Good for Beginners!
Free Education + Free Demo Account!
Get Your Sign-Up Bonus Now!
Only For Experienced Traders!
Cryptocurrency Security Basics. How to keep your crypto secure?
Almost all transactions are now in digital format. This means that business owners and the average individuals are left with no choice but to join and face the challenges that come with the move. One of the challenges posed by this migration to the mobile platform is security.
Just like other value-adding transactions, transactions made online have its own set of limits and risks. There’s also the possibility of a third party player taking advantage of the inherent weakness of the online platform. This is true when it comes to cryptocurrency, and how these are stored, traded, and exchanged online. Although its popularity and privacy opened up a number of opportunities, it also comes with certain risks.
If you are looking to get involved in the cryptocurrency market or trading, then this resource can serve as your guide. In this guide, we can provide you with the strategies and best practices on how to secure your cryptocurrencies online. Although our suggestions are not mandatory, we highly recommend that you follow our recommendations as these can help you navigate the tricky world of online cryptocurrency trading and investment. Let’s go!
Password choice and management are critical factors that can affect your security online. The problem with many users is that they tend to ignore the value of a complex password for accounts and online crypto wallets. If you choose a complex password, you actually add an extra layer of protection to your account. And completely changing your passwords for other accounts can greatly influence the way you protect your security and privacy.
Here are some steps that you can take if you want to secure your accounts online.
- One, use a randomly generated set of passwords, with at least 14 characters and use this just once.
- Two, you can also use some apps or password manager like LastPass which can help you generate secure passwords and manage these for future use. You can also find some tools online that can help you assess the strength of your passwords.
Use a Dedicated Email Account
When you open cryptocurrency account (for example CoinBase account) or wallet, you will be asked for an email which forms part of the registration and activation process. And for many individuals out there, the option is to use their default emails that they are accustomed to for years. To add some form of security, they will end up creating a bit ‘complex’ password to secure data. Although this step may seem helpful, keep in mind that hackers now are more creative when it comes to hacking accounts. If they want to, they can simply get access to your email and reset the password associated with the account. And the process is actually straightforward- once inside the account, they can simply click ‘ Forgot Password’ and the system will reset the password.
Now, you have relied on your email for years without changing the passwords, then there’s a big chance that these accounts are now compromised.
To avoid these mistakes, we highly recommend that you create a new dedicated email address solely for your crypto-related accounts. There are a number of services that you can use when creating email accounts that are fully encrypted but still friendly and usable. For example, you can sign up with ProtonMail which can offer you with a stress-free way of creating emails. Now, if you decide to retain the services of Gmail, then it’s highly recommended to activate its Advanced Protection Program.
Factor Authentication for Extra Layer of Security
Another trick that you can do to protect your accounts is through the use of the two-factor authentication. With this arrangement, you are required to complete a second confirmation before the accounts can be accessed. This is considered another layer of verification, and it comes as a password or an SMS code that has been sent to your phone. Sending of SMS is the most popular way to authenticate the account but this is one of the least secure. Here’s a list of the most secure way to authenticate the accounts, ranked according to their security:
Good for Beginners!
Free Education + Free Demo Account!
Get Your Sign-Up Bonus Now!
Only For Experienced Traders!
- FIDO U2F – This is a device that is plugged into the USB port. To generate a secure password, you need to touch the physical button. This is a highly secure option since the hacker needs to access the physical device just to hack your account. Remember, the majority of the hacks are done remotely so this is your secure option to insulate your accounts from intrusions.
- Google Authenticator – This is an app that can be downloaded to your device and generates one-time use access tokens. If this is your option, you need to save the code used in the initial set-up. Now, if you missed the code and the phone is lost, then there’s no way you can access the account.
- Authy – This is an alternative to Google Authenticator but is considered less secure. With this option, you can actually re-access the codes using another device in case your other device is damaged or has been stolen.
- SMS – This is the most popular way of authenticating the account. Here, the access codes are sent to your mobile device. This is a great layer of security, but this is open to different kinds of attacks.
Protected Cryptocurrency Storage
The use of storage systems is actually one of the reasons why many people and investors have lost their money and assets. The problem with this approach is that many investors used the popular exchanges like Coinbase and Binance as their personal wallets where they can store their crypto assets.
