Cryptocurrencies like Bitcoin and Ethereum are made possible by a technology called blockchain. Long chains of transactional blocks work just like old Christmas lights: one bad bulb will render the whole chain useless. This simple principle is what makes cryptocurrencies and blockchain technologies so secure and useful. But even in this secure system, hackers can find a way to get in and “remove a bulb” without immediately raising alarm.
The blockchains themselves are considered unhackable, but the routes into and out of the markets provide exposure to thieves. And scammers often ask for payments in cryptocurrency because they know transactions can’t be reversed. There are no toll-free bitcoin or Ethereum numbers to call for customer support. There is no $50 maximum loss limit or insurance.
Here are 10 ways you can safeguard your cryptocurrency and keep your online investments safe:
- Store your money in a cold wallet as opposed to a warm wallet.
- Use a known and reputable wallet backed up by your own research. Consider hardware wallets.
- Don’t keep all your coins or tokens in one place.
- Keep your investments quiet and confidential.
- Use secure networks that you trust.
- Encrypt your wallet with a password.
- Backup your wallet frequently.
- Keep your devices safe and secure.
- Secure your accounts with two-factor authentication.
- Use strong passwords.
Cryptocurrencies like Bitcoin and Ethereum have provisions that result in transactions being non-reversible. This prevents the recovery of funds and offers the potential for exploitation by hackers. The coin itself may be secure, but systems around them are vulnerable. There are steps you can take to enhance security. The aim of this blog is to walk you through how to keep your cryptocurrency safe and secure in a digital world full of human error.
Cryptocurrencies are inherently secure because of their architecture and the network around them. Transactions are logged and sent out to every computer in the system, not just one server. This decentralized style of operation means that a hacker would theoretically need to breach a majority of nodes, not just their target.
A fully decentralized blockchain system is the the gold standard for cybersecurity. Such a system exists in the bitcoin network; however, cryptocurrency exchanges and other methods of on-boarding have differing levels of centralized control and therefore create attack points.
10 Tips for Increasing the Security of Your Cryptocurrency
Use A Cold Wallet
There are two different subtypes of wallets for cryptocurrency: cold and hot. A cold wallet is an offline wallet, whereas a hot wallet is linked to the internet. It’s easy to see why a cold wallet will offer more protection from hackers than its online counterpart.
Cold wallets can take the form of a desktop wallet or a paper wallet and offer Byzantine security features — much like the structure that a blockchain offers. Byzantine security protects your information through its cumbersome and almost archaic nature. Cryptocurrencies stored in a cold wallet are more secure because they are less accessible to hackers, and to you as well.
Cold wallets are offline and therefore harder to access if the funds need to be exchanged. Coins stored in a cold wallet will not be as accessible as savings stored in a bank account, and that is what we want.
A multinational bank with online accessibility is a very convenient way to store your savings. Cryptocurrencies are not stored in bank vaults; however, they are stored on the computers of every node running throughout the world , and the keys are stored in wallets of various types.
A paper wallet is the most secure form of crypto wallet, and also the least user-friendly. The name implies exactly why this is: your cryptocurrency account(s) are as removed from the online, digital world as possible, and they are also as far removed from feasible daily use as possible. A paper wallet is like the map to a pirate’s buried treasure. It’s as secure from hackers as it is from you.
Large amounts should always be stored in a cold wallet. It is wise to keep smaller spending amounts in a more accessible wallet to prevent frequent usage. If you have a significant amount stored in a difficult to access the paper wallet, you won’t want to constantly access and update it. Once used, the private key of a paper wallet has been exposed, and any leftover funds are moved to a different address.
Hardware wallets are a mainstay for serious cryptocurrency investors as well as those who frequently spend and receive coins. They can be both hot wallets when connected to their networks but also cold wallets when disconnnected.
Their encryption is the best currently available technology, and they allow creation of complex pass phrases along with PINs that can be from 3-8 digits long. A thief would have to have the device, and then know the codes and the number of PIN digits, and the passphrase to break into the wallet. The only hardware wallet limitation is the club or gun method. That is, a thief forces you to give them your codes under threat of violence or death.
Even then, some people set up two levels of wallets. One has a small amount of crypto that the thief can access, while the second level remains hidden, known only to the wallet owner. In this situation, you would sacrifice a small amount to protect the rest.
Hardware wallets, like other types, just protect your private keys. Your actual currencies are stored on their respective blockchains. If your wallet is stolen or lost, the keys can be retrieved by importing your hardware generated passphrase and keywords to use a new software wallet, or to buy a new hardware device and import them to it.
Use A Reputable Wallet
Whether you’re choosing to store your coins or tokens hot or cold, it is essential to know who you’re storing them with. It goes without saying, but always research the wallet before you put anything in it. Would you ever open up an account in a bank or credit union you’d never heard of?
