Welcome to the world of cryptocurrencies! If you are not already familiar with blockchains and cryptocurrencies, take a look at our article: Centralized vs Decentralized. Otherwise, let’s just delve right into it.
Anyone investing in digital assets should be aware of the dangers lurking over the internet. Using cryptocurrencies is like taking your banking into your own hands. Unfortunately, that also means there’s no customer service representative to help if something goes wrong.
When it comes to cryptocurrencies, you are solely responsible for the safe storing of your assets. For that very reason, it’s important to be prepared. The list below provides 7 security practices every new crypto user should follow:
The first security practice is less of a practice and more of a reminder. Blockchains are meant to be safe. Keep in mind that the blockchain’s underlying security uses military-grade encryption. Therefore, your greatest threat is likely not a breach. Your real greatest threat is actually much simpler: human error.
Opening a strange email, inputting your personal data into a phishing page, or even storing your password in the wrong place. All of these are ways in which we can fall victim to a cyber attack. Unlike the movies would have you believe, hackers aren’t attacking systems all day.
Most hackers spend their time looking for vulnerabilities. It’s much easier to find a weak spot in a solid system than to try to beat that system. Like a lit match left unattended, it can eventually burn down an entire forest.
Nevertheless, blockchain assets do guarantee a high level of security. No one will guess or decipher your private key. However, they can still find other clever ways to threaten your holdings.
The human memory is fragile. Trying to memorize a 64-character string is futile. Therefore, it’s important to store a backup of your public and private keys. This task can be tricky, however. Finding the right method isn’t always obvious.
First, you’ll want to make sure you store any coins you won’t immediately need in a cold wallet. Arguably the safest form of cold storage is a hardware wallet. Primarily thanks to its offline method of encrypting and storing your private keys.
Still, a simple copy of your keys in an encrypted external hard drive will also do the trick. Most importantly is to have a reliable backup, or in some cases, more than one. You have to prepare in case of unpredictable events. A flood, fire, or theft could leave you without your keys.
Make sure you always have a reliable way to regain access to your funds. BE CAREFUL. Losing your data or having it fall in the wrong hands can be devastating. Avoid such risks by storing your backups in a safe place and encrypting the data within.
Another popular, yet not advisable, method of storage is online or third-party wallets. These offer cloud storage, allowing you to access your funds with a login and password combination.
Exchanges and wallet apps provide online wallets. If you wanted to, you could store some or all of your tokens using these methods. Yet, storing any more tokens than absolutely necessary is not advisable. Storing assets in a third-party platform is like keeping cash at a friend’s house. It’s obviously not in their best interest to take your funds, but why even give them the option?
In general, it’s also good to spread out your assets over several wallets. Regardless of offline or online, if you keep “all your eggs in one basket,” you’re making yourself vulnerable.
As mentioned in the previous section, having a backup is important. Nevertheless, keeping unencrypted backups is only going to help the thief looking for your coins. You have to also make a habit of encrypting your files.
Whether you decide to delve into the crypto world or not, get used to encrypting files. The process is quite simple. It’s best to create encrypted containers for storing all your sensitive data. Containers are files where you can store other files. By creating one encrypted container, anything you store inside will be password protected.
What’s even better is that to truly encrypt your keys you can create several containers. Store encrypted files within encrypted folders. Create a chain of strong passwords that only you know. By doing so, you can send yourself an access portal to the encrypted area on the cloud for ease of access. You can use this method to keep your keys available online while also adding several layers of protection.
Don’t make the mistake of neglecting your own devices. A spyware program could record your screen or your keystrokes. No amount of passwords will help if someone can record you while you input them.
This is precisely why you should protect your phone, tablet, and computer. Software like a VPN, firewall, and antivirus can help prevent attacks. Each of these software perform different functions so it is important to make sure you are protected from all angles. Any unusual activity, file change or data transference will then be easier to spot which will allow for preventing further escalation.
Similarly, avoid using any form of public Wi-Fi when accessing your wallet(s). Through unprotected WiFi networks, malicious actors can redirect you to fake landing pages, conduct port attacks, and get information about your device that you may want private. This is a very common scheme. Similarly, any data incoming and outgoing through the public network can be recorded.
Clicking on shady links, visiting shady websites, and downloading applications where the source is not known and fully trusted are some of the most common ways that people open back doors and create vulnerabilities for their data.
Other examples can include buying a hardware wallet from a generic marketplace instead of directly from the supplier, or trusting a website that is too new to have a reputation. Developing discipline takes time and requires mindfulness, but safe and smart habits can reduce the need for having expensive and fancy software and hardware.
Be sure to enable 2-factor Authentication. Especially if you decide to keep some coins on external wallets. This adds a level of security to your accounts at the time of logging-in. The second layer of security requires a password AND a secondary form of verification (as the name implies).
Though SMS text messages are the usual go-to for second factor, some users prefer to use their personal email address. The only problem with the latter is that if someone has control of your computer, they can probably also log into your email.
Becoming more popular, however, are applications like Google Authenticator which have a 6-digit code added to a particular account. These codes change every 30 seconds, and expire every 60 seconds. So if one were to use their computer for primary access, and then use their phone only for authentication via this method, the probability a hacker will steal your account or wallet information is virtually zero (provided all devices are reasonably well-secured).
The main premise of 2FA is to require a secondary device or piece of hardware to grant authorization to your accounts. This is so that even if one device were compromised, the account containing sensitive information is not.
Awareness of your own vulnerabilities will really be the “key” to your success. Make sure you never answer a question from a stranger before thinking about the repercussions.
An unexpected call from a bank, an email with a familiar URL, filling out a form on a website without a secure certificate (SSL; the little lock on your browser next to a web address), or someone overhearing a conversation is all it takes.
Shifting towards digital assets means becoming your own bank. Therefore, you must behave as such! However, fret not because even banks require their users to take these safety measures. Take all the precautions necessary to ensure the safe storage of your funds. Security software, password-protected files and folders, backups and good discipline can save you a lifetime of regret.