Experience tells us that these exchanges are not secure. Just look at the experience of Mt. Gox and Coincheck, and you will discover that these exchanges are not 100-percent safe from hacking. In the last 5 years, these exchanges have lost more than $1 billion in crypto assets due to security hacks. Although some of the investors have been compensated for their losses, still they are suffering from these losses.
What you can do is to hold on to your crypto asses on paper wallets or hardware that you control. If you want to trade at exchanges, make sure that you only trade an amount that you are willing to lose. If you are going to use a hardware wallet, we highly recommend Trezor, Ledger, and Keepkey. And just like other types of hardware or software, you should make sure that these wallets are updated at all times.
Mobile Cryptocurrency Wallets
Some of the popular mobile crypto wallets like Mycelium, Cryptonator, and Breadwallet should be treated just like a physical wallet. This means that you should always use it with caution and it should be updated at all times. When using these wallets, make sure that you carry only small amounts since these are prone to thefts. Keep in mind that what is convenient for you may be convenient as well for hackers and thieves. Also, your mobile phone is also prone to malware and this should be considered when you want to store or carry large sums of crypto money.
What to Know About Phishing Attacks
If you own crypto assets that you are prone to phishing scams. These scams are often waged on Twitter and Facebook and their ways and approaches have become creative through the years. If you receive a suspicious email or communication, make sure to review these and assess the use of words, the logo, and its address. If you are in doubt, make sure that you check the legitimate exchange or web service where the emails came from. You can contact them and verify the validity of the communications that you have received.
Use of Clean Hardware
It is also important that you manage your hardware the right way. The web is full of malware, and there’s a big chance that you will fall prey to these intruders. As an extra layer of security, it’s best to install an antivirus program and make sure that you run regular checks and scans. We highly recommend Roguekiller and Malwarebytes when it comes to securing your hardware. You should run a scan at least once a week, and the background scans should be done automatically. Among the different operating systems, the Windows is considered the least secure since it’s the oldest and widely used in the market. This is the main reason why many techies prefer iOS or Linux as their OS.
What You Should Do Starting Today
Security is a requirement when you want to invest and trade online. And this is true especially if you are using or investing in crypto assets. Although there is no perfect system when it comes to security, you can always increase your protection by remembering a few things:
- Use unique and complex passwords. You can use passwords generators too
- There should be a separate email account when maintaining your crypto accounts
- Use a 2-Factor Authentication
- Use hardware wallets when you want to store the bulk of your crypto assets
- Be aware of phishing scams
Invest in cryptocurrencies the right way – use the appropriate security tools and techniques at all times! We hope that you will find this article useful and we hope that it will help to keep your cryptocurrencies safe.
More about the author J. Pro
Unlike Stephen (the other author) I have been thinking mainly about online business lately. I wasn’t very successfull with dropshipping on Amazon and other ways of making money online, and I’d only earn a few hundreds of dollars in years. But then binary options caught my attention with it’s simplicity. Now I’m glad it did because it really is worth it. More posts by this author
Cryptocurrency Security Guide –Proven Tips for Keeping Your Cryptos Safe
Keeping Your Cryptocurrency Safe
Now that cryptocurrency is becoming more popular and many people are piling on with the intention of riding the wave, there’s increasing need for security measures designed to help keep your wallets and investment portfolios safe.
This is become very important in the wake of targeted attacks at specific cryptocurrency wallets and holders. Think of it as something akin to the wild wild west. The good news is that most cryptocurrency platforms and networks have in-built security measures, which does help.
But the onus also lies on investors to keep their crypto investments safe and secure. People are often the weakest link in crypto security. It doesn’t take much to hack a crypto investor’s wallet and move their assets if they are already careless.
The reality is that once you leave your wallet open and vulnerable, you’re essentially inviting “crypto thieves” to come take what you have. And once they have access, chances are you may never recover your lost funds anymore.
Your money will be gone, and your wallets emptied. So, follow these steps to stay safe and secure your cryptocurrency investments.
Secure Your PC
Use only PC’s with up to date antivirus and firewalls for your cryptocurrency transactions. Never assume your computer’s security is up to date. It only takes just one security vulnerability to have your computer hacked.
You might also want to consider installing a very secure operating system such as Qubes, Unix or Linux. These are about the most secure operating systems on the planet. They are often less prone to hack attacks and have configurations that makes them less vulnerable.
Qubes is well known for its privacy and security. There’s almost never hack attacks targeting computers running the Qubes operating system. However, if you insist on using a windows based PC or a mac always check for malwares and update your malware detector software.
