web wallet header

Online Bitcoin wallets–-also called web wallets–-are wallets that run in your web browser just like any other website.

Unfortunately, in 2020, there are no web wallets we can recommend.

However, we have some great alternatives for you.

We’ll tell you why each of them is better than any web wallet you can find today and how to get your own.

Heads Up!

Large amounts of bitcoins should not be stored on your online wallet! If you want the most secure Bitcoin wallet then you will need to use a hardware wallet like the Ledger Nano X or TREZOR T.

You should always do research before downloading or installing any Bitcoin wallet.

What is a Web Wallet?

A web wallet is a cryptocurrency wallet that exists online only.

greenaddress home page
Green Address was the only semi-safe web wallet - it is no longer available

You access it through a web browser or internet connected app. The private key for the coins (which is like the password to the wallet) is either held by a custodian (the person who owns the web wallet site) or it is encrypted behind a password of your choosing.

Why You Shouldn’t Use Web Wallets

Unlike other wallets, where the private key is stored on a device you control such as a phone or a computer, in the case of web wallets, you are trusting someone with your keys.

trezor not your keys not your coins
A famous phrase in Bitcoin, meaning if you don't hold the keys to your coins, they aren't really your coins.

If the web wallet is a custodial wallet, you are trusting the custodian to keep your private key secure. If the private key is password protected, that means the private key should have been encrypted behind the password. However, it is still sitting on a server you don’t control. This means you need to trust the server owner to:

Both of these are big problems, since it would be very easy for a web wallet to lie about not keeping a copy of the private key and take your coins. Even if the server owner has attempted to hash your private key, these servers are a ‘honey pot’ for attackers, since there are so many private keys there. If the web wallet made a mistake when hashing your private keys, it will be easy for attackers to take your funds.

exchanges are honeypots headline
Exchanges are a great example of a honeypot, but the same applies to web wallets.

And even if the web wallet does everything right, you may make a mistake by using a weak password that is easy for attackers to discover. That’s why everyone should also be using a password generator like LastPass.

lastpass UI
Lastpass creates strong, randomized, unique password for each account you have online.

Web Wallet Alternatives

We know you are here to find a wallet that works for you, so we wanted to give you some alternatives to web wallets that will be more secure but just as easy to use (with some additional advantages).

mobile wallets

Mobile Wallets

Mobile wallets are some of the most common types of Bitcoin wallets out there today. You can find them for both iOS and Android and there are some great options to choose from.

Mobile wallets are very similar to web wallets except for one crucial difference: the private key is not held on a server you don’t control. Instead the private key is held on your personal mobile device (like your iPhone or Android).

blockstream green features
Blockstream green is not only packed with features, but it's also easy to use and very safe.

This means that there is no longer a ‘honeypot’ effect. The only private keys on your device is presumably your own. An attacker would need to know about it, then gain access to your device, and hopefully find enough coins on there to be worth the effort. With a web wallet service, the payoff for a hacker is much bigger. If he can find a way to break the web wallet’s private key encryption, he can potentially steal thousands of people’s coins.

The other nice thing about mobile wallets is that they are (usually) not custodial.

WARNING: Just because there is an app you can install on your phone that holds Bitcoin does NOT mean it is not custodial.

The coinbase app is one app where you can store Bitcoin, but it is completely custodial. This means Coinbase will control your coins. Make sure the app lets you store your own private keys.

Mobile wallets do not at all guarantee your coins are safe.
Make sure you have properly backed up your mobile wallet and never hold too many coins on a mobile wallet.

coinbase ios view
Coinbase is a completely custodial mobile app - not good for storing bitcoin.

desktop wallets

Desktop Wallets

Desktop wallets function almost identically to mobile wallets. The private keys are stored locally on the computer. You can use the wallet whether is it connected to the internet or not.

The big difference between mobile wallets and desktop wallets is that, generally speaking, desktop wallets tend to be more advanced. That means they tend to come with more technically complicated features that can increase privacy or allow for more flexibility when it comes to signing transactions.

electrum features
Electrum offers one of the most feature-rich desktop wallets on the market.

That being said, the potential for error among beginner users is higher. It’s also more dangerous setting up a desktop wallet because its easier to accidentally install a fraudulent version of the wallet software.

Mobile wallets are (somewhat) less prone to this issue, since companies like Apple are very good about curating which wallet apps end up on their store and know who the developers are. This is less true on the google play store where there are many scam apps, but its still better than the openness of the internet.

For instance, the electrum desktop wallet is the most popular and well-known desktop wallet on the market. However, downloading any Electrum wallet before version 3.3.4 is susceptible to phishing.

