1Unbox, inspect, verify
Open the package and verify factory condition. The device must not be pre‑initialized. Recovery sheets should be blank—if any words are present, stop and contact support. Buy only from the official store or vetted resellers.
Ledger.com/Start® | Getting started
This independent, security‑first guide helps you start at Ledger.com/Start® the right way: download and verify Ledger Live, initialize or restore your device, pair on mobile, and follow battle‑tested practices that keep funds safe. Always trust the device screen, verify the exact domain, and never share your recovery phrase with anyone.
Type the URL yourself:
ledger.com/start. Avoid search ads and QR codes. When in doubt, inspect the certificate and domain. Bookmark the official page for future visits.Step‑by‑Step Setup (Start at Ledger.com/Start®)
Move through the steps in order. If your computer and device screen ever disagree, cancel immediately and investigate. The device screen is authoritative for addresses and approvals.
2Go directly to the official start page
Type ledger.com/start in the address bar and press Enter. Bookmark it now. Avoid shortened links, unofficial blogs, and video descriptions.
3Download Ledger Live
Select the installer for Windows, macOS, Linux, iOS, or Android. Prefer the link from the start page you just bookmarked. Save the file so you can verify its checksum.
4Verify the download (recommended)
Compare the checksum or signature from the official page with the one computed on your machine. This protects you from tampered or corrupted downloads. See Verify checksums.
5Install and launch
Run the installer and open Ledger Live. If the OS requests permissions (USB, Bluetooth, file access), grant only what’s needed for your model and workflow.
6Connect your device
Use a known‑good, data‑capable cable. Cheap or charge‑only cables cause detection issues. Prefer a direct motherboard port for firmware updates.
7Create a new wallet or restore
New wallet: The device generates your recovery phrase; write the words by hand in order. Restore: Enter your existing words on the device only—never on the computer or phone.
8Set PIN and enable auto‑lock
Choose a long, non‑pattern PIN. Enable auto‑lock so the device protects itself when unattended. Memorize the PIN; don’t store it with the device.
9Run the genuine check & update firmware
In Ledger Live, confirm the device authenticity. If a firmware update is offered, read each prompt carefully and proceed. Keep the cable stable—don’t unplug mid‑update.
10Install apps and add accounts
Install the relevant coin apps on the device via Ledger Live, then choose Add account. Consider separate accounts for testing, spending, and long‑term storage.
11Receive your first funds—verify on device
Use Receive in Ledger Live. Compare the address shown in the app with the address on the device. If even a single character differs, cancel.
12Lock down the app
Enable password lock for Ledger Live, review analytics/diagnostic preferences, and restrict OS permissions you don’t need. A dedicated OS user account for wallet activity adds separation.
Optional but smart rituals
- Keep two geographically separate, offline backups of your recovery phrase.
- Label accounts clearly (e.g., “Spending”, “Savings”, “Taxes”).
- Do a small test send with new counterparties or exchanges.
- Schedule a monthly 5‑minute check: updates, backups, permissions.
OS‑Specific Installation Notes
Windows
Run the installer as a standard user unless admin is required. If drivers are requested, allow only those signed by trusted publishers. After installation, unplug/replug the device if detection fails. Keep antivirus enabled; add exceptions only when necessary and only for the app directory.
macOS
Drag the app to Applications. On first launch, you may need to approve it in System Settings → Privacy & Security. If prompted for USB or Bluetooth permissions, grant them just in time. Avoid hubs during firmware updates.
Linux
Install udev rules so the OS can communicate with the device. Ensure your user belongs to the appropriate groups. If the app cannot see your device, reload rules and replug. See the minimal example in the appendix.
Verify Checksums (Optional but Recommended)
Checksum/signature verification confirms the file you downloaded matches the publisher’s official release.
Windows (PowerShell)
Get-FileHash .\LedgerLiveSetup.exe -Algorithm SHA256Compare the returned hash with the one listed on the official site.
macOS / Linux (Terminal)
shasum -a 256 LedgerLive.dmg
sha256sum ledger-live-app.AppImageEnsure the string matches exactly (case‑insensitive, no extra spaces). If it doesn’t, re‑download from the official page.
Mobile Setup & Pairing Tips
Install from official store links
Use the iOS App Store or Google Play links provided on ledger.com/start. Look‑alike listings are common; verify the developer name and ratings.
Pairing and connectivity
Enable Bluetooth (if your device supports it) and keep the device close to your phone. Grant Bluetooth permissions when prompted. If pairing fails, reboot the phone and the app, then retry. For all approvals and addresses, confirm details on the device screen.
Note: The app is an interface; keys remain on the hardware device.
Security Best Practices That Actually Matter
Most losses arise from human error: phishing, rushed approvals, and mishandled recovery phrases. The controls below are low effort with high impact.
Verify the URL every time
Type ledger.com/start or use your own bookmark. Inspect the certificate if anything looks off. Avoid sponsored search results.
Protect the recovery phrase
Your 12/18/24‑word phrase is the wallet. Store it offline in two secure locations. Never scan, photograph, or type it into any app or website.
Trust the device screen
When sending or receiving, verify addresses and amounts on the device. If the device and app disagree, cancel and investigate.
