There are many benefits of Bitcoin, one of many is the unprecedented freedom which it provides from banks through its technology. This is a revolutionary idea, no more banks needed. Here you’ll find all the basic crypto security tips you must know.
Once these are covered you may want to check our advanced cryptocurrency security tips. Many people don’t take any security measures at all, normally these are the victims of hackers. You can visualize this as if you are the sheriff of a town who protects the bank vault from thieves. The thieves (Hackers) will always attack the soft target, avoid at all costs being a soft target.
So let’s get into it, here are BeInCrypto’s top crypto security tips:
In this guide:
- Take cryptocurrency security measures seriously
- Use complex passwords
- Avoid public Wi-Fi
- Beware of phishing scams
- Don’t store your cryptocurrency on exchanges
- Keep your devices safe
- Enable two-factor authentication
- Keep your cryptocurrency holdings private
- Avoid sending funds to a wrong address
- Frequently Asked Question
Take cryptocurrency security measures seriously
Blockchain and cryptocurrency are safe in principle. However, when you have conversations with other people about cryptocurrencies, they have doubts that someone can hack the blockchain or your cryptocurrency. This is a misconception many people tend to have.
Blockchain technology is protected by cryptographic algorithms, hence the name cryptocurrencies. The system itself is already a security measure against hackers. To break this you would need an immense amount of computational power. For example, the oldest cryptocurrency Bitcoin has never been hacked.
If hackers can’t hack the cryptocurrency itself, their next target will be the users. Hackers will hunt for weak security and hack the platform you use to store your digital assets. Therefore the most important cryptocurrency security tip is to take security measures seriously.
Use complex passwords
For many readers, this tip may seem obvious. However, nowadays the three most common passwords are 123456, 123456789, and the most comical password.
In your password, try to combine upper and lowercase letters, numbers and symbols. The longer the password is, the better. You may use online password testers to see how strong your password is. Using a password generator to get random passwords is also a good idea.
Password managers are a popular service. They generate a unique, long, and complex password for each online account you own. These services are very safe and many big profile companies use them. Either way, if you have the time and dedication (or a big sum of money in cryptocurrencies) the safest solution will always be to note the passwords on paper.
Avoid public Wi-Fi
Public Wi-Fi can be a comfortable service, however you must avoid interacting with any exchange or wallets while connected. Hackers can easily collect the data transmitted through the network, for instance, your login credentials. We strongly recommend to never connect to any financial service on public networks. In case of a desperate situation at least use a VPN.
Beware of phishing scams
You may know about phishing scams, its the most common method of stealing credentials for traditional online banking. Cryptocurrency exchanges and wallets are also subject to this disguised technique. One of the most basic scam techniques used by hackers to steal your Bitcoin or altcoins.
Phishing scams create false websites and apps, resembling the original sites and apps. The user is fooled and doesn’t know that they have been redirected to a fake site. The user inserts their personal information, and now the hackers have your credentials. The hackers can easily send the funds to their wallets.
If you regularly access exchanges, an easy security measure is to bookmark these websites. Always access these websites using your bookmarks and you will be safe. This makes cryptocurrency security much more secure. The phishing sites tend to focus on common typos. A notable example was myetherwallet (a respectful Etheruem wallet), which was victim of several phishing scams.
Use your common sense and concentrate on basic safety practices such as: not downloading any suspicious files, keep your firewall updated and enabled, and don’t visit known hazardous websites. Only use websites with SSL or TLS certificates (sites with the padlock beside the URL). These protocols are used to protect the privacy and integrity of data transmitted over the internet, such as login credentials and credit card information. This is a good security practice, as well as a good crypto security practice.
Don’t store your cryptocurrency on exchanges
This may be the most common mistake made by crypto holders. The word exchange already provides you with a clue of the purpose of these platforms. They are used to exchange, they are not intended for the custody of your cryptocurrencies. No matter how good your crypto security is, not holding your crypto renders it useless.
The largest amount of stolen Bitcoin was due to the exchange hacks, not of the cryptocurrency itself. Normally hackers attack small exchanges, which lack in security. Although big exchanges have been hit as well. Here is a list of some of the most notable Bitcoin heists to date:
- Mt. Gox: 850,000 BTC (Worth $450 million at the time in 2011)
- Bitfinex: 120,000 BTC
- Bitcoinica: 43,554 BTC
- Bitfloor: 24,000 BTC
- Bitstamp: 19,000 BTC
- Binance: 7000 BTC
- Poloniex: 97 BTC
We placed Binance and Poloniex, not because of the amount, just to make you aware that even reputable exchanges can get hacked. Fortunately, exchanges have evolved, as well as their security measures. The biggest BTC hacks mainly occurred when the cryptocurrency exchanges were still young, and their cryptocurrency security measures were low. Nevertheless, Binance was hit in 2019. No exchange is impervious to hacks.
