SECURITY.
You have 10 bitcoins.
Have you read them?
Bang!
Well now they’re gone.
You screwed up, you were careless, you lost everything.
Because your security sucks. You didn’t think long term and you were lazy. Laziness is for sloths, not for you.
Security and managing the security of any wallets in the crypto world is critical.
In this world there are no banks that can save you or help you, or people paid to help you if you lose passwords, private keys or if you are robbed.
Security is your duty and obligation. If you want to hold crypto, even in small amounts, you must follow some rules.
Remember that security and all the work you are doing here is to secure your coin. Security is not comfortable, is more like riding a motorcycle in the summer heat with a leather suit, that is not comfortable. But it is safe, and a comfortable service is unsafe. And we want SAFETY.
Let’s go through an important, but not completely exhaustive, list of things you must do and not do.
We know that some things may be exaggerated, but you never know.
THINGS TO DO
Starting from scratch:
Back up of any private keys of each wallet. Private keys are also known as SEED.
The SEED is the set of words, which can be 12 or 24, that allows the wallet to be recovered if the wallet is lost or updated, depending on how the software works.
Always remember that whoever owns the seed, owns the coins.
Back up exchange access.
Always make a copy of the exchange access passwords and the e-mails that are used.
Of course protect the email password as well.
Back up the 2FAs.
Copy the QRs code of the 2FAs, make sure that you have a copy of any QR. Without 2FA you will not be able to access the exchanges.
Back up your phone for 2FAs.
If you have an old smartphone that you no longer use, you can use it to act as a Backup phone
Hide everything.
Needless to say, you can do as many back ups as you want, but if you leave something lying around, maybe written on some papers with the title “bitcoin wallet” and someone comes by and this person knows what to do….
And then remember where you hide your back up and what you put there.
Keep wallets updated.
Updates are done to improve services and to plug the holes that every system invariably has. Keeping wallets updated is a good and right thing.
Choose the right wallet.
Best to use one wallet per coin or per network type, example ERC20 or BSC
Multicoin and multi-network wallets can have larger security holes given the use of “exotic” coins that very often have only initial development and over time become insecure at the software level.
Use open source software.
Communities that make use of open source software in blockchain are communities that aspire to continuously improve the product. Best to rely on these people.
Check addresses after a copy – paste
There is a hacker attack that is called “Clipboard attack”. Your device has been infected with malware that recognizes the addresses of some coins and replaces the address you entered with another. So if you are withdrawing coins from an exchange, it replaces the address on your wallet with the one decided by the hacker when you go to copy paste. Always check that the address is correct. Dont be lazy.
Bookmark exchanges.
By bookmarking exchange addresses, beware of pishing attacks and clone websites created just to steal data from you. By using links in favorites you will be more sure that you are on the correct address.
Generate wallets only when you are alone.
You never know who is watching around you. Generating a bitcoin wallet in the middle of a square full of people is not very safe.
Know the Scams.
Follow our guide to learn how scams work and thus, not to get scammed yourself.
Maintain anonymity as much as possible.
There are crypto investor communities that are interesting to join, especially thanks to telegram. But we never know who is behind that screen . Be careful and study the situation before participating.
In case of robbery.
If they are unfortunately after your crypto wallets because you were unlucky or stupid, prepare in advance a wallet that is expendable with a low amount of money. But congruous with your big mouth. Idiot.
THINGS NOT TO DO
Lose back ups.
If you lose the papers or flash drives, you have lost access to the wallets.
If you misplace passwords or worse, misplace private keys, you can say goodbye to your coins.
This is the most frequent way to lose possession of coins, far more frequent than any scam.
Be careful where you write seeds
Do not write seed with a pencil but with a pen. Do not kick with a pen; a malicious person could retrieve your seed.
Then if use paper as temporary, destroy the paper with a shredder.
Do not use markers that could write part or all of the seed on underlying papers.
Do not use Clouds.
Do not put passwords, login information or seeds into any Cloud, even if you consider them hyper secure. Clouds can be hacked and this data leaked.
Pay attention to how you use your “notepad.”
Do not lend your cell phone if you have a wallet in it.
Pure logic.
No photos with cell phones.
Do not take password or seed photos with your cell phone. Your cell phone may be hacked, you may forget to delete the photo, and you may lose your cell phone.
Buy a hardware wallet.
Do not have hardware wallet sent to your home.
Do not have hardware wallets sent to your home address, but use other addresses that cannot be traced back to you. Security flaws and data theft at Ledger have left all of the company’s customer information at the mercy of hackers. It doesn’t take long to realize that your data can be bought and used to harm you.
Don’t leave clues.
Never leave behind papers, notes, or signs that might indicate your possession of cryptocurrency.
If you leave seed and password sheets around, your cleaning lady might betray you or sell you to someone. Or your wife might throw away some papers with random words written on.
Don’t go around telling people that you have cryptocurrencies or how many you have. Stay in the shadows.
If someone should ask, answer that it is a subject you have studied but you have never owned anything, that you have never invested any money in them. There are people around who could harm you, who could threaten your family and your loved ones.
Do you really want to risk having your daughter killed only to fool around at the Club with those 4 assholes of your friends?
Safety rules for any exchange.
Always remember that the moment you signed up, you are vulnerable to be hacked.
You may have your password stolen. So use a password that is complex but different from the other services you usually use. A password that is the same as other sites can be a problem –
es Binance vs. small book seller. Understand that the investments in security between the two services are not comparable. It should be added that your email is easily traceable and this would give possible access to your funds if you have not protected yourself with another layer of protection such as 2FA
For this reason, always activate 2FA. But do not activate it from the email, Thats a bad choice.
Remember that the biggest flaw in any service is you, with your unintentionally careless behaviors.
We suggest making an email for exchanges, using privacy-oriented services such as Protonmail’s.
For password creation you can think of something long consisting of several words yourself or using a program such as a password manager. Remember that a password created by the pc with numbers and letters is impossible to remember, while a password created with a phrase or set of words that make sense to you can be remembered more easily. We prefer a passphrase.
Again, for each exchange use a different password.
In case you use a password manager, you only have to remember the passphrase to access the service.
Never abandon coin on exchanges.
Because exchanges are a risk, coins that remain on the ‘exchange can be stolen in the event of an attack. Do not leave coin to do anything on any exchange.
Coins can be left on some exchanges to create a passive income. But this is discussed in another article.
Another important point is that only coins should be left on exchanges to trade and that you are willing to lose in case of a security breach.