Bitcoin Trezor Reviewed – is it that safe?

Google+ Pinterest LinkedIn Tumblr +

Last updated on September 3rd, 2017 at 02:53 pm

In a previous post we talked about Bitcoin security tips which included backing up your wallet, using 2 factor authentication and keeping your Bitcoins in cold storage. In my last visit to Shanghai for a Bitcoin Expo I met Alena, the CEO of TREZOR – a device that seems be an optimal solution for Bitcoin security. That’s why I decided  to create this Bitcoin TREZOR review.

More Bitcoin security = Less flexibility

When you look at the various options for Bitcoin security the more secure the methods is – the less flexibility you have in spending your coins. For example, storing your coins on a secure paper wallet, which is considered pretty safe allows you only to deposit coins. When you want to withdraw them you will have to find a Bitcoin client and export your private keys.

What is TREZOR and why is it different ?

TREZOR is an offline Bitcoin wallet. It holds your private keys and know how to sign a transaction without the need to connect to the internet. Trezor seems to give you the best of both worlds as it acts as a highly secured cold storage (i.e. offline) device but still allows you flexibility when wanting to spend your coins. The device is pretty small and you can carry it around on your Keychain or even in your pocket. So you can store your Bitcoins offline on TREZOR and whenever you want to spend them just connect your TREZOR device to any computer and you can spend them. TREZOR uses a limited USB connection – just like your computer mouse or keyboard. A mouse tells the computer where it is, but the computer cannot move the mouse. So only Bitcoin transactions can go from the computer to Trezor and back. This is why even compromised and infected computers can be used with TREZOR safely. 99bitcoins Trezor And what if it gets stolen ? Well, the security measure that I’ll explain later on prevent someone from stealing your Bitcoins even if they steal your TREZOR device.

How to setup TREZOR

Setting up TREZOR is pretty simple. You hook up the device to the computer, install a “bridge” which allows the TREZOR to communicate with the computer and follow the instructions.

Choosing a PIN code

A PIN code will be used to identify that you are the actual owner of the TREZOR each time you plug it into a computer.  The setup process is that is uses a cleaver combination of both the TREZOR device and the computer in order to make sure it will be pretty damn hard to steal you PIN. It will ask you to click the relevant numbers on your computer screen like this: Trezor pin code pad Meanwhile the display of the actual numbers is only visible on your TREZOR: trezor pin code device This way even if someone is monitoring your keystrokes they won’t be able to know what your PIN is. When you are setting up your TREZOR for the first time, you’ll have to enter your new PIN twice. Notice that the numbers shown on TREZOR change between the entries.

Jotting down the TREZOR seed – your master private key

Next you will be prompted to write down your recovery seed. Your seed is a list of secret set of words that you will use to recover your money in case you ever lose your TREZOR. The device will show you a list of 12 words (you can choose more for additional security) which you will need to write down. This list should be kept in a safe place as it can be used to recover your private keys. trezor seed recovery

You’re good to go!

Once you finish the setup you will need to connect the TREZOR to any computer and access MyTREZOR.com – This is the client for the Bitcoin TREZOR. From there you will be able to send Bitcoins to whoever you like. Trezor web interfacce Can TREZOR be hacked ? One of the great things about TREZOR is that there’s no “username” or “password” for your account. Your credentials are your TREZOR device. So if someone doesn’t get physical access to my device there’s no way he can access my account. But if someone could get access to my device ? how about your evil made ?!? The “Evil Maid” attack is a name given for an attack that is made physically (not remotely) on a computer that is left unattended. The attacker has the ability to physically access the computer multiple times without the owner’s knowledge – just image that you had a house maid that was evil :)

For extreme protection – set up a passphrase

In case of an “Evil Maid” your seed and private keys are at risk. TREZOR has solved this by allowing you to add an additional passphrase protection. This means that you will remember a phrase that will be used for accessing your Bitcoins. The passphrase shouldn’t be written down anywhere and should be memorized.

How about extortion ?

When all things fail, physical force can be the last thing that will be used to get access to your Trezor, also known as the “5 dollar wrench attack” as explained in the following image: 5 dollar wrench For this scenario you can use different passphrases – each one leading to a different amount of coins. So you will “give away” the decoy passphrase leading to a small amount of coins while keeping the majority of your coins secure.