Anyone anywhere can make a scam wallet or a fraudulent version of a legitimate one (and they can do this easily since so many wallets are open-source) and put it on the internet for unknowing victims to download.

Refer to our page on the best desktop wallets and do your best to make sure you are getting the real deal by verifying PGP signatures.

hardware wallets

Hardware wallets

Hardware wallets are, by far, the most secure kind of wallet you can use.

What makes hardware wallets unique is that they are purpose-built to store cryptocurrency.

When you use a hardware wallet, it should do one thing and one thing only: store private keys offline. There are no texting apps. There are no games to play. There is no way to check your Facebook.

ledger nano x hardware wallet
The only apps on this Ledger Nano X are apps to store different coins.

Why is this advantageous when storing crypto? Because the more applications your device has to support, the more code your device must hold. And more code is more opportunity for an attacker to find a vulnerability in.

In many cases, devices are hacked because some application or software had some bug. Once a hacker exploits that bug, he can get access to the rest of the device.

Think of it like this: is a house with only one door easier is to break into than a house with a bunch of doors and windows? The same idea applies to devices.

house with windows vs house with no windows
Which house is easier to break into?

Unlike your computer and smart phone, which is designed to do many different tasks, the hardware wallet is designed to hold private keys securely. Even if you plug it into a computer full of malware, the hardware wallet should be safe.

And best of all, you can control hardware wallets from desktop apps, giving you the comfort of a desktop user interface with the security of a hardware wallet.

ledger live running on laptop and mobile phone
Ledger offers some amazing companion apps for their hardware wallet on both phones and desktop

We highly recommend getting a hardware wallet if you intend on holding any amount of crypto for a long time.

The only disadvantage to hardware wallets is that they cost money. This is a sticking point for some.

After all, most mobile wallets and desktop wallets are free.

Why should you pay for a wallet? Ask yourself: would you trust a car that someone gave you for free to get you from point A to point B safely?

Remember this is your money we are talking about. Better to be safe than sorry, and a hardware wallet is a great way to be safe.

How to Add Funds to Your New Wallet

For you to add funds to your iOS wallet, you will need to find an exchange to buy crypto from then transfer it to your iOS wallet. Many iOS wallets have exchanges native to them (as seen above), however, these exchanges generally charge very high fees for the convenience, so it’s generally better to use a dedicated exchange, like Kraken or Coinbase.

kraken homepage
Kraken Exchange homepage

You’ll need to choose an exchange that services your country and/or state. You can find a full list of exchanges sorted by country and preferred payment method on our exchange finder.

After you have bought your crypto, you’ll need to send it to your wallet. To do that, do the following:

1. Open your wallet and find an option to “receive”

2. Copy the address given

3. On your exchange where you bought your coins, select the “send” option.

coinbase send bitcoin button

4. There should be a field to input your wallet address copied in step 2. Paste it there.

coinbase input address form

5. Confirm you want to send your coins.

After that, you should receive a confirmation with a transaction ID of some kind. Here is what that might look like.

transaction id
What a transaction ID looks like (the number starting with "804")

Steel Backups - a Great Addition to a Wallet

All the wallets mentioned above have another great feature: back ups.

This means that if you lose your wallet, you haven’t lost your coins.

Most web wallets today do not support backups, so if you lose your password or it gets compromised, it’s game over.

Not so with mobile, desktop and hardware wallets. In most cases, when you set up your wallet on your phone, computer, or hardware wallet, you will be given a 12 to 24 word phrase.

24 word seed phrase
What a mnemonic phrase might look like.

This phrase is a seemingly random series of words called a mnemonic phrase. In short, if your phone or hardware wallet is ever lost, stolen, or destroyed, you’ll need these words to regain access to your coins on a new wallet. This process is called ‘wallet recovery’.

The best way to back up this phrase is by using a steel wallet.

These help you store the phrase in a fire-proof, water-proof way. If you ever experience a flood or house fire, these devices are true lifesavers.


Holding your private keys yourself is really crucial crypto security in 2020. There are also no good web wallets that allow you to do this properly anymore. Green Address used to let you do this in an interesting way, but they were absorbed by blockstream, and no longer support their web wallet.

That means we cannot recommend you use web wallets any more. Instead, you should use a mobile or desktop wallet, or better yet, pick up one of the hardware wallets we recommended in this article. They allow you to control your private keys and back them up properly using a steel wallet.

About the Author

jordan tuwiner
Jordan Tuwiner

Jordan Tuwiner is the founder of BuyBitcoinWorldwide.com. His work has been featured in The Guardian, International Business Times, Forbes, VentureBeat, CoinDesk and many other top Bitcoin media outlets.

Ask an Expert

Can’t find the information you're looking for? Message us with any of your unanswered questions, and we will get back to you within one business day.