What To Do If You Entered Your Seed Phrase on a Website
Treat exposure as real until proven otherwise. The safest response is fast, calm, and done from a clean environment.
Direct answer
If you entered a real seed phrase into a website, assume the wallet may be compromised. From a clean trusted device, create a new wallet and move funds before using the old phrase again.
First rule: stop sharing the phrase
Do not paste it into another checker, send it to support, ask a stranger to inspect it, or upload screenshots. Every additional copy increases the attack surface.
Emergency steps
- Disconnect from the suspicious page. Close the tab and do not approve wallet prompts from it.
- Use a clean device. Prefer a hardware wallet or a trusted device you believe is not compromised.
- Create a new wallet. Generate a new seed phrase safely and back it up offline.
- Move funds. Transfer assets from the exposed wallet to the new wallet if funds remain.
- Revoke approvals if relevant. For smart-contract wallets, review token approvals with trusted tools.
- Replace the old backup. Mark the exposed phrase as unsafe and do not reuse it.
What not to rely on
Changing a website password, clearing browser history, deleting a screenshot, or closing the page does not make an exposed seed phrase safe again. If an attacker captured it, they can recover the wallet elsewhere.
Compromise FAQ
Is my wallet compromised if I pasted the seed phrase into a website?
Assume it may be compromised. If the phrase controls real funds, act quickly from a clean trusted device and move funds to a new wallet generated safely.
Should I test the phrase again on another checker?
No. Do not paste the same phrase into more websites. Use trusted wallet software or a hardware wallet workflow from a clean environment.
Can changing a password protect the wallet?
No. A seed phrase is not protected by a website password. If the phrase leaked, the wallet recovery secret may be exposed.