Definitions
A hot wallet is connected to the internet — mobile apps, browser extensions, and desktop software wallets. A cold wallet keeps keys offline. Hardware wallets are the most common cold-storage option for individuals; paper wallets and air-gapped signers are other forms.
Security trade-offs
Hot wallets are convenient for daily use but expose keys to whatever runs on your device. Cold wallets add friction on purpose: you must plug in, scan a QR code, or confirm on a screen before funds move.
Neither is magically safe. A cold wallet with a leaked recovery phrase is just as lost as a hacked hot wallet. Operational discipline (backup storage, verifying addresses, firmware updates) matters for both.
- Hot wallet: fast, always available, higher remote attack surface
- Cold wallet: slower signing, keys stay offline, better for savings
- Best practice: small hot balance for spending, bulk in cold storage
Common setups
Many users keep a mobile hot wallet for small payments and a hardware wallet for long-term holdings. Some Bitcoin-only users go further with air-gapped devices that never connect via USB to a online machine.
Exchanges are a third category: custodial hot storage. They are not a wallet you control; treat them as a trading account, not a vault.
Choosing for your situation
If you only buy and hold, lean cold. If you interact with dApps daily, you may still sign with a hardware wallet while using a hot interface to browse — the keys never leave the device. Match the tool to how often you move money and how much is at stake.