Cold desktop wallets and hot wallets present more risk than their paper counterparts, so more research should ideally be done. You obviously won’t be able to find a brick and mortar location for whichever wallet you choose, so make sure that it has every other feature of a reputable bank. If there are thousands of satisfied customers, as the website suggests, there should be at least hundreds and hundreds of glowing reviews.
Search Reddit and use Google to learn how secure a particular wallet is. If you can read code, a lot of them are open-source with source code available on github.
Paper wallets are not infallible either, unfortunately. Your access codes will need to be generated, and more often than not, this process takes place online. So, before you start telling yourself that you have made the proper precautions, know that there is always a small chink in the armor.
Websites for generating cryptocurrency access codes are a great resource, but they are still a potential source for hackers and must be thoroughly vetted like anything you incorporate into your security measures.
But there steps you can take to randomize the process, and you can do this on a cold computer disconnected from the internet and scanned for viruses and malware first. The above video uses dice rolls to generate random addresses. Random number generators, flipping coins, anything unpredictable makes the addresses even more secure.
There is no one, completely safe option for keeping your cryptocurrency secure; there is only your ability to evaluate every step along the process. If a wallet provider sounds too good to be true, it probably is — the same can be said for newly launched cryptocurrencies in general. You need to bring some of the intuition that led you to invest in the first place into the process of choosing your wallet.
Use More Than One Wallet
One of the best pieces of advice available for those investing in cryptocurrency is to have multiple wallets. At the minimum, a two-wallet system will provide the best of both worlds when it comes to security and ease of use.
One wallet will function like your savings account, and the second will function more like your checking account.
The savings wallet should be far more secure than the checking wallet, which will serve the purpose of daily or weekly use. One wallet might be cold, while the other is hot, or both wallets might be cold for added security.
An example of a very secure system is a paper wallet for your savings and a hardware wallet for your spending money. Keeping your accounts offline is always safer and more removed from the reaches of hackers. And with the bulk of your cryptocurrency only accessible via information likely kept in a drawer in your house or in a safety deposit box, there is little need to fear attacks from the global community of digital thieves.
Individuals with investments in multiple cryptocurrencies will already have multiple wallets, but even those who only own Bitcoin or who only own Ethereum will be wise to spread their savings across more than one wallet. It might seem paranoid, but there is no guarantee of accountability or government protection in cryptocurrencies. We provide our own security.
How likely is it that hackers will be able to steal all your cryptocurrency from an account that’s only accessible via the codes in your pocket? It’s much more likely than being able to steal all your cryptocurrency across ten different accounts. Don’t give hackers the opportunity to find everything in one place.
Don’t Talk About Your Investments
This might seem like a no-brainer to many people but avoiding human error is the name of the game. We’ve all heard people talking about the market (stocks, real estate, etc.) at a bar or a party, and maybe even wondered if free advice was being unknowingly doled out.
Any mention of your investments in cryptocurrency is potentially much more than free advice to the right person. A 30-second conversation could tell a hacker your name, what type of cryptocurrency you own, which wallet you’re holding it in, and when you’re going to be back on your computer to notice if anything’s wrong.
Think about how quickly a couple or two friends can rattle off stories or run through information. All it takes is one savvy person paying attention while your guard is down.
It’s a good rule to think about cryptocurrency access codes and information like your bank account number, routing number, and social security number all rolled into one. One piece of paper is like an all-access pass.
The thief won’t get their hands on a paper wallet, but they could easily hear all they need to rob us blind. You’re protecting one sheet’s worth of information — that’s harder to keep secret than how well your portfolio is doing. It’s also more immediately valuable.
Entire cryptocurrencies have been launched for the sole purpose of swindling investors, and a forum can literally spring up overnight. These websites exist to trap investors into revealing their finances to hackers. The forum might have a masthead that purports to be ten years old, and there might be dozens and dozens of users on its pages. Just trust that no one should hear about your investments but those closest to you.
Real forums exist as well, of course. They are also filled with hackers as far as we’re concerned. Online forums like this one even are hotspots for criminal activity. Someone might have fantastic advice about the question you posed. Someone might be an expert at extrapolating what you avoided saying, then getting into your computer through the IP address you just handed them.
Don’t respond to private messages promising to help you invest or making you offers than sound too good to be true. Ask publicly here if you receive a private message about a service. If you have a serious concern here, notify user @The CC Forums on the forums section.
Use Secure Networks
- First and foremost, never connect to public WI-FI to access your wallet. Those with cold wallets will not have to worry about this problem, but those with hot wallets must exercise caution. Even what seems like a trusted network could be a lair for hackers looking for a way into dozens of people’s devices.