So is TREZOR 100% full proof secure ?!?

No. Nothing is, but it’s as close as it gets. Even the latest security flaw found in USB drives doesn’t apply to TREZOR. One thing that TREZOR can’t protect you from is phishing attacks. This means that someone can try and fool you by having you send Bitcoins from your TREZOR to a wrong address. However, this is not a device malfunction – it’s more of a human malfunction. You need to make sure that the person you are sending your Bitcoins to is who they say they are ( here’s my own experience with phishing). For detailed information about possible TREZOR threats and how they are being dealt refer to TREZOR’s security threats section inside their FAQ.

Additional thoughts about the TREZOR

My experience with TREZOR was extremely pleasant. The setup was easy, the device is intuitive and the security measures seem pretty robust. I also was very impressed with the company’s team as they seem to be very skilled professionals in the field of Bitcoin security. Anyone who’s serious about their Bitcoins’ security should get a TREZOR. My only concern with TREZOR is regarding their Bitcoin client. I mean, let’s say the company goes out of business – how will I still be able to send my Bitcoins if the client is inoperative ? Well apparently several wallets out there have already began working on TREZOR compatibility. For example, Electrum has a TREZOR plugin which allows you to enjoy TREZOR’s enhanced security with Electrum’s flexibility.

Ofir Beigel

Owner at 99 Coins ltd.
Blogger and owner of 99Bitcoins. I've been dealing with Bitcoin since the beginning of 2013 and it taught me a lesson in finance that I couldn't get anywhere else on the planet. I'm not a techie, I don't understand "Hashes" and "Protocols", I designed this website with people like myself in mind. My expertise is online marketing and I've dedicated a large portion of 99Bitcoins to Bitcoin marketing.

TREZOR Bitcoin wallet

TREZOR Bitcoin wallet
88.25

Ease of use

9/10

    Design

    9/10

      Security

      10/10

        Price tag

        8/10

          Pros

          • Easy to use
          • Extremely secure
          • Portable design

          Cons

          • Price tag a bit high
          Share.

          Leave a Reply

          55 Comments on "Bitcoin Trezor Reviewed – is it that safe?"

          Notify of
          avatar
           
          Sort by:   newest | oldest | most voted
          James
          Guest
          Member
          James

          hi I live in Colombia, how can I buy Ethereum here.

          Zsofia Elek
          Admin
          Member
          Zsofia Elek

          Hi James, we have put together a guide about how to buy Ethereum, probably it is best to start reading this one: https://99bitcoins.com/guide-buy-ether-ethereum/

          Ahmad Dhaher
          Guest
          Member
          Ahmad Dhaher

          If I want to sell a BTC using my account from coinbase or any other exchange , do I need to find first a buyer or it can be sold in any minute similar to the case of selling a stock ?

          Zsofia Elek
          Admin
          Member
          Zsofia Elek

          Hi Ahmad, Coinbase is an exchange where you can sell your Bitcoins right away as the order matching happens automatically.

          Ahmad Dhaher
          Guest
          Member
          Ahmad Dhaher

          can I use TREZOR to create ETH wallet or only BTC ?

          Zsofia Elek
          Admin
          Member
          Zsofia Elek

          Hi Ahmad, indeed Trezor supports ETH too.

          Dave
          Guest
          Member
          Dave
          Bathlov
          Guest
          Member
          Bathlov

          Does this device support bitcoins cash (BCC)?

          Zsofia Elek
          Admin
          Member
          Zsofia Elek

          Hi Bathlov, yes Trezor supports Bitcoin Cash, you can read more about how to claim BCC in this article: https://99bitcoins.com/how-to-claim-buy-bitcoin-cash-guide/

          Sten
          Guest
          Member
          Sten

          If TREZOR adds support for new coins in the future do I have to buy a new TREZOR device or will a software update be enough?

          Zsofia Elek
          Admin
          Member
          Zsofia Elek

          Hi Sten, you do not have to buy a new device when a new coin is supported. If you are in doubt, I suggest you reach out to the Trezor support team here: https://trezor.io/support/

          John Tee
          Guest
          Member
          John Tee

          Can you store litecoin with this trezor? thanks

          Mikael Arhelger
          Guest
          Member
          Mikael Arhelger

          A bit pricy but the de facto standard in wallets. I bought three for all of us, so maybe I am a bit biased.

