Five million bitcoins.
That’s how many have been lost or stolen since bitcoin was created.
Unless you take the right precautions, cryptocurrency theft and hacking is still a very real threat.
And then there’s the risk of losing your cryptocurrency by failing to back it up. (Just ask the man who threw away a hard-drive with $75 million of bitcoin on it).
Luckily, there’s plenty you can do to protect yourself. In this article, we’ll go over eight best-practices you should follow when using cryptocurrency.
1. Don’t Tell People How Much Cryptocurrency You Own
Or better yet, don’t tell anyone that you own cryptocurrency at all. If pressed about this, a good answer is that you own “some” or any other non-answer.
The reasoning behind this is pretty simple. Telling people how much cryptocurrency you own is a great way to turn you into a target, even to people you trust. There’s a reason one of the first things lottery winners are always told is to contact a lawyer before telling those around them.
Unfortunately, money makes some people greedy, and those people will stop at nothing to get what they want.
Unlike a bank account or other fiat cash storage, cryptocurrency is almost always stored close to you (on a computer or hard-drive in your home). It can be stolen relatively easily. And while your password may be strong, rubber-hose cryptanalysis or social engineering means that a strong password may not be enough when thieves are in close proximity to you.
2. Cold Wallets Are an Awesome Idea
Keeping all your currency in a hot wallet is asking for trouble. A hot wallet (one connected to the internet) is great for day-to-day transactions, but they are easier to steal from. A “cold wallet” means storing your crypto offline. Keeping most of your cryptocurrency safe in cold storage is just plain good practice.
Read more: What is cold storage for cryptocurrency?
Additionally, for an extra step of protection, you can use a hardware wallet. Hardware wallets are like an external hard-drive but designed specifically to store cryptocurrency.
Most hardware wallets are tamper resistant. Meaning they will erase themselves if someone tries to break into them, either physically or by attempting many passwords. This is much better than a laptop or other general-purpose device because if the laptop is stolen, any wallets on there can be attacked forever.
3. Never Use Exchange Wallets for Longer Than You Need To
In other words, don’t keep your bitcoin on Coinbase, Bitpanda, Binance, or any other exchange.
This one doesn’t make sense on the surface. Why wouldn’t you want all your currency ready to trade at a moment’s notice?
First off, online wallets, in general, are dangerous. You are not the only person with access to your funds. In fact, you don’t even have total control over the wallet. Not having full control over your wallet is a pretty glaring security issue, and should be avoided if possible.
Secondly, cryptocurrency exchanges can fail incredibly quickly. There is no fallback for crypto exchanges other than the ones they make. If the exchange fails, you may never get your cryptocurrency back. Your money may have even been used without your knowledge in an attempt to prop up the failing exchange.
And lastly, due to their extremely large turnover, exchanges are a much bigger target for hackers and other malicious people than a single wallet.
4. Always Encrypt Your Wallets
Now that your crypto is safely in a private wallet, your next challenge is keeping your wallet secure should the files themselves be stolen by someone across the internet.
The first line of defense for the wallet is a strong password. As with most passwords, length trumps complexity, and the combination of both is best.
That said, if you believe your wallet has been compromised, move all the cryptocurrency from the compromised addresses to new (hopefully secure) addresses. The fees you will pay to move them to the new address is worth the peace of mind.
Some wallets have one-click options to do this, often referred to as “sweeping”.
5. Use Separate Addresses Where Possible
Staying private in the cryptocurrency world is, in general, a good idea. Bitcoin has a reputation for being anonymous, but that’s not actually true.
When you transact with someone, they can see your “public address.” It looks something like this:
It doesn’t tell anyone your name, but if they search for this address (on a block explorer), they’ll see every transaction you’ve ever made using that address.
It means you’re effectively sharing your transaction history with someone else. You’re also showing that person who else you have transacted with and how much was transferred. That last one falls under the first rule we have, as sharing how much cryptocurrency you have makes you a target.
When transacting with non-private cryptocurrencies like bitcoin or litecoin, be sure to use separate addresses for each transaction.
An alternative is using a truly anonymous cryptocurrency like monero.
6. Double Check Everything
One easy way to lose currency is to send it to the wrong place or to use the wrong wallet.
Cryptocurrency transactions are “immutable” – they can’t be reversed. So if you send money to the wrong wallet, it’s gone forever.
For this reason, you should always verify that you know what you’re doing, and everything is correct.
For addresses, this is pretty simple. Check that the first few and last few characters are the same as your intended target. If the first and last characters are correct the rest probably are.
Though, there is some malware out there that will switch out addresses for lookalikes in your clipboard. For this reason, you may want to verify that the entire address is correct before sending large amounts.
If you’re still worried, try sending a test transaction first.
7. Always Make Backups (Use the 3-2-1 Rule)
Keeping backups of everything is a good idea in general, but it’s an especially good idea when it comes to cryptocurrency.
For most use-cases, the 3-2-1 rule for backups should be followed; three copies, two different media, one off-site.
That could mean keeping your private keys on:
- Hardware wallet.
- CD or flash drive.
- Paper wallet.
That’s three versions stored on at least two different devices or media.
Next, you should keep one off-site. In other words, nowhere near the other two.
A nice off-site location is a safety deposit box at a bank. Either hardware or paper wallets are good here, though paper wallets are (in this case) the safer bet. Note that this requires you to trust that the bank will not open your box for any reason.
For large amounts of cryptocurrency, you can even utilize a former military bunker in the Swiss Alps.
The two separate media means that if one is damaged in some way, the other is likely not. And one off-site means that in the event of a house fire or otherwise, you still have a backup.
Remember that you should always encrypt your backups. If you back up a wallet file and someone malicious gets a hold of it, your currency is theirs to steal.
8. Never Spend Money You Can’t Afford to Lose
Finally, cryptocurrencies are incredibly volatile. This means the price can swing up very high, and fall very low. 40% swings of value in a single day are not unheard of, especially for smaller coins.
Much like with regular investments, storing value in cryptocurrencies is a calculated risk, and, there is always the chance that cryptocurrencies “go to zero”. And if you’ve put in every cent you have, you could end up in trouble.
The best-practices outlined here require a little extra work, but it’s well worth the effort. Keeping your crypto safe and secure is the most important thing you’ll do.