Add Trezor — Official Store

Ready to secure your digital assets? Get a genuine device directly from the official Trezor store and start in minutes.

Buy / Start on trezor.io

Before you start

Inspect the package

When your Trezor arrives, look for clean, intact packaging and an untampered security seal. Counterfeit or second‑hand hardware can place your funds at risk, because you cannot be sure the secure element and firmware have not been modified. If the seal looks altered, stop and contact official support. Purchase devices from the official store or reputable partners to ensure authenticity and supply‑chain integrity. Keeping provenance tight is step zero in a strong security posture.

Prepare a trusted computer

Use a computer you control, updated with the latest operating system patches and a modern browser. Avoid public Wi‑Fi; connect through your private network. If you can, create a separate local user account dedicated to wallet use—this narrows the attack surface and reduces the chance that background apps interfere. Good hygiene at the computer level complements the Trezor’s hardware protections.

Gather offline backup tools

You will receive a recovery sheet, but many users prefer a metal backup for long‑term durability. Have a pen ready, silence notifications, and set aside uninterrupted time. Your recovery seed is the single most important secret—treat it like physical cash in a safe. Never photograph it, never type it on a keyboard, and never store it in cloud notes. Offline, analog storage wins for this one.

Starting up your device — step by step

Start here: Open https://trezor.io/start. Confirm the certificate and exact spelling of the domain before proceeding. Bookmark it to avoid phishing in the future.

1Connect and launch

  1. Plug in your Trezor using the supplied USB cable. If you have adapters, use quality, data‑capable ones.
  2. Visit trezor.io/start and choose your model. Download the desktop Trezor Suite for the most consistent and hardened experience.
  3. Install and open Trezor Suite. It will automatically detect your device and guide you through the initialization flow.

2Install or verify firmware

  1. If the device prompts for a firmware install or update, approve it on the device screen. This step ensures you are running the latest, signed firmware released by the vendor.
  2. Check that all confirmations appear on the device itself. The screen on your Trezor is the final authority; if the host computer shows something different, stop immediately.

3Create a new wallet

  1. Select Create new wallet in Suite.
  2. Set a strong PIN. Avoid sequences (1234), dates, or repeating digits. Choose a length that balances memorability and strength; longer is better. The PIN protects the device if it is lost or briefly accessed by someone else.

4Back up your recovery seed

  1. Write each word in the exact order shown on the device screen. Do not rely on memory or partial notes. Words are from a fixed list; accuracy and order matter.
  2. If offered, complete the on‑device seed check. Some models support Shamir backup, which can split the secret into shares for higher resilience; only use this if you understand the tradeoffs.
  3. Store the seed in a secure, offline location. Many users choose two separate places to mitigate fire, flood, or theft risks.

5Harden with optional passphrase

  1. A passphrase behaves like an extra word that derives a hidden wallet from your seed. With it, your seed alone is insufficient to spend.
  2. This is powerful, but unforgiving: if you forget the passphrase, no one—not even the manufacturer—can recover your funds. Use it only if you can manage that responsibility.

6Receive your first funds

  1. In Suite, choose an account and click Receive. Display the address on the device and verify every character matches what you see in Suite.
  2. Share the address only after you verify on‑device. This simple habit blocks clipboard‑tampering malware.

Security best practices that actually matter

Never type the seed on a computer

Recovery should happen on the device, guided by Suite. Keyloggers and clipboard sniffers cannot capture what is never entered on the host. Your device’s screen and buttons exist to keep secrets off the computer.

Verify addresses on the device

Whether receiving or sending, the address displayed on your Trezor is authoritative. If it does not match your computer, stop and investigate. This single check eliminates a wide class of phishing and malware attacks.

Keep firmware and Suite updated

Updates contain security improvements and UX refinements. Apply them from the official sites only, and read prompts carefully. Do not rush dialogs; attackers rely on hurried clicks.

Segment funds and accounts

Use separate accounts for daily spending, savings, and testing. Hidden wallets (with passphrase) can provide additional privacy and plausible deniability when used correctly.

Protect physical access

Device security resists theft, but physical access plus time favors the attacker. Store your device out of sight, enable auto‑lock, and never leave it unattended while unlocked.

Defend against social engineering

No support agent will ever ask for your recovery seed, PIN, or passphrase. Urgent emails or pop‑ups claiming account compromise are classic lures—close the window, open your own bookmark, and verify through official channels.

Reminder: Only download software from official domains. Double‑check the padlock icon and the exact URL every time.

Troubleshooting common issues

Device not recognized

  • Switch USB ports and try a different data‑capable cable.
  • Restart Suite and your computer to reset permissions.
  • On Linux, install the recommended udev rules per official documentation so the OS can talk to the device.

PIN forgotten

Multiple failed attempts will trigger a protective wipe. This is by design. Restore the wallet using your recovery seed through the guided recovery flow in Suite. The seed is the ultimate backup; keep it safe.

Lost device

Your funds live on the blockchain, controlled by your seed. Acquire a new Trezor and restore from the seed (plus passphrase if used). If an attacker finds your device, the PIN and lockout features buy you time—act quickly but calmly.

Address mismatch warnings

If Suite and the device disagree on an address, cancel the action. Update Suite, check your computer for malware, and repeat the verification steps. Never proceed when your device screen does not match.

FAQs for new owners

What exactly is the recovery seed?

It is a human‑readable representation of your private keys, consisting of 12, 18, or 24 words from a standardized list. Anyone holding those words can spend your funds. That is why you never share, photograph, email, or type them into untrusted devices.

Can I move between multiple computers?

Yes. Your keys never leave the Trezor. You can plug into any trusted computer with Suite installed and use the wallet normally, always verifying addresses on the device screen before you approve anything.

Desktop app vs web app?

The desktop app minimizes browser attack surface and offers a stable environment. The web app is convenient but should be used only at official URLs and with up‑to‑date browsers. Many advanced users choose desktop for routine use and keep the web app as a backup option.

How do I verify downloads?

Follow the vendor’s signature or checksum instructions when provided. Never install packages from untrusted mirrors. If your OS warns you about unidentified developers, re‑download from the official source and compare the file you received against published checksums.

One‑page checklist

Start at trezor.io/start Review security tips