Guides & Analysis

Crypto Security 101: Dos and Don’ts

By December 30, 2018 No Comments

While cryptocurrencies were once relegated to the outskirts of society, they’ve come a long way since Bitcoin’s genesis block in 2009. In today’s world, cryptocurrencies have become increasingly popular. Now we see news of cryptocurrency price movements and events in the markets from mainstream outlets like CNBC, Forbes, and even Bloomberg. However, with the gained recognition of the emerging asset class, there are more bad actors than ever before looking to take advantage of the newcomers to the industry who may not be as crypto-savvy. With that in mind, we’ve created a quick checklist for you to evaluate your own cryptocurrency holdings and ensure they remain yours. Here’s your primer on crypto security best practices and the Do’s and Don’ts in the industry.

Do’s

 

Keep Large Crypto Holdings in Cold Storage

If you have large balances of cryptocurrencies, the best practice is to store excess funds in a secure holding location like cold storage. Cold storage simply means that your crypto holdings are stored in an offline wallet with no connection to the internet. Without any internet connectivity, you can protect your wallet from cyber attacks, unauthorized access, and other potential vulnerabilities.

[Bonus “Do”: Consider a dedicated hardware wallet for storage like the Ledger Nano S or Trezor.]

Enable 2 Factor Authentication (2FA)

Whenever possible, you should always enable 2-factor authentication (2FA) if given the ability. Whether talking about “hot” wallets, cryptocurrency exchanges, or any other account that enables access to your crypto funds, you’ll want to use it. For most cases, 2FA will rely on the use of the Google Authenticator app or SMS message ( but you should really avoid SMS 2FA — go for the authenticator app instead, here’s why) and is strongly recommended for ensuring that you are the only one with access to your funds.

Backup Your Wallet

It’s important to backup whatever wallet(s) you’re using from time to time. Depending on the type of wallet, there will be a slightly different procedure. Beforehand, make sure you do some research on the different types of wallets available, to decide on which one works best for you. You can either backup and store your Wallet.dat file externally (in a safe place) or ensure that you’ve got your recovery phrases stored in a secure place should you lose access to your wallet. This is a crucial step that should not be overlooked.

Use Bookmarks

For any and all important crypto websites, the best thing you can do is to bookmark them. You can keep a separate bookmark folder in your browser for cryptocurrency exchanges and other websites to avoid phishing from nefarious third-parties. For example, should you happen to accidentally navigate to “Binance.io” or “Binnance.com” (or any other variation that looks similar but is not the official site), you could find yourself handing over your login credentials to phishers who will compromise your account and holdings.

[Bonus tip: Always check the address bar at the top of your browser to sure the site has “https” and is, in fact, the correctly spelled address.]

 

Don’ts

Treat an Exchange (or Mobile Wallet) Like a Bank Account

While cryptocurrency exchanges have significantly increased their security over the years, it’s important to remember that they’re exchanges, not bank accounts. Use exchanges as they’re intended to be used, for exchanging. By storing cryptocurrencies on exchanges long-term, you’re effectively outsourcing your security measures and putting all your trust in a third-party. You don’t want to get burned when/if that third-party has security issues. This is equally, if not truer, for mobile wallets. They’re fine for keeping a little spending cash on you (something like $20-$100) but never any more, here’s why.

Give Away Your Private Key

This one is a no-brainer. Don’t give away private keys to your wallets to anyone and always store them in a secure place. On top of that, always remember the popular saying: “If you don’t own your private keys, you don’t own your crypto.”

 

Respond to Social Media Users Claiming to be Exchange Representatives

Really, we could do an entire section on all the popular phishing scams out there, but for the sake of this list, just know that you should never respond to Twitter/Telegram/Discord users claiming to be “Coinbase support” asking for your login information. Do not respond to these phishers and report their accounts immediately.

 

Put a Target on Your Back

Last, but certainly not least, is don’t make yourself into a bigger target than you already are. No one else besides you needs to know how many cryptocurrencies you’re holding. Refrain from bragging and flaunting good investment strategies, mining operations, and yield, etc. online. There’s no need to post on Twitter about how you’ve been “killing it” in the crypto realm. That’s great if you are, but don’t give hackers a reason to single you out.

 

The Bottom Line

At the end of the day, there is always more we can do to improve the security of our cryptocurrency holdings and crypto-related accounts. However, with a little common sense and knowing even the most basic industry best practices, you’ll be able to put yourself ahead of many of the other crypto holders to ensure that your crypto stays yours!