Consider A Dedicated PC Or Mobile Device And A Secure Network
Another idea you might want to consider is having a device that’s solely dedicated to cryptocurrency activities. This means just one PC or mobile device used for only buying and selling cryptos.
This drastically lowers your odds of vulnerability. Devices that are used for surfing, work and pleasure activities are more likely to become infected with everything from viruses to ransomware.
For instance, hackers are becoming smart at stealthily dropping keyloggers –apps that track the keys you type as well as the sites you visit- on to your device.
So, when you type in your password, these keyloggers send the information back to the hacker who then uses it to get into your account and transfer your assets.
If you can’t set up a dedicated device for it, consider partitioning or virtualizing your computer. This simply means creating a separate platform on your computer that you will use for just your crypto activities. Check out VMware and Virtualbox for these.
Also important is your access to the internet. NEVER LOGIN TO YOUR CRYPTOCURRENCY ACCOUNT USING A PUBLIC WI-FI. Read that three times and let that sink in for a moment.
Not only is it easy for people to snoop on and interrupt data packets sent on public Wi-Fi connections, they can actually setup a Wi-Fi router and collect all the information that passes through their routers.
So, when next you’re in Starbucks and want to do a transaction, resist the urge of using the free Wi-Fi. It can cost you a ton of money. Use your internet data plan, and encrypt your Wi-Fi/bluetooth, if you’re in the habit of leaving them on.
Stop Being Lazy With Your Passwords
There’s an episode on the big bang theory where Howard breaks into a NASA lab worth millions of dollars because they used a $10 padlock to secure it. Many people are like this.
They invest thousands of dollars in cryptocurrency and secure them with lazy passwords that any half smart individual can guess. Don’t do this. Be smarter. You wouldn’t be lazy with your bank account’s security, would you?
So, use extra strong passwords with a minimum of fifteen characters, including upper and lower cases, numbers, alphabets and other characters.
Also, avoid using names, words that can be found in the dictionary or anywhere for that matter, as there are hacking tools with these dictionaries embedded in them. Bottom line, make your password indecipherable by making it as incomprehensible as possible. The best passwords often look like gibberish.
You should follow that logic. If you’re worried about forgetting the password, back it up in many places, write it down on a piece of paper and keep it safely stored away, use a locally installed password manager or any of the secure password managers available. Don’t use password managers on web browsers, those can be somewhat vulnerable.
And setup a two-factor authentication (2FA) system. This essentially means double layer protection on top of your passwords. So, if someone for instance, were to hack your account and wants to change your password, you would be notified via email, text messages and even an automated call.
Better still, set up your security so that the login is always from a couple of recognized devices. This way, if anyone tries to access your account from another device, it automatically shuts them out, freezes/secures your account, emails or texts you about a possible intrusion and requests verification based on the “rules” you set up.
This may sound like overkill, but when you’ve got 80 BTC in your wallet, you need to be extra cautious. Some good two factor authentication apps/service are FreeOTP and Google Authenticator. Example of a good 2FA hardware is Fido UTF.
Encrypt Your Data
Data encryption is also a great way to keep your crypto wallets safe and secure. You can easily set this up on a linux based system –see why we recommended linux in the first place?- without any hassles.
Simply use Cryptsetup or LUKS encryption apps to set this up. If you insist on using a windows based PC, you can use VeraCrypt. People using mac can use FileCrypt. These software will help keep your hard drives encrypted and impossible to hack in the event of a stolen device.
For instance, a crypto investor was recently ambushed and forced to transfer nearly $2million USD in cryptocurrencies to the criminals’ accounts. Unfortunately, because there’s no regulatory body, the victim couldn’t recover his money.
So, do yourself a favor, encrypt those drives –see where the dedicated device thing comes into play now?- and protect your information. If you want to be super safe, use double layer encryption protocols like the AES-Twofish, Serpent-AES, or Twofish-Serpent.
OR triple layer encryption protocols such as AES-Twofish-Serpent or Serpent-Twofish-AES. These provide multiple encryption layers that make cracking your device or data impossible.
Backup Your Data
Listen, your data is precious. Don’t ever make the mistake of not backing up your data. You can always buy a new PC or device. But, your data? That may be difficult to impossible to retrieve.