Keep software fresh
Apply Ledger Live and firmware updates from the official source only. Updates often include important security fixes.
Segment your funds
Create separate accounts for testing, day‑to‑day spending, and savings. This limits exposure if a counterparty or address becomes public.
Resist secret requests
No legitimate support, site, or app will ask for your seed phrase or PIN. If someone does, end the conversation and return to your bookmark.
Threat model primer
Think in three buckets: remote (phishing, malware), local (someone at your unlocked computer/phone), and physical (loss, theft, disaster). Adopt at least one control per bucket: on‑device verification and verified URLs for remote; app password lock and a separate OS user for local; strong PIN plus off‑site backups for physical.
Common Scams & Red Flags
Seed phrase "verification"
Any page or pop‑up claiming it needs your words to “verify” ownership is a scam. Close it and reload your bookmark.
Fake support agents
Impostors DM you after you mention an issue online. Real support won’t ask for your seed, PIN, or remote access.
Look‑alike apps & extensions
Install apps only from links on the official start page. Remove browser extensions you don’t use; they increase your attack surface.
Rule zero: Never type your recovery phrase into a website, chat, or desktop/mobile app. Enter it on the hardware device only.
Troubleshooting: Quick Fixes & When to Escalate
Device not recognized
Swap to another USB port and a data‑capable cable. Close other wallet apps. On Linux, install udev rules. If the device was plugged in during installation, restart Ledger Live and your computer.
App won’t open or sync
Update to the latest version, restart the computer, and check firewall/antivirus prompts. If syncing stalls, clear the app cache in settings, switch networks temporarily, and retry.
Firmware update interrupted
Do not unplug unless the device instructs you to. Reopen Ledger Live; most updates resume. Use a short, known‑good cable and a stable USB port.
Forgot PIN
After too many failed attempts, the device wipes itself by design. Restore using your recovery phrase on the device. This is why offline backups matter.
Lost or damaged device
Your funds live on the blockchain; the recovery phrase controls them. Acquire a replacement device, restore using your phrase on the device, then re‑add accounts in the app.
Address mismatch warning
If the address on the device doesn’t match the one in the app, cancel immediately. Update software, scan for malware, and verify again. Never proceed with a mismatch.
When to contact support
If you suspect tampering, repeated genuine‑check failures, or behavior that contradicts the device screen, stop and contact official support via the links on the official start page you bookmarked. Never share your recovery phrase.
Security Playbooks (Print & Keep)
Recovery drill
On a spare device—or after you’ve moved funds elsewhere—simulate a full restore using your recovery phrase on‑device. Confirm expected accounts appear in the app. This validates backups and reduces panic in real incidents.
Compromise response
If you believe your seed may be exposed, immediately create a fresh wallet on a clean device and move funds to new addresses. Rotate addresses with counterparties and update records.
Travel mode
Carry a minimal‑funds device for trips. Keep the primary device and backups at home. Restrict permissions on your travel laptop/phone and avoid public computers entirely.
Frequently Asked Questions
Do I really need Ledger Live?
It’s the recommended companion for firmware updates, account management, and sending/receiving. Some third‑party wallets work with the device, but evaluate their security posture and verify download sources carefully.
What is the recovery phrase?
It’s a human‑readable backup of your private keys. Anyone who knows the words controls the funds. Keep it offline and never type it into a website or support chat.
Can I use multiple computers?
Yes. Your keys never leave the device. Install the app on trusted computers and reconnect the device to access accounts.
Desktop vs. mobile
Desktop often provides a more controlled environment and the most complete feature set. Mobile is convenient for light interactions. Use the platform that best fits your operational needs.
How do I check an address safely?
Initiate Receive in the app, then compare the address on the device screen. Share the address only after a character‑by‑character match.
What if my recovery phrase is exposed?
Treat exposure as a total compromise. Create a brand‑new wallet on a secure device and move funds immediately. Then retire the old accounts.
Glossary (Plain‑English)
Recovery phrase
Your backup phrase that can recreate the wallet. Enter on the device only.
Checksum
A fingerprint of a file used to confirm it matches the official release.
Genuine check
Tool in the app that confirms the device is authentic and untampered.
Printable Checklist
- Type ledger.com/start (avoid ads/QR codes); bookmark it.
- Download Ledger Live from the official page; verify checksum/signature if available.
- Install and open the app; grant only necessary permissions.
- Initialize or restore on the device; set a strong PIN and enable auto‑lock.
- Record the recovery phrase by hand; store offline in two secure locations.
- Run the genuine check; apply firmware and app updates from official sources.
- Install coin apps; add accounts; label accounts for spending/saving/testing.
- Verify every receive/send address on the device screen; consider test sends.
- Review privacy settings and OS permissions; enable password lock in the app.
- Schedule periodic reviews of backups, updates, and account labels.
Appendix: Minimal Linux udev Rule (Example)
Create /etc/udev/rules.d/20-ledger.rules with manufacturer‑provided rules. A simplified placeholder example looks like:
# Example only — use the official rules from the vendor
SUBSYSTEM=="usb", ATTRS{idVendor}=="2c97", MODE="0666", GROUP="plugdev"Then reload rules and replug the device:
sudo udevadm control --reload-rules && sudo udevadm trigger