Security Guide for Newbies - Save the user
SECURITY.
You have 10 bitcoins.
Have you read them?
Bang!
Well now they're gone.
You screwed up, you were careless, you lost everything.
Because your security sucks. You didn't think long term and you were lazy. Laziness is for sloths, not for you.
Security and managing the security of any wallets in the crypto world is critical.
In this world there are no banks that can save you or help you, or people paid to help you if you lose passwords, private keys or if you are robbed.
Security is your duty and obligation. If you want to hold crypto, even in small amounts, you must follow some rules.
Remember that security and all the work you are doing here is to secure your coin. Security is not comfortable, is more like riding a motorcycle in the summer heat with a leather suit, that is not comfortable. But it is safe, and a comfortable service is unsafe. And we want SAFETY.
Let's go through an important, but not completely exhaustive, list of things you must do and not do.
We know that some things may be exaggerated, but you never know.
THINGS TO DO
Starting from scratch:
Back up of any private keys of each wallet. Private keys are also known as SEED.
The SEED is the set of words, which can be 12 or 24, that allows the wallet to be recovered if the wallet is lost or updated, depending on how the software works.
Always remember that whoever owns the seed, owns the coins.
Back up exchange access.
Always make a copy of the exchange access passwords and the e-mails that are used.
Of course protect the email password as well.
Back up the 2FAs.
Copy the QRs code of the 2FAs, make sure that you have a copy of any QR. Without 2FA you will not be able to access the exchanges.
Back up your phone for 2FAs.
If you have an old smartphone that you no longer use, you can use it to act as a Backup phone
Hide everything.
Needless to say, you can do as many back ups as you want, but if you leave something lying around, maybe written on some papers with the title "bitcoin wallet" and someone comes by and this person knows what to do....
And then remember where you hide your back up and what you put there.
Keep wallets updated.
Updates are done to improve services and to plug the holes that every system invariably has. Keeping wallets updated is a good and right thing.
Choose the right wallet.
Best to use one wallet per coin or per network type, example ERC20 or BSC
Multicoin and multi-network wallets can have larger security holes given the use of "exotic" coins that very often have only initial development and over time become insecure at the software level.
Use open source software.
Communities that make use of open source software in blockchain are communities that aspire to continuously improve the product. Best to rely on these people.
Check addresses after a copy - paste
There is a hacker attack that is called “Clipboard attack”. Your device has been infected with malware that recognizes the addresses of some coins and replaces the address you entered with another. So if you are withdrawing coins from an exchange, it replaces the address on your wallet with the one decided by the hacker when you go to copy paste. Always check that the address is correct. Dont be lazy.
Bookmark exchanges.
By bookmarking exchange addresses, beware of pishing attacks and clone websites created just to steal data from you. By using links in favorites you will be more sure that you are on the correct address.
Generate wallets only when you are alone.
You never know who is watching around you. Generating a bitcoin wallet in the middle of a square full of people is not very safe.
Know the Scams.
Follow our guide to learn how scams work and thus, not to get scammed yourself.
Maintain anonymity as much as possible.
There are crypto investor communities that are interesting to join, especially thanks to telegram. But we never know who is behind that screen . Be careful and study the situation before participating.
In case of robbery.
If they are unfortunately after your crypto wallets because you were unlucky or stupid, prepare in advance a wallet that is expendable with a low amount of money. But congruous with your big mouth. Idiot.
THINGS NOT TO DO
Lose back ups.
If you lose the papers or flash drives, you have lost access to the wallets.
If you misplace passwords or worse, misplace private keys, you can say goodbye to your coins.
This is the most frequent way to lose possession of coins, far more frequent than any scam.
Be careful where you write seeds
Do not write seed with a pencil but with a pen. Do not kick with a pen; a malicious person could retrieve your seed.
Then if use paper as temporary, destroy the paper with a shredder.
Do not use markers that could write part or all of the seed on underlying papers.
Do not use Clouds.
Do not put passwords, login information or seeds into any Cloud, even if you consider them hyper secure. Clouds can be hacked and this data leaked.
Pay attention to how you use your "notepad."
Do not lend your cell phone if you have a wallet in it.
Pure logic.
No photos with cell phones.
Do not take password or seed photos with your cell phone. Your cell phone may be hacked, you may forget to delete the photo, and you may lose your cell phone.
Buy a hardware wallet.
