Many users’ crypto is still “hot” — in online wallets on centralized exchanges, which have had their share of reckonings over the years: the notorious Mt. Gox hack in 2014, in which hackers made off with approximately 740,000 BTC, and the Bitfinex leak, which drained nearly 120,000 BTC from the exchange more recently.
Unfortunately, exchange hacks have become all too common, instilling a healthy sense of fear in traders and HODLers alike. Nowadays, it’s typical to see stories of cryptocurrency exchanges going bankrupt after a major security breach, leaving their customers with little options.
Be familiar with the attack vectors.
Often known as Know who your enemy is. Before you do anything else, make sure you take care of the basics: don’t use the same password for all of your accounts, don’t get phished, don’t answer calls from people claiming to be tech support, and don’t keep your hardware wallet on your keychain! A general sense of crypto security caution can serve as a good foundation for more advanced security measures.
Make sure that URLs are double-checked. Even better, bookmark your crypto pages and stick to them. Check the applications you’ve downloaded. If your copy of Tails OS is infected with spyware, it’s useless.
Create strong passwords.
You should be familiar with the rules by now: no names, birthdays, street addresses, song lyrics, or anything else. Even if you mash the keys on your keyboard, though, it isn’t enough to make it random. Password crackers have the ability to sift through 350 billion guesses per second.
Create a pass using a random mnemonic generator, or purchase a hardware wallet to produce powerful keys and signatures for you. Multiple passwords are preferable to a single one.
Make use of cold storage options.
You don’t have to go 300 meters underground, but the bulk of your crypto should be kept “cold” — that is, air gapped and off the grid. Keep just the amount of money you’re willing to lose in exchanges and online wallets.
You can either build an air gapped computer by removing the network card from your PC or laptop, or buy a hardware wallet. When generating the seed phrase, plug your hardware wallet into a wall outlet to keep it as cold as possible.
Don’t let your SIM card be hijacked.
The phenomenon of SIM jacking, which many in the blockchain community have already seen, is a whole new attack vector to be concerned about. SIM Jacking, also known as Sim Swapping or Phone Porting, is becoming increasingly popular.
That’s because it’s not difficult to do. Hijackers switch your mobile account from your SIM card / phone to a different SIM card / phone that they administer, using information that is frequently publicly accessible.
The jacker then uses your phone number to obtain access to your other accounts by going through the account recovery process with your phone number and information, as well as other information or access they have. The harm is always already done by the time you find it out.
Put everything to the test.
Before going full throttle, make small test transactions or experiment with small sums of money on a test network. Never type addresses by hand (over 12,000 ETH have been lost forever due to typos). Copy and paste, then double-check, use Ethereum Name Service, or scan QR codes to be sure.
Make a backup of your seed phrase(s) on several devices and in different locations.
A typical Bip39 seed phrase is a strange string of 24 words from which a private key can be derived. Handle your seed with extreme caution. If you’re going to write it down on paper, make two copies and store them separately.
SD cards are another choice for storage, but they rarely last longer than five years and can be wiped in an emergency (EMP bomb). Just in case, use both analog and digital.
Maintain plausible deniability.
In the crypto-verse, plausible deniability refers to the right to keep such data secret. Distribute your assets through several wallets to reduce your risk exposure. Here’s a good rule of thumb for public emission: don’t broadcast your holdings, and particularly don’t tell the world where you keep all of your crypto. In any case, none of your crypto should be hot.
Level up. Help the ecosystem.
Your security decisions have an effect not only on you, but also on the environment and society in which you live. If you don’t use two-factor authentication and someone steals your email, you’re responsible when the bad actor phishes your personal network. It’s all on you if your father gets phished because he didn’t know the fundamentals.
As a result, set a goal for yourself to level up. Experiment with multi-signature wallets, Tails, and hardware wallets. Bring out your inner Edward Snowden. Teaching is an excellent way to learn. Inform your friends about cold storage and your mother about the importance of strong passwords. Assist the group in identifying spoof sites and accounts.
You can easily stake your cryptocurrency if you want to increase the value of your digital asset. Many staking platforms give good rewards for each cryptocurrency staked, but one of my favorites is SnapBots. They’ve not only offered me better incentives, but their staking plan is also fair, and their service center is the best I’ve seen so far.
So, are you going to keep your cryptocurrency? If so, which wallet do you favor? Leave your thoughts in the comments section below!
However, crypto asset investing, trading, staking can be considered a high-risk activity. Please use your extreme judgement when making the decision to invest in, sell, or to stake Crypto Assets.
