Good Crypto Security Habits

So you're getting into crypto and you've heard a few stories about people getting hacked like this guy who lost it all over a used hardware wallet or if you've heard about the Australian man who lost 14 BTC linked below.

So I've compiled a list of some things you can do to keep your crypto safe! Remember that in many cases, all someone needs to take your investments away is just a private key. If you're unsure about private keys and other terms, I also wrote a beginner's vocab guide for this. The list below covers things that can help keep anyone more safe and secure, but of course does not cover every unique situation.

Make sure your operating system and security software are up to date

Just thought I should throw that out there if it wasn't obvious.

2FA - 2-Factor Authentication.

This is by far one of the easiest and best ways to secure your accounts on many platforms. 2FA sends a code to another device (usually your phone) that you need to use in conjunction with your password. The authenticator apps send codes that refresh about every 30 seconds. The website confirms this code with the authenticator on their end and won't let you in without a confirmation. So even if a hacker can get your password, they will need an updated code that continually changes in order to sign in.
One that I would recommend is Google Authenticator, available for free. This sends a 6-digit code and is very easy to begin using. You can use 2FA to sign into Google, Coinbase, Bittrex, Facebook, Twitter, and much more! Always enable 2FA if it is available, you will thank yourself later.

Possible attacks and extreme 2FA.

Phishing attacks on 2FA: One of the options for 2FA is to have a text message sent to your phone, and you type in that code. This is not as secure as an app like Google Authenticator since social-engineering hackers have been able to call phone companies with an elaborate story and get your number transferred to their device, where they will then receive your 2FA code. Watch the example in the video below!
For cases of extreme security, you can get a pay-as-you-go style phone (the $10-15 USD per month ones), used exclusively for 2FA, that has no other apps installed or websites visited that could contain malware and has its own phone number that you do not give out to anybody.

Consider a Ledger Nano S or Trezor

Hardware wallets are meant specifically to keep your crypto secure. The Ledger Nano S and the Trezor Wallet are well-known and widely-used wallets that can store a variety of coins. They also come with a unique seed in case the hardware is lost or damaged. As a general risk management note, I've heard to buy a hardware wallet when the cost of one is 10% or less of your crypto investments.

Always check the URL.

There are many phishing scams out there that give URLs similar to the exchanges or wallets you're signing on to and spoof the website so it looks exact. Always be sure to check the URL you are on and hover over links to check that URL before clicking on it! Just as an example, some very common ones are to change an "i" in "bit" to an "l", so you may see "bltfinex" or something similarly sneaky.

Do not keep your crypto on an exchange.

Mt. Gox is the pinnacle story of keeping large amounts of crypto on an exchange. Simple as someone else holding your currency for you - just don't do it. Get it to a wallet! If you need information on wallets, I wrote a blog post about that as well, Beginner's Guide to Crypto Wallets.

Do not use public WiFi.

The story of this guy in Australia losing about 14 BTC, valued around 100,000 Euro at the time... over public WiFi should really get the point across. How much would 14 BTC be worth today? Even at home, avoid WiFi if you can and use a hardwire cable. If you have to use home WiFi, make sure it is encrypted with a strong password!

Do not give your private key to ANYBODY, make a new wallet if anything is possibly compromised.

If your private key has gotten out anywhere, your wallet is vulnerable for someone to grab. Leaving the string or QR code on a desk where a passerby may have a recording device, sending over an unsecure connection, any kind of hidden malware, etc. If your wallet may be compromised, make a new wallet immediately and move your funds to the secure wallet. For optimal security, make sure to create your paper wallets offline and totally disconnected from the internet. You can get more information on how to do this from my Intro to Wallets post.

Pyramid Schemes / Shitcoins / Ponzi Schemes.

These have become so popular that someone made a PonziCoin and it made the front page of Reddit. Furthermore, it was so bad that it was somehow good and somehow worked..? PonziCoin on Coinmarketcap shows the coin going from 0.0002 USD to nearly .2067 USD at an all-time high, an increase of over 1030%. At the time of writing, it's had a 75% drop from the ATH.
Ways to notice schemes and Ponzis usually include guarantees, reports of very high gains, and vague descriptions of functions. Oddly enough, some people have pointed out that the whitepapers for scam coins are usually beautifully well-written as there's often marketing team very heavily involved.

Do not answer any confidential questions when you receive a call from anyone, even a trusted number.

Phone number spoofing has become very popular and it only takes a hacker a few steps to spoof a number that could look like it's from your bank, a website, or any company. Offer to call the company back by dialing the phone number on the company's website, not the number the person on the phone will give you.

Make your paper/physical wallets safe from the elements.