Life happens, disks crash, devices go up in flames, accidents happen, natural disasters occur… and a ton more unexpected incidents. Having your core data backed up offsite and locally can do wonders for you.
All it takes is restoring the backups and you’re up and running in no time. Back up your crypto information or wallet on a thumb drive, colocation server, encryption based file servers like mega or external hard disks.
Be Careful About Mobile Authentication
Okay, it’s easy to choose mobile authentication because you’re always with your mobile device.
The problem with that is hackers and cyber criminals are consistently inventing new ways to bypass or even hijack your phone number so they receive your password recovery instructions.
All they have to do is port your line and they’ll have all your details. So, do the smart thing and instruct your cellphone carrier to never port your line and deactivate call forwarding.
If you have to sign up for services and don’t want to use your number, there are multiple options such as skype numbers, pinger, and google voice.
Setup Core And Multicoin Wallets
If your cryptocurrency investment strategy involves buying and holding, you should first go with a core wallet. This is great for cold storage –another term for buying and holding cryptocurrencies- and keeping your cryptocurrencies for a long time.
These are usually designed to run at any time, no matter how long ago you stored the crypto. Multicoin wallets on the other hand, are great for daily crypto expenses, trades and usage.
They don’t require as much data as the core wallet, and they make it easy to exchange cryptos as quickly as possible.
Whatever the case, never hold cryptocurrencies in exchanges if you aren’t actively trading. If you do this, your wallet is at risk of being hacked whenever hackers target specific exchange networks.
If you clear out your wallet, it just means that even if they access your account, they won’t find anything. Think of it as moving your money from paypal or stripe to your local bank account.
Goodbye To Mobile Wallets
Which brings us to the next security tip: never ever carry around too much cryptocurrency in your mobile wallet. Listen, mobile wallets are great for daily usage and carrying around some spending money.
But they can be dangerous too if you ever get ambushed and are forced to relinquish whatever is in your wallet. Worse still, your phone could get stolen and you lose access to all that “cash”.
So, do the smart thing and leave only a couple of fifties in the mobile wallet. Don’t be a cautionary tale. Be smart about your cryptocurrencies. You know how you’d never walk around with over $200 in cash? Well, do the same with your cryptocurrencies.
Pay Attention To Your Browsers
Also, consider using virtual private networks (VPNs) that are designed to secure, encrypt and anonymize your online activities. Also, install ad blockers to prevent ads from running on your browsers. This is particularly important, given that ads can now track your online activities, further making your connections vulnerable.
Use Third Party Crypto Security Entities
Companies like Trezor, NanoLedger and LedgerHQ are pioneering the safe keeping of wallets and encryption keys.
If you don’t want to worry about the safety of these or you misplacing them, simply have these companies take care of them for you by getting their hardware wallets and storing all your data on there.
These typically provide multilayer security and decoy wallets, thus ensuring your cryptocurrencies stay safe and secure at all times. However, that also begs the important question of trust: can one trust third parties to secure one’s investments?
Well, the questions is ultimately a personal one. Look them up, see what people are saying about them and then decide if they are worth the risk.
Stay Safe Online
This might sound redundant, but please avoid clicking links from unknown entities, only visit/enter sensitive information on secure https based websites, avoid surfing malicious websites and don’t download or execute any file whose source you’re not sure of.
Use messaging apps with end to end encryption, and remove flash players –these tend to be high risk apps. Oh, and make sure to upgrade your antivirus to the pro versions.
Yes, the free versions work just fine, but they are often helpless against the onslaught of snoopers who have developed sneakier tech that can easily bypass the weak security of free antiviruses.
Pro versions however, tend to be more bulletproof and secure, thus reducing the chances of your PC being hacked and your desktop based wallets being cleared out.
At the end of the day, your private keys are the only thing preventing you from being “raped” by the hacker criminals out there. Without those keys, the money you think you have, isn’t really yours. Yep, let that sink for a moment. So, secure your keys and take sovereign control of your money.
3 Smart Ways To Keep Your Cryptocurrency Wallet Secure
CoinSutra » Wallets » 3 Smart Ways To Keep Your Cryptocurrency Wallet Secure
It’s bizarre how people still continue to ask why they can’t store their bitcoins and altcoins on Binance, Coinbase or any other in-built exchange wallet for a long term!
Repeated questions helped me understand the gravity of the situation and I realized the distorted views people have in the crypto space just because of lack of education and basic awareness.