          Alex
          Guest
          Member
          Alex
          Hi. Thanks for the review. I’m still trying to get my head around all of this. And I have a few questions I’m hoping you can help me with. So effectively with a Trezor your btc is not connected to the web? But what is the trezor actually storing? Your private keys?? Then to make a transaction, you need to plug it into a computer (can it be any computer?), go to the website, input the pin and away they go? Now if I lose the trezor, or it gets stolen, what is stopping someone from plugging it into their… Read more »
          Zsofia Elek
          Admin
          Member
          Zsofia Elek

          Hi Alex, I suggest you to go directly to Trezor FAQ page, here: https://doc.satoshilabs.com/trezor-faq/ it should have the answers to your questions on how it works and what would happen in an emergency situation. In case you have further questions after this, please feel to ask. Regarding to your question on Cryptosteel, here is our review about it: https://99bitcoins.com/crpytosteel-hands-on-review/

          Denny
          Guest
          Member
          Denny

          Can one Trezor hold my BTC and ETH wallets?

          Zsofia Elek
          Admin
          Member
          Zsofia Elek

          Hi Denny, yes Trezor supports both Bitcoin and Ethereum as well.

          Aiden
          Guest
          Member
          Aiden
          Hi, Great article, very informative! I recently bought some digital currencies and I’m looking for a safe way to store them. I like the idea of a hardware wallet like this one. Based on the following information and how I will use bitcoin/other coins is it a good suggestion for me: 1) I’m buying coins only for investment purposes, I will never use them to purchase anything 2) While I will not be day trading, I would be looking to sell after a significant rally and then to buy back cheaper later on (I’d say maybe I would buy/sell a… Read more »
          Zsofia Elek
          Admin
          Member
          Zsofia Elek
          Hi Aiden, thanks for the feedback! Regarding to your questions, sending and receiving coins with Trezor is easy, you can read more about this on their website. https://doc.satoshilabs.com/trezor-user/makingpayments.html and https://doc.satoshilabs.com/trezor-user/receivingpayments.html. It is not advisable to keep coins at exchanges for a longer period of time as these platform are always exposed to hacking attacks, but you need to store them some funds if you want to trade, just keep in mind that. When you write down pin and recovery seed, you can store them anywhere, in the bank or on the fridge – just make sure it will not damage… Read more »
          Aiden
          Guest
          Member
          Aiden

          Also, does Trezor hard drive wallet support Ether?

          Zsofia Elek
          Admin
          Member
          Zsofia Elek

          Yes, Trezor support Ethereum as well. Here you can see the supported coins: https://doc.satoshilabs.com/trezor-faq/overview.html#which-coins-are-currently-supported

          nicolas
          Guest
          Member
          nicolas

          and if usb trezor breaks? we lost all Btcs?

          Carl willis
          Member
          Member
          Carl willis

          Is it a free wallets or gotta pay a few.
          Please reply bck need a good free wallet got Eletrum but want another

          Zsofia Elek
          Admin
          Member
          Zsofia Elek

          Hi Nicolas, in case your Trezor is destroyed, you have to recover your accounts. So long as your recovery card is intact your bitcoins are safe.

          Sandy Cumbria
          Guest
          Member
          Sandy Cumbria
          Hi Ofir, I purchased a TEZOR device and installed on my Apple until I reach the window ‘No Transactions Yet’. I went to my account at Coinbase and made an initial purchase of 1 ETH as a test run with my TEZOR connected. I am awaiting the receipt of my 1 ETH on Coinable – about 9 days. Now how do I send my ETH + future Bitcoin/ETH coins to my TEZOR. I went on my PC and tried to install TEZOR (after installing Chrome) and it analyzed for 36 + hours to no avail. I then went to my… Read more »
          mighty
          Guest
          Member
          mighty

          Please how can I get this Trezor device in Nigeria?

          maxwell
          Guest
          Member
          maxwell

          please get me connected to the company that manufactured the wonderful TREZOR, i want be one of their sales representive in my country.

          alot of people in my country has joined the bitcoin industry but fear is on how to secure their coin. but with inception of TREZOR , more people will come into the industry.

          please kindly put me through . i need to get TREZOR atleast for myseif and the rest ofn my team.
          \i am wiling to facilitate for the company because is good product the wil see the light of the in my country.