We’re living in an age where credit card information can be scanned and stolen through a physical wallet from feet away. Every potential WI-FI connection must be viewed as a means of gaining access to your crypto wallet and devices.
- Only access your hot wallet from home using a secure WI-FI network. While the chances are far less likely of a hacker infiltrating your home network, it is not outside the realm of possibilities. Precautions must be taken to ensure the security of any network you connect to.
- Invest in a more secure connection than you had before venturing into the world of cryptocurrency. Your hot wallet provider might be a source you completely and totally trust, but how it’s accessed represents a hole in your security. Ideally, only a small percentage of your investment is held in a hot wallet, but these funds could be gone with just one click.
- Use a VPN service when accessing your currencies. Companies like my favorite top-rated service NordVPN, and others can protect you when on public WiFi like restaurants, cruise ships, hotels or airport networks. And you get the added benefit of being able to watch college sports when traveling or living outside the US! Seriously though, I use a VPN regularly when away from home.
Encrypt Your Wallet
Encryption is yet another digital security feature that is crucial to protecting your cryptocurrency. An encrypted wallet is simply a password-protected wallet. Hot wallets especially need to be encrypted. As mentioned, all it takes is someone getting in through the WI-FI or through the wallet itself.
Both the wallet provider and the network need to be as reliable as possible, but any security system is only as good as its weakest link.
Adding a strong password to protect anyone but the owner(s) from gaining access can make all the difference. Security measures need to be as strong as possible on every level — which is a good reminder to always be vigilant as well. Passwords reinforce both the security of your wallet and your mindset on security.
The strength of your password is as important, and the decision to encrypt your wallet. Some have utilized pass-phrases instead of passwords as a method for creating an even more difficult-to-break barrier.
It goes without saying that “12345” is a poor choice, but hackers specialize in guessing and cracking passwords, and the ideal choice is always something that could not possibly be guessed. An easy password is a surefire way to introduce human error into an otherwise ironclad security system.
Backup Your Wallet Frequently
Taking care to back up your wallet will ensure that it contains correct information on your cryptocurrency investments. A regularly backed-up wallet will also provide you with accurate numbers that you will be more easily able to track. A hacker might target your accounts without your knowledge if the wallet you use doesn’t always reflect what’s supposed to be inside.
A highly secure paper wallet is especially susceptible to infrequent backups. The highly secure, highly Byzantine nature of this style of cold wallet creates the impression of infallibility in the mind of the investor. Paper wallets also create the illusion of an unchanging treasure map that does not need to be backed up.
The brilliance of paper wallets is that they contain unchanging analog information. The frustration that comes with these wallets is that they represent changing digital information and must be updated accordingly. Frequent backups are crucial to keeping your wallet secure and functioning as intended.
Without regular backups, the wallet becomes more of a relic than a holder of valuables. What was true a few days ago might not be true now. Worse than that, what was there a few days ago might not be now.
Keep Your Devices Safe
Laptops, desktops, smartphones, and tablets are all fair game for hackers. It’s easy to make the mistake of turning your computer into a digital Fort Knox while leaving all your other devices vulnerable to attacks.
Just as it’s very easy to throw caution to the wind and access your wallet from public WI-FI, it’s very easy to leave your phone or tablet completely unequipped. If you use a hardware wallet, don’t make it easy to steal. Don’t make the access PIN easy to guess.
If there’s even a chance you will want to access your wallet from your phone; the phone needs to be as secure as your computer. Hackers love these devices because we always forget that they are a big open door for them.
Malware can be easily and unknowingly downloaded to any of our devices and used to siphon off information to hackers. There is no way to prevent hackers from trying to do what they do best, but there is a way to keep them and their minions at bay.
Free and for-purchase software is widely available to ensure your devices are free from malware and viruses. Computers are the obvious choice to protect, but phones and tablets can acquire malicious files just as easily. It can be much more difficult to tell that a phone has been exposed to malware than a computer. Always secure everything and plan for the worst when it comes to security.
Two-factor-authentication, or 2FA, is a security principle that is most easily explained as the tandem debit card and pin-code needed to access an ATM. Your card can be stolen, or your pin can be copied down, but nothing can be gained from one without the other.
In cryptocurrency, 2FA usually takes the form of a scannable QR, as well as your usual account information. Even if a hacker manages to crack your information, their attempts to gain access to your wallet will be useless without the QR key.
Two-factor-authentication takes encryption to the next step. A hot or cold wallet equipped that’s encrypted and equipped with 2FA is the best possible place to store your spending money. A hardware wallet, such as a flash drive, becomes a near-impenetrable vault when properly secured with these technologies.
This technology is now widely available across the internet and is becoming more commonplace everywhere. There are free services, such as that offered by Google or many other providers. Care must be taken when selecting your 2FA source because, as with everything, there is always a possibility that the particular safeguard will introduce the problem rather than prevent it.
