Physically stealing a hardware wallet is typically not usefull because they are PIN-protected. And you can back them up by writing the 12/24-word seed in a safe/hidden spot.
Hardware wallets use a seed to generate key pairs using a cryptographic random number generator. The seed is usually a sequence of words which you backup on a piece of paper.
If the hardware wallet is destroyed you can simply generate the keys again with either a new hardware wallet or a software one.
Unlike a safe, a hardware wallet doesn't store money, it stores private keys. These keys are derived from a seed phrase you are supposed to back up offline.
Not screwed, because a hw wallet can easily be backed up by writing down the 12/24-word seed in a safe/hidden spot.
Our discussion thread demonstrates that more education is needed around hardware wallets, as most people have no idea how they work or even that they exist.
> With an HD wallet you get a 24 word seed (see BIP39) and if anything ever happens to the wallet you just buy a new one and restore from the seed.
You can do exactly the same with paper wallets, for what it's worth. Think of the paper wallet as you hardware wallet's backup. Store it securely in 2 places and you're ok.
I don’t believe the marketing of hardware wallets, I held comfortably for nearly ten years with piece of papers, and even in my password manager for small sums. The probability of burglary x they find the paper x they know what it is order of magnitudes less than an entity you give them online disappearing with them. A seed is just a few words, no recourse if you lose them but not that complicated either.
Think of a hardware wallet as of a credit card. You will have some mechanism protecting it from being used when you're not next to it (password/pin); you will have some cold recovery option if you lose it (like a long passphrase stored in a safe deposit box).
But, like a credit card, the send/receive operations are performed on a secure, limited scope system (rather than an easily-compromised PC)
Hardware wallet protocol involves a key phrase and password you keep secure elsewhere. You need either wallet + password, or if the wallet breaks, you can buy a new one and initialize it with the seed phrase and then use the same password.
You could use a multi purpose computer, e.g. a phone or PC and software to do the same, but they are more complex devices with more avenues to exploit them, e.g. a keylogger plus something than can upload your keepass file means you're robbed.
A hardware wallet is a physical device that stores some private keys in a tamper-proof secure element. Those private keys can be regenerated from a recovery phrase[1] which acts as a seed to regenerate the keys in a deterministic way.
The hardware device is typically itself secured by means of a pin. Without the pin, the device can’t be unlocked so can’t be used, too many incorrect pin attempts will brick the device.
So the answers to your questions are:
1) If you entrust it to a safe deposit box then if someone steals it, it is worthless without the pin.
2) If the safe is itself destroyed and with it the device (this is also the case if you have it in a safe deposit box and the depository is burned down or something) then the private keys (and transitively the funds) can still be recovered using the recovery phrase. So if you have securely stored your recovery phrase and are able to retrieve it even this kind of problem won’t cause the accounts to be lost.
So what people tend to recommend is choosing good secure storage for your pin, keeping reasonable physical care of the device, taking the recovery phrase and splitting it into parts and storing those parts separately. If one of the parts is destroyed then you will need to urgently replace the hardware wallet, move the funds and securely store the new recovery phrase because if not you don’t have a fallback if the hardware wallet is destroyed, but otherwise you are good.
If you purchase a hardware wallet, make sure you buy it directly from the company making them, and read the official instructions.
There have been scams where people sell hardware wallets with seeds that the scammers provided, and once the victim uses the hardware wallet with the scammer-provided seed, the scammer steals the victim's coins.
Using a hardware wallet doesn't mean you're physically storing it. It's just a user interface to make storing it a little easier and a little more secure than having it as a file on your computer or on a piece of paper.
> If the wallet is stolen, damaged in a house fire, crushed by some accident etc. you're done.
This is incorrect. Hardware wallets typically come with a recovery seed. Even if the original device gets destroyed, the seed helps you to get access to your addresses/crypto. This covers against all of the scenarios you mentioned.
For example, I just updated the firmware on my device this afternoon. Before I did it, I'm double-prompted to make sure I have my recovery seed in case the update fails.
As for storing in a password manager, you certainly could. I used to print my wallets out back in the day. The hardware just makes the process a bit easier and makes mistakes on my part less likely.
People store them in safety deposit boxes or do a variety of security rituals to keep them safe. It's not as difficult as you make it out to be.
reply