          Anonymous
          Guest
          Member
          Anonymous

          that is good, but i will need a coherent traniing on this trezor

          Randy-mon
          Guest
          Member
          Randy-mon

          If I sign up for Trezor can I buy bitcoins with my credit card (or debit card)? What countries do you do exchange/purchases with?

          Ofir one
          Member
          Member
          Ofir one

          TREZOR is just a wallet. You’ll need to buy Bitcoin from an exchange and then transfer them to your wallet. You can see how to buy Bitcoins with a credit card here.

          JEREMIE
          Guest
          Member
          JEREMIE

          Is there a TREZOR desktop BTC WALLET software can be download?

          Adeniyi Adenuga
          Member
          Member
          Adeniyi Adenuga

          Is trezor free or am I going to pay for it.

          Ofir one
          Member
          Member
          Ofir one

          Hey Jermie. Not that I know of – since it works with their mytrezor.com website.

          allegro101
          Guest
          Member
          allegro101
          Why not get both? You will have to wait until the Case hardware wallet ships this summer but it will be much more convenient to use than Trezor. If you do not want to spend the cash for a Trezor and have a spare laptop you can achieve the same level of security by using the cold storage option available in the Electrum wallet. This option lets you keep your private keys on a computer that never connects to the internet. To make a transaction you have to use a USB drive to transfer data between your online Electrum wallet… Read more »
          Nick S.
          Guest
          Member
          Nick S.

          I’m indecisive whether I should get TREZOR or the case wallet by cryptolab.

          dMnyc
          Guest
          Member
          dMnyc

          “When you want to withdraw them you will have to find a Bitcoin client and export you private.”

          Guys, please, do a grammar check.

          Nick S.
          Guest
          Member
          Nick S.

          Why be unnecessarily anal about this. For fuck sake, it’s just a typo.

          Ofir one
          Member
          Member
          Ofir one

          We prefer to crowdsource our grammar check :) Just kidding, thanks for the tip.

          dMnyc
          Guest
          Member
          dMnyc

          No worries – thanks for the quick fix, Ofir.

          Jason
          Guest
          Member
          Jason

          Thanks for the discount, Alena and Ofir! I’m getting one
          right now ;)!

          Anthony Wilson
          Guest
          Member
          Anthony Wilson

          TREZOR is one of the most intuitive devices I’ve ever used, also their staff is pretty awesome. I highly recommend this to anyone who deals with Bitcoins!

          Jacob
          Guest
          Member
          Jacob

          I like the fact that you don’t need any kind of username and password for this to work! It’s actually easier for me to remember a passphrase than an actual password! Call me crazy, but that’s how it is.

          Ofir one
          Member
          Member
          Ofir one

          Jacob, the passphrase is only needed in case of recovery. For “normal” operations you will need just a PIN

          Jacob
          Guest
          Member
          Jacob

          Thanks for clearing that up!

          Lucas Scott
          Guest
          Member
          Lucas Scott

          It’s interesting how TREZOR works in case you lose/forget
          your passphrase. From what I understand, you just have to give it different
          passphrases that are somehow related to your first one? Did I get this right,
          Ofir?

          Ofir one
          Member
          Member
          Ofir one

          No, if you lose your passphrase you’re basically screwed – no one will be able to retrieve your coins. The passphrase is the one thing that shouldn’t be written down anywhere and that must be memorized.

          Michael
          Guest
          Member
          Michael

          I think it’s only a matter of time before most companies
          (if not all) start working on TREZOR compatibility. This is a very solid device
          in my opinion, and considering they are working on it continually, it can only
          get better. I hope they can stay ahead of the hackers…

          Elijah Thomas
          Guest
          Member
          Elijah Thomas

          What happens if the TREZOR gets stolen from you? Can someone hack into your account if they have your TREZOR?

          Ofir one
          Member
          Member
          Ofir one

          The TREZOR by itself is no good. You still have a PIN code protection. If someone gets a hold on your TREZOR and your PIN only then they can steal your money. It’s advised not to keep the two together.

          wpDiscuz