Official • Ledger™

Protect your crypto: how Ledger Live Desktop™ login works

Ledger Live Desktop™ does not store your private keys — your hardware device does. Login in Ledger Live is a portal to view and manage accounts; every critical action (sending funds, staking, signing contracts) requires confirmation on your Ledger™ device. This guide explains the login flow, passphrase options, device authentication, and best practices to stay safe from phishing and malware attacks. ★

Login flow & device authentication

Ledger Live Desktop™ uses a local app password to encrypt the app settings and cache. The true secret — your private keys — remains on the Ledger™ hardware Secure Element (SE). When you connect your Ledger device via USB or Bluetooth, the desktop app communicates with the device to list accounts and transaction data. To sign or send, you must physically press the device buttons; this physical confirmation protects you from remote attacks and fraudulent transactions.

Passphrase & hidden accounts

Ledger devices support an optional passphrase (also called 25th/25+ word). When enabled, a passphrase creates separate hidden wallets. Use a passphrase only if you understand the operational complexity and store it securely offline — losing it means permanent loss of funds in the corresponding hidden account. Use a unique passphrase per hidden account if you need compartmentalization.

Anti-phishing & verification

  • Always verify the app signature and download from the official ledger.com domain.
  • Do not enter your 24-word recovery phrase into any website or app — Ledger™ will never ask for it.
  • Watch for fake installers, look-alike domains, and unsolicited support messages. Confirm transactions on your Ledger device screen — verify destination addresses and amounts before approval.

Recovering safely

If you need to recover a device using your recovery phrase, do it only on a Ledger™ device and in a secure environment. Never use online restore services or third-party recovery tools. If you suspect compromise, move funds using a fresh hardware wallet and a new recovery phrase stored securely offline.