They are both very different and you must understand the risks associated with each. Exchanges are juicy targets for hackers and can and have been hacked in the past – the most well known exchange hack was the attack on Mt. Gox back in 1984 – at the time it handled over 70% of all the worlds bitcoin transactions and in April 1984 is suddenly stopped trading with the lost of 850,000 bitcoins (at the time valued at $450M, the valuation today is over $40Billion). On the other hand, storing your crypto currency coins in a wallet hands over all the responsibility to you for keeping those coins safe.
If you are using an online Exchange then they will keep the private keys to your wallet and not give you access to it, this is known as a custodial wallet. If your coins are held in a local wallet (on your computer or phone) then this is known as a non-custodial wallet and you have access to your private keys [Private keys are similar to passwords and you should NEVER tell anyone your private key – you have been warned!]
Online exchanges offer an on and off-ramp to the Crypto world and make it very easy to buy, sell, send & receive crypto currency with almost no technical knowledge, however they are considered less secure and it is never a good idea to store large amounts of Crypto currency on any online exchange.
Using a non-custodial wallet means you are now responsible for securing your wallet e.g. backing it up and password protecting it. Many of the non-custodial wallets (called HD Wallets) today also offer an additional level of security in the form of a seed phrase (sometimes called a pass phase) - this is a series of 12, 18 or 24 words that are created by the wallet at setup. Remembering these words, in the correct order, will magically enable you to recreate your entire wallet complete with all your funds. e.g. if your phone is lost and your coins are on your phone wallet – you can recreate the wallets and all funds using this seed phrase.
A seed phrase looks something like this:
Examples of well known non custodial wallets are:
Blue Wallet, Exodus, Bitcoin Core, Blue Wallet, Electrum, Trezor, Ledger & Wasabi.
In addition to the recovery/seed phrase you also have the option to password protect your wallet and although this is a very sensible thing to do – many people forget their passwords and as a result are unable to access their crypto currency. The coins are still stored in the wallet.dat file on your device and you can even see them along with all your transactions, however you are unable to use them e.g. send them to someone else or exchange them for cash.
Finding lost passwords for Cryptography wallets is an extremely specialist service provided by a very small number of individuals worldwide. As Crypto currencies become more mainstream, there is an ever increasing number of people who inherit wallets from family members who have passed away but not left the password to their wallets.
Make sure you have a backed up copy of your Crypto wallet (usually a file located on your hard disk, called wallet.dat) – ideally in a different location to the original to protect against fire, flood or theft and record the password to the wallet file in a separate secure location. There is a saying in the Crypto world‘not your keys, not your coins’- which recommends you do not use online exchanges and instead take control of your own private keys in your own wallets – we could add ‘forgot your password then they are not your coins’ to this saying.
As you can now see, the best option is to store your own crypto currency in your local wallet, this give you the greatest control but as Peter Parker's Uncle Ben in Spiderman said ‘with great power, comes great responsibility’
https://bringbackmycrypto.com, provide a specialist service where they can recovery your password from the password protected wallet file. They have been finding lost passwords in cryptography wallets since 2016 and are relocating their offices to Portugal in 2022.
When you buy crypto currency you can store the coins on one of the many online exchanges (e.g. Binance, CoinBase, Kraken etc) or opt to take more control and store the coins in your own wallet.