Five million bitcoins.

That’s how many have been lost or stolen since bitcoin was created. 

Unless you take the right precautions, cryptocurrency theft and hacking is still a very real threat. 

And then there’s the risk of losing your cryptocurrency by failing to back it up. (Just ask the man who threw away a hard-drive with $75 million of bitcoin on it).

Luckily, there’s plenty you can do to protect yourself. In this article, we’ll go over eight best-practices you should follow when using cryptocurrency.

Stay safe.

1. Don’t Tell People How Much Cryptocurrency You Own

Or better yet, don’t tell anyone that you own cryptocurrency at all. If pressed about this, a good answer is that you own “some” or any other non-answer.

The reasoning behind this is pretty simple. Telling people how much cryptocurrency you own is a great way to turn you into a target, even to people you trust. There’s a reason one of the first things lottery winners are always told is to contact a lawyer before telling those around them. 

bitcoin best practices

Unfortunately, money makes some people greedy, and those people will stop at nothing to get what they want.

Unlike a bank account or other fiat cash storage, cryptocurrency is almost always stored close to you (on a computer or hard-drive in your home). It can be stolen relatively easily. And while your password may be strong, rubber-hose cryptanalysis or social engineering means that a strong password may not be enough when thieves are in close proximity to you.

2. Cold Wallets Are an Awesome Idea

Keeping all your currency in a hot wallet is asking for trouble. A hot wallet (one connected to the internet) is great for day-to-day transactions, but they are easier to steal from. A “cold wallet” means storing your crypto offline. Keeping most of your cryptocurrency safe in cold storage is just plain good practice.

Read more: What is cold storage for cryptocurrency?

Additionally, for an extra step of protection, you can use a hardware wallet. Hardware wallets are like an external hard-drive but designed specifically to store cryptocurrency. 

ledger nano cold storage bitcoin wallet plugged into a laptop
Pictured: a Ledger Nano hardware wallet

Most hardware wallets are tamper resistant. Meaning they will erase themselves if someone tries to break into them, either physically or by attempting many passwords. This is much better than a laptop or other general-purpose device because if the laptop is stolen, any wallets on there can be attacked forever.

The most popular cold storage hardware wallets are Ledger and Trezor. 

3. Never Use Exchange Wallets for Longer Than You Need To

In other words, don’t keep your bitcoin on Coinbase, Bitpanda, Binance, or any other exchange.

This one doesn’t make sense on the surface. Why wouldn’t you want all your currency ready to trade at a moment’s notice?

First off, online wallets, in general, are dangerous. You are not the only person with access to your funds. In fact, you don’t even have total control over the wallet. Not having full control over your wallet is a pretty glaring security issue, and should be avoided if possible.

Secondly, cryptocurrency exchanges can fail incredibly quickly. There is no fallback for crypto exchanges other than the ones they make. If the exchange fails, you may never get your cryptocurrency back. Your money may have even been used without your knowledge in an attempt to prop up the failing exchange.

And lastly, due to their extremely large turnover, exchanges are a much bigger target for hackers and other malicious people than a single wallet.

4. Always Encrypt Your Wallets

Now that your crypto is safely in a private wallet, your next challenge is keeping your wallet secure should the files themselves be stolen by someone across the internet.

The first line of defense for the wallet is a strong password. As with most passwords, length trumps complexity, and the combination of both is best.

how to make strong passwords
Credit: 360 Total Security

That said, if you believe your wallet has been compromised, move all the cryptocurrency from the compromised addresses to new (hopefully secure) addresses. The fees you will pay to move them to the new address is worth the peace of mind. 

Some wallets have one-click options to do this, often referred to as “sweeping”.

5. Use Separate Addresses Where Possible

Staying private in the cryptocurrency world is, in general, a good idea. Bitcoin has a reputation for being anonymous, but that’s not actually true.

When you transact with someone, they can see your “public address.” It looks something like this:

1GsOmhLr0FbBpNco1NDar6sSV8tsHaKF6kd.

It doesn’t tell anyone your name, but if they search for this address (on a block explorer), they’ll see every transaction you’ve ever made using that address.

It means you’re effectively sharing your transaction history with someone else. You’re also showing that person who else you have transacted with and how much was transferred. That last one falls under the first rule we have, as sharing how much cryptocurrency you have makes you a target.

When transacting with non-private cryptocurrencies like bitcoin or litecoin, be sure to use separate addresses for each transaction.

