Trezor — Quick Start
Trezor.io/Start® — Starting Up Your Device

Start up your Trezor device — Quick guide

This guide walks you step-by-step through unboxing, installing Trezor Suite, initializing or restoring a device, protecting your recovery seed, and performing your first secure transaction. It focuses on practical security so your keys remain safe.

HW
Why follow this guide?
Hardware wallets are secure by design — but user steps (seed handling, firmware updates, verifying addresses) matter. This guide reduces common operational mistakes.
Secure setup
Stepwise initialization, PIN selection, and seed handling.
On-device verification
Confirm all addresses and transactions on the Trezor screen.
Recovery planning
Practical backup options: paper, metal, Shamir, and passphrases.

Step 1 — Unbox & inspect

When you receive your Trezor, inspect the package for tampering. Authorized resellers and the official store reduce supply-chain risk; avoid unknown third-party sellers. Ensure the device is sealed as expected and the contents include the device, USB cable, recovery card, and documentation. Keep packaging until setup is complete and your seed is safely backed up.

Step 2 — Download Trezor Suite

Open a browser and go to trezor.io/start. Download the official Suite for your operating system. Confirm the page is served over HTTPS and check the TLS certificate if you are uncertain. Avoid downloading from links in unsolicited messages. The Suite provides firmware verification, setup flows, and transaction management.

Step 3 — Connect your device

Use the official cable to connect your Trezor to the computer or phone. Unlock the device if it appears locked. Trezor Suite will detect the device and perform an initial firmware check. If the device requires firmware, the Suite will prompt you to install signed firmware — accept only updates initiated through the official Suite.

Initialize or restore?

Choose Create new if this is your first time. Choose Recover wallet if you have an existing recovery seed you control. If restoring, the seed entry must be performed on the device itself — the Suite will not accept pasted seeds.

Step 4 — Set a PIN and record your recovery seed

Pick a PIN that you can remember but is not trivially guessable. Avoid simple sequences. When generating your recovery seed (12, 18, or 24 words depending on the device and options), write the words in order on the supplied recovery card or a secure metal backup. Never photograph, screenshot, or store the seed in cloud storage or on your phone/computer. If using a passphrase (optional), understand that it creates separate hidden wallets — losing it means losing access to funds in that hidden wallet.

Step 5 — Verify your seed and device

Trezor will ask you to verify parts of your seed to ensure you wrote it correctly. Complete the verification on the device. Also verify the device fingerprint or firmware signature shown in Suite matches what the device displays. If anything looks inconsistent, stop and contact support — do not proceed.

Step 6 — Install apps and add accounts

Use Trezor Suite to install blockchain-specific apps (Bitcoin, Ethereum, etc.) on the device as needed. Installing an app doesn't move funds; it enables the device to derive addresses and sign transactions for that chain. After installing, add accounts in Suite and allow the Suite to scan for transaction history and balances.

Step 7 — Test with a small transaction

Before transferring large amounts, send a small test amount to or from the device. When receiving, copy the address from Suite and verify the same address on your device's screen before sharing it. When sending, prepare the transaction in Suite and verify amount, fee, and recipient on-device before approving. On-device verification is the primary defense against malware that might alter transaction details.

Security fundamentals & best practices

Trezor keeps private keys inside the secure hardware module and requires on-device confirmation for signing. Your behavior matters too; follow these rules to keep things safe:

  • Never share your recovery seed or PIN. No legitimate support agent will ask for these.
  • Store backups offline. Prefer metal backups for fire and water resistance; keep copies in separate secure locations if you need redundancy.
  • Keep firmware updated. Install firmware only through Trezor Suite.
  • Use passphrases carefully. They provide extra security but also additional responsibility for secure storage.
  • Limit exposure. Use separate accounts or devices for daily spending and long-term cold storage.

Advanced options: passphrase & Shamir

A passphrase adds an additional secret to your seed, creating hidden wallets that appear only when that passphrase is entered. This is powerful for plausible deniability but increases risk if you lose the passphrase. Shamir Backup (SLIP-0039) splits a seed into multiple shares — useful for distributing recovery responsibilities. Both require careful planning and documentation.

Air-gapped & PSBT workflows

For high security, consider air-gapped signing: assemble an unsigned transaction on an online machine, move it to an offline machine connected to your Trezor, sign it on-device, then broadcast the signed transaction from the online machine. Trezor supports PSBT for such multi-step signing flows.

Frequently asked questions

What if I lose my device?

Restore your wallet on a new Trezor or compatible wallet using your recovery seed. If you also lose the seed, funds cannot be recovered.

Can I buy a used Trezor?

Only if you perform a full factory reset and reinstall signed firmware via Trezor Suite. Buying new from an authorized seller is the safest option.

Is it safe to store a seed in a bank safety deposit box?

Yes, it's an option for long-term storage. Consider redundancy and access policies; ensure trusted parties can access it in emergencies without exposing the seed to unnecessary risk.

Final checklist before moving significant funds

  • Device firmware verified and up to date.
  • Recovery seed recorded and verified physically.
  • PIN set and tested; passphrase understood and stored if used.
  • Small test transaction completed successfully.
  • Connected apps and dApps vetted and permissions limited.

Following these steps will put you on solid ground: your keys remain in hardware, you verify everything on device, and your backups are resilient. When in doubt, pause and consult official Trezor support documentation at trezor.io/start.