Use Strong Passwords
A weak password is a human error that you cannot afford, but that you can easily avoid. Encrypt your wallets, and back them up with 2FA, and create a password that doesn’t invalidate every other step of the process.
It’s safer to write down an unwieldy password of alternating numbers and letters than to pick something based on how easy it is to remember. This is the one password that really needs to be as complicated as possible. Choose a pass-phrase or sentence to make it easier if you truly need to, but the more complex and impossible to guess, the better.
A good rule of thumb: you should really need to write it down. A strong password provides invaluable security and peace of mind. The password also represents a helpful cornerstone for the whole security process: every careful step taken was for nothing if you leave that weakened link. A strong password is an easy fix and a tough obstacle for a hacker to overcome.
How To Keep Your Cryptocurrency Safe
There are three layers of protection:
- Coins or tokens
These three layers also make up the infrastructure. The currencies are traded in the form of coins or tokens via exchanges, and they are stored in wallets by investors. For a complete cryptocurrency primer, see our Crypto 101 article.
Coins and tokens are their own blockchain of information, at the mercy of the protocol. A hacker can compromise the entire network if they are able to exploit the protocol flaws. Wallets are very important, but they are meaningless if the entire network is compromised. Luckily, the largest blockchain networks like bitcoin are essentially unhackable. Smaller questionable altcoins may not have strong, well-tested protocols.
Another major factor in the security of coins and tokens is how they are distributed between the developers and the exchange. An even distribution will ensure that no one person from either side would be able to compromise consensus. In a decentralized system like cryptocurrency, consensus is key.
Cryptocurrency is traded in exchanges that hold your funds in large shared group addresses. This creates a security gap for hackers to exploit. If you keep your coins in an exchange account, know that they are only as secure as your password strength and it’s anonymity. If you store your coins on the blockchain and keep your own private keys, they are safer.
Cryptocurrency exchanges are written in different code than the blockchains they are built to house. The exchanges are far more susceptible to hacking than the coins themselves.
While the coins are “stored” on every computer in the exchange, the exchange itself operates on normal servers or on the cloud. Exchanges are a huge potential for breaches because they operate outside of the normal security protocols of the coins and token. They are essentially bank accounts with a name and password. Think about how many banks and credit card companies have been hacked over the years.
Make sure to trade only trusted currencies in trusted exchanges. Exchanges pop up all the time that offer incredible rates and incentives. They are too good to be true, and far too good to be trusted. Even better, buy crypto on an exchange but then send them to your private protected wallet choice.
If properly secured, your wallet should be encrypted with two-factor-authentication and hosted by a trusted source. This is where your coins and tokens live. Everyone in the exchange has a record of your currency, but the wallet is what keeps them safe from individual hackers.
You might eventually get it back if it’s stolen, but a good wallet will prevent this from happening. Only use a well-known and well-trusted wallet provider. Hot wallets have to be especially well vetted to guarantee security. Cold wallets can be created online or calculated on paper for greater security.
Hardware wallets can be restored even if the device is stolen. Each type of device creates a list of seed words that you write down and store safely. If your device is misplaced or stolen, you can restore the wallet in a software wallet using those seed words, or you buy another hardware device and import your old wallet into the new device.
I use both the Ledger Nano S and the Trezor Model T, and I have an extra one of each still new in box in case I have to suddenly restore my funds in an emergency after a device is stolen.
More Sources to Help Increase Cryptocurrency Security
Hopefully, this article gives you a head start at protecting your investments. While cryptocurrency and blockchain are new advancements with their own terminology, the means of keeping them safe parallel much of what we do in keeping our other investments safe.
There is never a time to stop learning about cybersecurity. As hackers advance and adapt their methods, so we too much keep apprised of the latest ways to keep our money safe. Here are some good sources to follow up with and check in on when you feel like enriching what you know.
Business Insider put out a great article on security risks and concerns for cryptocurrency in 2020. This article is part of a larger report that the publication commissioned, and which is available for purchase via a link in the article.
Anyone just starting out in the world of cryptocurrencies would do very well to read this article. Any blossoming experts in the field would likely do well to purchase the report.
The Federal Trade Commission put together an excellent assessment of cryptocurrencies that would benefit both the most seasoned vet and the greenest amateur. This assessment is invaluable in covering all the areas of exploitation that the government has considered, and that most investors may not have.
The Cybersecurity and Infrastructure Security Agency (CISA), a part of the Department of Homeland Security, is another valuable resource for explaining the basics of cryptocurrency and security, as well as a source of updated tips and information. You can even sign up to receive their monthly bulletin to keep up-to-date on the latest developments and cybersecurity resources.