An alternative is using a truly anonymous cryptocurrency like monero.

6. Double Check Everything

One easy way to lose currency is to send it to the wrong place or to use the wrong wallet. 

Cryptocurrency transactions are “immutable” – they can’t be reversed. So if you send money to the wrong wallet, it’s gone forever.

For this reason, you should always verify that you know what you’re doing, and everything is correct.

For addresses, this is pretty simple. Check that the first few and last few characters are the same as your intended target. If the first and last characters are correct the rest probably are. 

Though, there is some malware out there that will switch out addresses for lookalikes in your clipboard. For this reason, you may want to verify that the entire address is correct before sending large amounts. 

If you’re still worried, try sending a test transaction first.

7. Always Make Backups (Use the 3-2-1 Rule)

Keeping backups of everything is a good idea in general, but it’s an especially good idea when it comes to cryptocurrency.

For most use-cases, the 3-2-1 rule for backups should be followed; three copies, two different media, one off-site. 

321-Backup
Credit: ISG Tech

That could mean keeping your private keys on:

  1. Hardware wallet.
  2. CD or flash drive.
  3. Paper wallet.

That’s three versions stored on at least two different devices or media.

Next, you should keep one off-site. In other words, nowhere near the other two. 

A nice off-site location is a safety deposit box at a bank. Either hardware or paper wallets are good here, though paper wallets are (in this case) the safer bet. Note that this requires you to trust that the bank will not open your box for any reason.

For large amounts of cryptocurrency, you can even utilize a former military bunker in the Swiss Alps.

The two separate media means that if one is damaged in some way, the other is likely not. And one off-site means that in the event of a house fire or otherwise, you still have a backup.

Remember that you should always encrypt your backups. If you back up a wallet file and someone malicious gets a hold of it, your currency is theirs to steal.

8. Never Spend Money You Can’t Afford to Lose

Finally, cryptocurrencies are incredibly volatile. This means the price can swing up very high, and fall very low. 40% swings of value in a single day are not unheard of, especially for smaller coins.

Much like with regular investments, storing value in cryptocurrencies is a calculated risk, and, there is always the chance that cryptocurrencies “go to zero”. And if you’ve put in every cent you have, you could end up in trouble.

Conclusion

The best-practices outlined here require a little extra work, but it’s well worth the effort. Keeping your crypto safe and secure is the most important thing you’ll do.

  • Cold storage means storing your bitcoin offline, making it less vulnerable to hacking.
  • Cold storage options include USB drives, paper wallets or hardware wallets.
  • “Deep” cold storage means placing the cold wallet in a vault or safety deposit box.

In the Swiss mountains, there’s an old military bunker where millionaires hide their bitcoin. The bunker was converted into a secure vault by Xapo – a cryptocurrency storage company.

The richest bitcoin investors arrive here with their encrypted hard drives in the strictest secrecy.

war bunker converted into bitcoin vault in switzerland
Credit: JOON IAN WONG/QUARTZ

This is the ultimate in bitcoin “cold storage.”

In simple terms, cold storage means storing your bitcoin offline where it cannot be hacked. It is the opposite of a “hot” wallet which is connected to the internet.

Why should I use cold storage?

Safety from hacks: Your bitcoin is most vulnerable when it’s stored online. Thieves and hackers can potentially access online wallets precisely because they are connected to the internet. To ensure your cryptocurrency wallet isn’t hacked, move it to an offline, cold storage wallet instead.

Long-term holding: Cold storage is ideal for long-term investors who want to buy crypto, hold it and forget about it. But if you’re looking to trade or spend bitcoin regularly, you might want a hot wallet, which is easier to access day-to-day.

What is a cold storage wallet?

Here are a handful of options to store crypto offline:

ledger nano cold storage bitcoin wallet plugged into a laptop

1. Hardware wallets

Hardware wallets are the ultimate cold storage, designed specifically to store cryptocurrencies. They are only connected to the internet for a short moment while you transfer your bitcoin. You then keep them safely offline.

Hardware wallets look like a small USB storage device. They are usually virus-proof, water-proof and come with backup technology. They’re easy to use. Some even have software so you can quickly check your balance. Examples include Ledger (pictured above) and Trezor.

2. Paper wallets

A paper wallet is exactly as it sounds: a piece of paper! That might not sound secure, but it’s never connected to the internet. You can’t hack paper.