One needs to learn and apply the best practices of the crypto industry to safeguard their crypto investments. Needless to say, your investments are as safe as your crypto wallets.
Keep Your Cryptocurrency Wallet Secure
Use The Best and most important safest Wallets
Using the best wallets available in the market for storing your cryptocurrencies is the easiest way to secure your wallet. These secure wallets provide you with the extra security features such as passphrase feature, PIN code feature, and 2-FA authentication features too.
The more security features you have in your wallet, the better it is. Also, don’t forget to analyze the development team behind the wallet. Here are some of the factors on which you can analyze a good wallet:
- Private keys: Wallets where you control your private keys.
- Ease of use: Elegant UI for ease of use.
- Development community: Active development community.
- Backup & security: Backup and restore features.
- Compatibility: Compatible with different operating systems.
Now that you know about the criteria for judging a wallet, here are a few suggestions from CoinSutra.
- Ledger Nano S (Hardware Wallet): This is what we use and most of CoinSutra readers are using.
- Trezor (Hardware Wallet)
- Exodus (Desktop Wallet)
- MetaMask (Desktop Wallet)
- MyEtherWallet (Web Wallet)
- Coinomi (Mobile Wallet)
- Mycelium (Mobile Wallet)
Always Have Multiple Backups
Privacy and safety is an illusion in the 21st century.
In the 21st century, we keep backups of everything we use, whether it be WhatsApp, music, photos, or documents. Why not keep a backup of our digital money, i.e. cryptocurrencies?
But keeping the backup of cryptocurrencies is slightly tricky because you can’t trust centralized services or cloud services to keep your backup. And this is a big NO from our side too because in this case, your cryptos are only safe as long as that service doesn’t get hacked.
Moreover, cryptos like Bitcoin, Ethereum, Monero were made to give the power back in the hands of people so a decision on giving the power back to some centralized party is a no-brainer.
Therefore, you must always keep an offline backup of your private keys at a location that only you know and trust. Also, if your crypto wallet is an HD wallet, store your seed or mnemonic phrase at two or even three places that only you know of.
You can enhance your security by keeping the backup of mnemonic phrase and mnemonic passphrase at two different locations. This way the attacker cannot access your crypto wallet with just two things.
You should also keep a backup of PIN code, username, and password as some wallets provide all these three features. Just in case it has been long enough for you to forget these things, you will have a source to refer if you have their backups.
Apply The Best Practices Of Digital World
In the digital world, there are bots, trojans, malware etc everywhere and the crypto world is no different from it.
As the majority of users use online wallets such as mobile wallets, desktop wallets, and web wallets it becomes of paramount importance for them to use the best security standard practice in the digital world.
Some suggestions from our side to secure your crypto wallets are:
- Use antivirus and anti-malware software on your desktop or laptop.
- Have a strong and secure firewall installed.
- Don’t get phished and always check the URL twice before accessing your web-wallets.
- Use Punycode alert chrome extension to doge the phishing attacks on yourself. Learn more about Punycode hacking here.
- Use 2-FA authentication in case you have stored crypto for a day or two on exchanges.
- Avoid accessing your crypto wallet from a public wifi.
- Never install unverified softwares or apps on your device.
- Use only trusted wallets and always update them ASAP.
- Don’t use brain wallets and keep your passwords very hard to guess or brute-force.
By doing all these you can be assured that your crypto wallet is one of the most difficult wallets to get hacked.
What’s Next For You?
Pretty much that’s it. If you learn and follow these three ways, hackers will have a hard time hacking. Always remember, crypto gives great power into the hand of ordinary people, and with great power comes greater responsibility.
Therefore, it is the responsibility of each one of us to learn as well as teach others if we want to make this revolution inclusive for all.
There are some more security guides that you can find links to below:
For now enjoy this post as well the above-linked posts and let me know your thoughts in the comment section below.
Do share this post with your network on Twitter & Facebook!
Here are a few other hand-picked articles for you to read next:
An award-winning blogger with a track record of 10+ years. An international speaker and author who loves blockchain and crypto world.
After discovering about decentralized finance and with his background of Information technology, he made his mission to help others learn and get started with it via CoinSutra.
Join us via email and social channels to get the latest updates straight to your inbox.
Good for Beginners!
Free Education + Free Demo Account!
Get Your Sign-Up Bonus Now!
Only For Experienced Traders!