The only reason to have your digital assets on exchanges would be if you are a daily trader. If you are a holder or a long-term trader, the best practice would be to store your Bitcoin and/or altcoins on a cryptocurrency wallet. If you wish to exchange for another cryptocurrency or FIAT, send it to your wallet once you’ve completed the trade. Remember, whoever has the private key controls the money.
Keep your devices safe
This cryptocurrency security measure depends greatly on the amount of money you have in Bitcoin. As a rule of thumb, we recommend that if you have more than $500 worth in Bitcoin its recommendable to buy a cryptocurrency hardware wallet. There are many hardware wallets in the market.
Cryptocurrency hardware wallets are by far the safest approach to store your digital assets. A cryptocurrency hardware wallet is a specialized device which has been solely designed for crypto security. These devices store your private keys inside an impenetrable circuit and allows them to sign transactions with a single click. As with many other wallets, it offers a seed phrase to easily transfer your private keys in case your device is stolen or lost.
If you have a small amount of Bitcoin, or you want a faster and seamless wallet, you may use hot wallets. There are tradeoffs between cryptocurrency hot, cold, and hardware wallets. If your devices aren’t safe, then hot wallets are safer than leaving your cryptocurrencies on an exchange.
Enable two-factor authentication
Two-factor authentication is an extra layer of security. It adds an extra step in the login process. It generates a password by an app (Google authenticator or Authy) stored sent to your smartphone. Every couple of seconds a new password is generated for more security. The purpose is to create an extra external security layer, which makes it more difficult for the hacker. The hacker would have to have access to your phone to access your accounts.
Most exchanges offer 2-factor authentication, it is very easy to install. Two-factor authentication can, and should be used on the email you use to login into the exchange accounts.
Additional options, such as a random PIN sent to your email and SMS are also offered by some exchanges. Either way, we strongly recommend not using SMS verification.
Keep your cryptocurrency holdings private
You may be proud of an investment you’ve made in a cryptocurrency. Many investors brag of their holdings and successes, especially in the great surge of 2017. Nowadays, people have learned that this may not be a good idea. The most extreme example is a Bitcoin holder who was murdered after being forced to send his Bitcoin.
Cryptocurrencies don’t have an identity attached to the money like traditional banking does. If you have the private keys of Bitcoin, you are the owner. Therefore, if you are obliged to send your Bitcoin to an address, you won’t be able to reclaim them. For criminals, this can be attractive.
A simple solution is not to boast about your holdings to anyone, or at least keep a low profile about it. In conferences, meetups, or out of curiosity of your friends, you may get the question of how much cryptocurrency you hold. Avoid answering this question for your security, especially if you hold a substantial amount.
Avoid sending funds to a wrong address
Cryptocurrency addresses are very long and complex.
If you send the assets to a wrong address by mistake you will lose your funds. This is another mistake that will render strong crypto security useless. Addresses are not attached to identities, you won’t be able to contact the person holding the address. Additionally, if you find the holder, you can’t oblige them to return the funds. With Bitcoin and altcoins, there is no middleman, which for many reasons has clear advantages.
As the addresses are very long, it’s not recommended to type these addresses manually. Many exchanges and wallets offer a copy to clipboard button. Selecting the address manually can also create mistakes. Either way, if you copy and paste the address you must always check if they are the same. Unfortunately, there have been cases where the copy and paste functionality had been hacked. A common practice is to check the first and last 5 digits of the address.
Transfers in cryptocurrency have very low fees. Therefore it’s very recommendable to send a small amount and check if it worked and then send the whole amount. It costs almost nothing, so there is no excuse. Crypto security is paramount. Use the best practices to stay safe.
Frequently Asked Question
What is an SSL/ TLS certificate?
What are phishing scams?
What is a hardware wallet?
What is two factor authentication (2FA)?
In line with the Trust Project guidelines, the educational content on this website is offered in good faith and for general information purposes only. BeInCrypto prioritizes providing high-quality information, taking the time to research and create informative content for readers. While partners may reward the company with commissions for placements in articles, these commissions do not influence the unbiased, honest, and helpful content creation process. Any action taken by the reader based on this information is strictly at their own risk.