Do not have hardware wallet sent to your home.
Do not have hardware wallets sent to your home address, but use other addresses that cannot be traced back to you. Security flaws and data theft at Ledger have left all of the company's customer information at the mercy of hackers. It doesn't take long to realize that your data can be bought and used to harm you.
Don't leave clues.
Never leave behind papers, notes, or signs that might indicate your possession of cryptocurrency.
If you leave seed and password sheets around, your cleaning lady might betray you or sell you to someone. Or your wife might throw away some papers with random words written on.
Don't go around telling people that you have cryptocurrencies or how many you have. Stay in the shadows.
If someone should ask, answer that it is a subject you have studied but you have never owned anything, that you have never invested any money in them. There are people around who could harm you, who could threaten your family and your loved ones.
Do you really want to risk having your daughter killed only to fool around at the Club with those 4 assholes of your friends?
Safety rules for any exchange.
Always remember that the moment you signed up, you are vulnerable to be hacked.
You may have your password stolen. So use a password that is complex but different from the other services you usually use. A password that is the same as other sites can be a problem -
es Binance vs. small book seller. Understand that the investments in security between the two services are not comparable. It should be added that your email is easily traceable and this would give possible access to your funds if you have not protected yourself with another layer of protection such as 2FA
For this reason, always activate 2FA. But do not activate it from the email, Thats a bad choice.
Remember that the biggest flaw in any service is you, with your unintentionally careless behaviors.
We suggest making an email for exchanges, using privacy-oriented services such as Protonmail's.
For password creation you can think of something long consisting of several words yourself or using a program such as a password manager. Remember that a password created by the pc with numbers and letters is impossible to remember, while a password created with a phrase or set of words that make sense to you can be remembered more easily. We prefer a passphrase.
Again, for each exchange use a different password.
In case you use a password manager, you only have to remember the passphrase to access the service.
Never abandon coin on exchanges.
Because exchanges are a risk, coins that remain on the 'exchange can be stolen in the event of an attack. Do not leave coin to do anything on any exchange.
Coins can be left on some exchanges to create a passive income. But this is discussed in another article.
Another important point is that only coins should be left on exchanges to trade and that you are willing to lose in case of a security breach.
Being exposed in crypto consciously and knowing the dangers.
Why investing in cryptocurrencies? Why starting to study a whole new environment with a huge initial difficulty? Why endanger that part of our assets that we have decided to allocate in cryptocurrencies?
Because yes.
We start from the idea that the world of investments as a whole is huge, and that Blockchain is currently the most recent technology and with the greatest growth push on the planet. Investing in blockchain projects is within everyone's reach, so even less capable investors with little experience or just beginners can invest. Investors of this type are the ones who will make the biggest mistakes so they need to understand the various projects and decide if they are worth our money.
If you remember the dotcom bubble, you could have invested in amazon or google or other realities of the early internet era ... But we only remember those who survived and we forgot all those realities that had stratospheric growths in a few weeks, and then see your stock value crash to the downside and disappear from the market. But only from the market, not from the sad and shocked minds of their investors ...
Let's forget for a moment Bitcoin and Ethereum which are now the two champions of the crypto world, the universe of Blockchain projects is huge and varied.
It should be immediately understood that there are many projects that are or have turned out to be exclusively scams or clones of other more noble and serious projects, which with scammy name and various tricks have simply tried to drain funds from inattentive and inexperienced investors.
Currently over 90 percent of blockchain projects launched and funded have failed, most without writing a single line of code. Aware of this, and also aware of the fact that the Blockchain is the future and it is time to be inside it, as investors we must ask ourselves some simple and basic questions to understand where to put our funds.
Let's start with the first doubt to be eliminated, if the project we are evaluating creates a product or service that solves a real problem and if this is in line with Blockchain technology. Not all projects showed off as crypto friendly are suitable for the Blockchain. In case it is really suitable, and perhaps thanks to the blockchain it solves an unsolvable problem, well we have taken a big step forward. Those who do not respect this rule can be eliminated in a long-term investment perspective.
After that we will have to understand if the evaluated product really exists or is still under development or worse, it is only on paper and not even explained in a perfectly understandable way. In fact, a product under development takes months if not years to be launched on the market, extending the time for the return of the investment and therefore enormously increasing the risks for the investor.
