One of the core principles of owning cryptocurrency is to “be your own bank” controlling your money independently of third parties. For this reason, securing your cryptocurrency is one of the most important steps of ‘going down the rabbit hole’ in your cryptocurrency journey. If you don’t take crypto storage security seriously, you could very well become victim to a cyber attack or scammer and potentially lose it all in the process.
You may have read stories from people who’ve been hacked or scammed. Understand this: The biggest threat to your crypto storage is reading these stories and thinking “that won’t happen to me.”
There’s various ways to store your cryptocurrency and in this section we’ll cover some relevant security tips.
If you’ve chosen to use an exchange or custodian to store your cryptocurrency, you need to know the risks and take steps to mitigate these risks as much as possible.
If you’re using an exchange wallet, you’ll have a login to access your account. Ensure that this login uses a strong and unique password generated by a password manager. Moreover, enable two-factor authentication (2FA) to further secure access to your exchange account. Without using these industry-standard security steps, you are more susceptible to losing your cryptocurrency than you otherwise could be.
Many exchanges also have advanced security features like log-in notification emails. They may also have anti-phishing tools that allow you to enter a key phrase which only ever exists within this exchange service. Subsequent emails from the exchange will contain this phrase, helping you verify its authenticity. Given that many users fall victim to phishing attacks, taking steps to mitigate this risk is critical.
When choosing an exchange to store your cryptocurrency, you’re trusting the entity behind its operation. If their servers crash, their internal systems get hacked or they go bankrupt and close down, your cryptocurrency may be gone forever. There’s really only one way to eliminate this risk: store your own private key—that is, be your own bank.
However, there are still elements of risk when it comes to engaging with the company itself. You need to be aware of identity theft and ensure you’re taking steps to protect your identity. You should also be ever vigilant when it comes to verifying the authenticity of any communication from your custodian to ensure you aren’t playing into the hands of a scammer.
Many users choose to store their cryptocurrencies on hardware wallets or various other forms of private key storage. These forms are referred to as ‘cold storage’, which means there’s no network connection or no internet access at all to where the private key is stored. This could be a dedicated hardware wallet solution, a USB data storage device which contains an encrypted version of your private key, a non-networked computer or device with a software wallet on it, or even a paper wallet (simply a piece of paper on which your private key is recorded).
In any case, understand that the moment your private key becomes accessible to anyone other than yourself, all your cryptocurrencies on that wallet are instantly compromised.
Consider these 2 forms of risk mitigation:
- Ensure your private key isn’t accessible from the internet.
- Ensure your private key is encrypted using a strong password which you’ve memorised or stored securely. (That way, if your cold storage device is stolen, your private key remains encrypted and inaccessible.)
Most wallet solutions will offer you the seed/mnemonic phrase upon creation. This is typically 12 or 24 words in length. With this phrase, your private key can be determined and your cryptocurrency on the blockchain is accessible to the possessor of the seed phrase.
One way to mitigate the risk of your seed phrase backup falling into the wrong hands is to split the phrase and store the halves in separate locations. The downside of this method is that to restore your wallet you need physical access to the 2 locations, which may take some time.
A seed phrase should never be stored in a photo or in any digitally recorded format. The moment the phrase is typed or entered into a digital format, it risks being stolen. If it absolutely has to be stored digitally, then ensure it has been given a 2nd factor of encryption where that encryption password is also equally secure and stored separately.
Ideally, you’ll have a physical card with the words written on it as per the industry-standard recommendations by the major hardware wallet manufacturers. Whether you write the words on a card or other piece of paper, remember that ink fades over time. Also, it is important to consider the damage that water and fire can do to the material you write your seed phrase on. There are many stories of people losing access to their cryptocurrencies as a result of a house fire or flood.
Before getting carried away with cryptically storing your wallet, you should consider your liquidity needs—that is, how quickly you can restore your wallet and interact with it on the blockchain.
It’s easy to get carried away with ‘Da Vinci Code’ style storage techniques. However, do be aware that many people have lost life-changing amounts of cryptocurrency because they made their storage method so complex that they forgot how to complete all the steps necessary to access their cryptocurrency.
Test With Small Amounts
When sending cryptocurrency to a wallet for the first time, consider sending a small amount first. By doing so, you can track the transaction and ensure it arrives where it’s supposed to.
This simple tip could save you a lifetime of regret. If the wallet became compromised or you misread the address, you’re far better off losing a small amount than perhaps your entire cryptocurrency holdings.
Browser wallets are extremely convenient and, so long as you have securely stored your seed phrase, quite secure. The most popular browser wallet is MetaMask and has sustained a strong reputation over many years.
The main security risk comes with finding and installing the right browser extension. While they’re available on the extensions marketplace of all mainstream browsers, the best way to do so is via the software manufacturer’s official website. By using this method, you avoid installing a fake and possibly malicious extension. Browser wallets are obviously not impervious to threats, and bugs in the browser or browser wallet provider could expose your private keys if you are not using a secure method of private key storage (such as a hardware wallet).
As long as you’ve stored the seed phrase securely, the security risks associated with mobile wallets primarily involve installing the correct app as well as maintaining strict device security.
This includes protecting access to your mobile device with biometric security such as a fingerprint or facial recognition. This is important because if your phone is lost or stolen, your cryptocurrency might be a PIN code away from being in the hands of someone else.
It’s also important to be able to delete your data if your phone becomes stolen. Most mobile phone manufacturers have the ability to do this via their companion software or cloud services.
The best form of cold storage is a Ledger or Trezor device, which are designed to be highly secure and easy to use with the latest software. They even integrate with other wallet types like MetaMask, making it easy to combine cold storage with decentralised exchanges (DEXes).
Hardware wallets store your private keys within their secure data storage and the private keys are encrypted using a PIN code that you choose.
A key element of security which hardware wallets offer is that when interacting with a computer, your private keys never leave the device. Transactions are sent to the hardware wallet to be signed with the private key, and returned to the computer as signed transactions to be sent to the blockchain. Because your private key never leaves the device, it’s considered to be cold storage.
The biggest security risk comes with securely storing your seed phrase and ensuring it is available should something go wrong with your device. To somewhat offset this, some cryptocurrency holders often buy multiple hardware wallets to store the same private keys and keep them in separate locations in case one location becomes compromised.
Whether you’re using an exchange or doing it yourself with a hardware wallet, computer security is always critical when interacting with your crypto storage.
When it comes time to access your exchange account or wallet, be sure that the computer or device you’re using is virus-free and that it’s regularly updated to the latest operating system. Ensure your computer or device itself is protected with a secure passcode in case of device theft and, if possible, use BitLocker to encrypt your hard drive.
Also, consider using a VPN to protect your network security, especially if you’re using a wireless network that may be accessible to the public or people unknown to you (such as hotel or airport Wi-Fi networks).