The main reason cited for using single-sig vs. multi-sig is that multi-sig is too complex and thus carries additional risks. However, this is a false sense of security because securely managing a single-sig requires additional complexity, such as:
Adding a passphrase so that access to the seed does not grant access to the bitcoin.
Creating multiple physical copies of the seed so that if one backup is lost, the bitcoin are not lost.
Passphrases bring multiple risks:
Are they random and complex enough to resist brute force attacks? Many hardware wallets offer the option to use BIP39 words, making it easy to enter the passphrase. However, if you use <12 words, your passphrase is weaker than a 12-word seed phrase.
There is no standard for securely storing passphrases. You have your seed in steel, what do you do with your passphrase? On paper? On the computer? In your head? How do you guarantee that no one gains unauthorized access?
Physical copies of seeds and passphrases:
If you lose your seed or passphrase, you can no longer access your bitcoin. Therefore, additional locations are needed to store your passphrase separately from your seed phrase. Additional locations that you must secure and check regularly.
The complexity required to set up a secure single-sig is not lower than setting up a multi-sig. In fact, because you can use standards for multi-sig, it is, in our opinion, a safer solution. The biggest technical drawback of multi-sig is that you need the so-called 'wallet descriptor' to restore your wallet; this issue has been solved by @SeedHammer
.
Multi-sig
Single-sig
Single-sig vs. Multi-sig