After the product, the team should be checked. It is clear that the team must reflect experience in the sector to which the project belongs and the individual members must be experienced and competent, with a good curriculum. The team will then have to try to create partnerships with various companies already on the market. Experience, partnership and reputation are excellent indicators.
Another aspect to check is the type of token created to finance the project and offered to the public. There are utility tokens that offer a service linked to the project and whose value changes according to company and market trends. Otherwise, security tokens can be offered, which are backed by real company assets. These tokens are regulated and, in addition to offering an extra guarantee on the project, they carry rights on assets owned by the company.
Another point to check for the investor is the control of who issues the token, whether through an exchange or directly by the company in charge of the project. In the case of little-known exchanges with an unclear past, here is an alarm bell.
And this point makes us shift our attention to the dangers of investing in cryptocurrencies. Danger seen as the possibility of losing all our accumulated value.
First of all we need to define and differentiate the types of risks we run by investing in crypto.
We have two main type of risk, which are technical risk and financial risk.
When we talk about technical risk, we mean any problems we may have with wallets, exchanges and other technological issues.
The wallet is your property and it is your responsibility to manage it in the best possible way. One of the things that you cannot predict, however, is a possible bug that cause to hack the wallet and make you lose your funds. For this reason, the best choice to always make is to look for and use only the most successful wallets created by companies that invest a lot in security for their products. This choice is yours and it is your responsibility.
The same goes for the choice of the exchange on which to operate. An exchange can be attacked and its wallets can be hit and looted. But a large exchange has the funds and a strong need to protect itself, so it will always be state of the art in protecting its business and consequently its users. On the other hand, small exchanges do not always have these capabilities and are much more risky. The risk you take, however, can be rewarded since small exchanges often have coins that are not present on the larger ones and the movements can be more violent and faster, making you gain or lose more.
Leaving your coins on an exchange is a big risk. Remember that the coin that is on your wallet on the exchange is in the wallet of an exchange and not on your proprietary wallet. If something should happen to the exchange, you are almost certain that you have lost your parked coins waiting to be traded. In my experience it is better to spend something on movements from and outside your wallet. You run the same risk when you borrow your coins on an exchange that gives you this option. In this case, however, the risk is greater since your coins will be blocked for the entire time of the loan, not allowing you to quickly exit the exchange for whatever reason you want. It should also be considered that exchanges do not always allow immediate exits since the general timing is between 12 and 24 hours.
Scams are a full-blown reality of this world, we have made an article with the list of the most famous so we can teach you how to defend yourself. Learn more about Scam here.
Another problem you may find is the technological protection of the coins. Coins like Bitcoin and ethereum are difficult to attack, the development teams are very large and made up of capable programmers with very large budgets. On the contrary, coins just put on the market and therefore small and with few developers could have bugs that undermine their intrinsic safety. Choosing the coin to invest in is your responsibility, you take a risk in any case but it is a risk that you can manage.
Therefore the risk is reduced by using high quality wallets, exchanges of proven trust and coins among the most liquid. If you use the right things in the right way you have lowered the problematic risk.
Now let's face the financial risk.
The major problem encountered in the crypto market is the extreme volatility of prices, given by a combination of low market liquidity, thin books and a strong presence of whales that can move the market. However, this volatility is the key to making money. If we position ourselves in the right trend, our coin will obviously have a growth that is impossible on conventional markets.
But be careful, there are no guarantees regarding the growth of the price of a coin. It is not acceptable to buy something at random and abandon it, and then hope that in the following months or years it will increase in price.
The same goes for the underlying of each coin. The underlying of each coin is the development and use technology that it has in the real economy. If this technology is useless, wrong or totally non-existent, it is obvious that the value could collapse and reach zero.
There are Ponzi schemes like OneCoin which have no underlying and which are based only on the trust placed in them. When confidence collapses, OneCoin is like a fake baseball card. I only mentioned OneCoin for the trust issue, OneCoin is not a cryptocurrency.
Bitcoin has value because people believe in this technology and believe in the monetary design philosophy that underlies it. Bitcoin is also valuable because it is used according to its philosophy. The use of a coin, like the trust that the public has in it, creates value on the market.
There are some basic things that you must always remember.
By investing in anything, you are taking a risk. Risk that you can lower but never eliminate. Balance the risk on your profile, never overshoot it. Every mistake is always paid with your money.
In the long run there are no certainties about the value, while someone more famous and better than me said that in the long run we are all dead.