The biggest compromise with paper wallets is the simple fact that paper is very fragile. At very minimum, laminate your paper and keep it in a waterproof, fireproof safe or in a safety deposit box. Some people keep one copy like this at home and one like this in the bank, just in case something tragic happens to one of them. The ultimate storage method that I've read in my searches (it was a post on Reddit and I can't seem to find it again) began by someone using letter-punches to stamp his recovery seed into quarter-inch steel, then dipped the entire thing in plasti-dip to keep it safe from the elements. He stored one in a safe and the other at a trusted family member's house.

Most importantly, to stay safe, if it looks like snake oil, smells like snake oil, tastes like snake oil... it's probably snake oil.

Hope this all helps and stay safe out there! Feel free to let me know if I missed any good security tips and I'll add them into the list! If this has helped keep you safe and you're inclined to donate, the addresses are listed below.

BTC: 16BQtRdNp4fsFViHVQdjHpaBzcgPHpA4xw
ETH: 0xFF3CDF7B7c1dBBE238161Def57AaCD72B1000BB3
LTC: LbtAtRFagVZe2A4ynBpKiTEL4wAToMD9eY
Doge: DUHhAWxpzFQj9mT5TtEETUivQ7Cf5PQpci

Coinbase referral link: Get $10 in free Bitcoin when you use this link!


This is not financial advice- All information provided is for educational, informational, and entertainment purposes only, without any express or implied warranty of any kind, including warranties of accuracy, completeness, or fitness for any particular purpose. All information is not intended to be and does not constitute financial advice, investment advice, trading advice, or any other advice. All information is general in nature and is not specific to you the user or anyone else. You should not make any decision, financial, investment, trading or otherwise, based on any of the information presented on this website without undertaking independent due diligence and consultation with a professional financial advisor. You understand that you are using any and all information available on or through this website at your own risk. Furthermore, the trading of Bitcoin and alternative cryptocurrencies have potential risks involved. Trading may not be suitable for all people. Anyone wishing to invest should seek his or her own independent financial or professional advice.

Comments

Post a Comment

Popular posts from this blog

How to Start Mining Ethereum w/ Claymore (Windows)

Image
Mining can get incredibly confusing to dive straight into, so like many things, let's hope to simplify it. Ethereum (ETH) is one of the top currencies to mine with ram-heavy GPUs. Put your card in on whattomine.com and see what coins are most efficient for you to mine. All my cards mine ETH efficiently, so that's what I've gained the most experience in (using Windows 10). For reference, I am currently using an Rx570 4-Gig and 1050-Ti. If you need a refresher on some mining terms, visit my blog post Crypto Cheat Sheet . For this guide, we're going to use Claymore's Dual Miner with reasons being: it's easy to begin, can be customizable when you're ready to get advanced, mines both Nvidia and AMD (even mixed), has a low fee, transparent, updated, and it can mine two types of coins at once without much detriment to the ETH hash rate. This is also going to be for pool mining instead of solo mining with the reason being that if you're just getting in
Read more

How to get Bitcoin and Altcoins No-Fee, Fee-Free

Image
Today I'm going to show you what a friend taught me about how to use some easy tools to buy Bitcoin and some altcoins WITH NO FEES! You're probably already using most of these tools anyways! At this point, you should at least be familiar with wallets, addresses, and exchanges. If not, Check out my blog post on Crypto Vocab Basics to get familiar. Until then, you begin the process with Coinbase, the most popular Bitcoin exchange. If you're not already on Coinbase, they have a free Bitcoin incentive if you use this link! This is just a referral link that will support us both with $10 in bonus Bitcoin when you spend your first $100 (instant 10% return), and to let me know that you appreciate learning the fee-free way of doing things! Probably a good time for a note: ALWAYS check the URL when you click on a link and make sure that you are securely connected with "https://" in the address bar. Get some practice making sure everything is accurate! For more sec
Read more

Bitcoin Price as a Global Capitalization

Image
What might Bitcoin finally cap out at? When it stabilizes as a world currency, what is our price range? There are hodlers all over the world, millions of people hodling millions of BTC. But eventually, this currency will be used as exactly that - a currency that can be spent. All over you hear "BTC moon", "lambo", and "when moon?" Will Bitcoin be worth 50k? 500k? John McAfee's infamous 1 Million? (prices in USD). No one knows for sure, but here's some global logic I've gathered from several interviews with the experts. (Before I begin, I am not a financial advisor, this is not financial advice, read my disclaimer here This idea comes primarily from interviews with Ronnie Moas, one of the top Wall Street investors with a history of time-stamped, accurate predictions. We already know that money/value is flowing from other investments into Bitcoin - these come from stocks, bonds, gold, silver, and more. Here is where the fun begins! Data pu
Read more