The risk of losing and zeroing your trading account is as real in crypto currencies as on any financial instrument. On crypto and derivatives, obviously all this can happen very quickly.
Anyone who promises you fast, safe and risk-free earnings is lying and wants to scam you. Say goodbye to this fool.
Step 3 - Wallets
In this article we're going to talk about cryptocurrencies wallets. We will face all types of wallet to discover this super important tool of the crypto world.
The wallet is the tool to use to interact with a blockchain.
Wallets can be divided into software, hardware and paper wallets. These can be considered Hot or cold wallets.
Let's start by saying that most wallets are of the software type because they are more practical to use than the others. However, hardware wallets are the safest option, while paper wallets are now an outdated option. But let's see how it works.
Any wallet allows you to interact with the Blockchain, creating the information necessary to create transactions, receive and send the crypto currencies compatible with the wallet. The wallet does not "physically" contain the coins, but rather the public and private keys to operate on the blockchain and the public address that is created based on public and private keys.
The address is a specific point on the blockchain from which to receive and send coins. Coins never leave the Blockchain but simply change their address.
For this reason, you now understand why the private keys of the wallet should never be revealed. In fact, the private key is the only way to access your coins. In case of a possible loss of your mobile phone, you will be able to access your wallet again with the private key.
Now let's face the difference between cold and hot Wallet. In fact, wallets can operate in a different way.
A hot wallet is any wallet connected to the Internet. When you create any exchange account and transfer coins from your wallet to the address assigned on that exchange, you are transferring funds to the exchange's hot wallet, so that your funds are immediately available for trading.
Cold wallets have no Internet connection, so they are safer from cyber attacks and better set up to store coins over the long term.
Now let's see the different types of wallets and which is the best compromise of use.
Let's start with the Software wallets, there are of all types and characteristics, and specific by currency. Obviously, the vast majority are connected to the internet, so they are hot wallets. Software wallets are divided into web, desktop and mobile wallets.
Web Wallet
With a web wallet, you can access the blockchain with a browser interface without having to download or install anything. The most classic example is the wallet of any exchange.
You create a new wallet and set a password to access it. In the case of an exchange wallet there is no private key, you are entrusting your funds to another person, in this case the exchange
Desktop Wallet
The desktop wallet is software that you download and use on your computer.
A desktop wallets give you full control over your keys and funds.
When the desktop wallet is created, in most cases a file called "wallet.dat" is created and stored locally on your computer. This file contains the private key information used to access your addresses, so it must be protected. Remember that if you delete it or lose your computer and don't have a backup, you lose all the funds on the wallet.
A good solution is to export the private key or seed phrase corresponding to your newly created wallet, so that it can also be used on other devices at a later time. Since the wallet is on your PC, it must be protected from malware or viruses.
Mobile Wallets
Mobile wallets are a very similar alternative to desktop wallets but designed for smartphones. They are the most practical wallets for everyday use as they allow you to send and receive crypto by scanning QR codes. The problem of viruses and malware is also present here, so you need to protect your device. In addition, given the daily use of the smartphone, it is necessary to have all the back up of the wallet for any recovery following theft or loss.
Hardware Wallets
Hardware wallets are physical electronic devices, not connected to the network except for their use. They generate random numbers to create public and private keys that are stored within them. Their intrinsic greater safety, however, is balanced by a less simple and quick use.
Hardware wallets are used in case you want to keep large amounts of crypto for a long time. The access PIN must always be set and the recovery phrase saved as in web wallets.
Paper Wallet
the paper wallet is a piece of paper on which a public address and its private key are physically printed via QR codes. Code scanning allows you to perform cryptocurrency transactions. This kind of wallet can be considered a good alternative to long-term crypto storage, given its resistance to online attacks.
The biggest problem lies in the fact in order to use the paper wallet, the total amount of crypto currencies in it must be moved.
If we have a 15 Bitcoin wallet and we only have to move 3 of them, we will first have to make an intermediate step to another address where you will send all 15 bitcoins, and then from there send the 3 you need. The remaining 12 will then have to be put back safely on another paper wallet
Remember that your paper wallet will be empty after its first outgoing transaction. So don't hope you can use it again later.
As we have already repeated, it is essential for each wallet to have the back up and the seed phrase to recover their wallet in case of problems.
Learn more about safety about your Coin here.