The paper wallet contains your private key, either written by hand, printed out, or displayed by a QR code. Without the private key, no-one can steal your crypto.

The downside, of course, is that you could lose or destroy the paper wallet, so always keep a backup.

3. USB stick or external hard drive

Alternatively, you can keep your private key stored as a file on a USB stick or external hard drive.

4. Hot/cold storage hybrid

Some desktop wallets and software wallets now have a “cold storage” mode. You can store some of your crypto safely offline while keeping some online for frequent trading or purchasing.

The downsides of cold storage

If you lose your cold storage device, your bitcoin is gone forever.

Let’s say your hardware wallet is stolen. Your paper wallet is damaged by water. Your hard drive gets corrupted. In all these cases, you cannot get your money back.

It’s estimated that 30% of all bitcoin in circulation is already gone because of this problem.

When you’re using cold storage, always keep a backup, just in case.

Another problem is ease of access. Cold storage isn’t ideal if you want to spend bitcoin or trade it regularly. One option is to keep a large amount in cold storage and a small amount in hot wallets for frequent use.

What is deep storage?

Deep storage is the next level. Take your hardware wallet and place it in a vault or safety deposit box (or a military bunker in Switzerland).

Not only is your bitcoin stored offline and safe from hackers, it is now safe from theft too.

Cold storage through a hardware wallet such as the Ledger Nano S is among the safest, most secure, and widely recommended way to store crypto assets. However, using a hardware wallet isn’t always straightforward: not all coins are supported, user interfaces are clunky, and users are often required to use multiple apps to interact with different blockchains.

Ledger, the company behind the best-selling Ledger Nano S hardware wallet, seeks to rectify those user experience issues with new desktop and mobile applications that unify all supported cryptocurrency tokens under one central app and dashboard. Ledger first announced the new applications, which will take the place of the existing Google Chrome apps provided by Ledger, back in February of this year.

In a Twitter post, Ledger has revealed that the “initial version” of the Ledger Wallet desktop native application will be available starting on July 9th. Ledger says that even though there is an added wait to their original launch estimate, the wait will be “worth it.” The firm says regular periodic updates will follow after launch – the first of which should be adding ERC20 support.

The mobile version of the Ledger Wallet application is still on track for an “end of Q4 2018” release.

The new Ledger Wallet app is a web-based solution (the current Ledger Manager app is Google Chrome browser-based) that will support 28 different cryptocurrency tokens, multiple ledger devices, and come with a central dashboard to manage all aspects of a user’s digital currency portfolio, including sending and receiving crypto tokens, as well as viewing account balances and transaction histories.

In future updates, Ledger expects to eventually support over 100+ cryptocurrencies, enable integration of third-party apps, and more.

Ledger is a Paris, France-based company founded in 2014 with the goal of “securing the new disruptive class of crypto assets.”

Ledger, cryptocurrency cold storage hardware wallet manufacturer, has released a new firmware update that enables a number of new features, security improvements, and functionality changes to their best-selling hardware wallet, the Ledger Nano S. In a blog post on Ledger’s official website, Chief Security Officer Charles Guillemet sheds some light on what the new firmware entails.

Firmware 1.4.1, which is available now, brings forth a number of changes including:

  • A new screen lock management feature. A long press of both Nano S buttons for three seconds will lock the device. This security feature is helpful in case you become a target for a physical attack and theft while using your Ledger. It allows you to lock out any potential thieves.
  • During the initial setup process, users will now need to confirm all 24 passphrase words, instead of the two previously required.
  • Cache optimizations, that speed up the device.
  • BOLOS has been updated, splitting apps into three code segments for greater security, as well as tweaks to the SDK.
  • Cryptographic support has been extended, now offering new Elliptical Curves.
  • Last but not least, the Ledger S Nano can now load up to 18 apps on the device, which was previously tapped out at around 3-4 apps, depending on size. This is especially helpful for Nano S users, who hold many different types of cryptocurrencies.

Despite such a positive slate of new features, the good news very quickly turned into a storm of negativity, as users struggled to update the firmware on their devices, as too many update attempts clogged up Ledger’s servers. This left many unable to update their devices. Worse yet, users are claiming that the Ledger Nano S offers no indication that the update is occurring, or what the progress is at – causing many users to unplug their devices mid-update, bricking them in the process.

To make matters worse, at the same time users were experiencing issues with updating their Ledger Nano S, a prominent security researcher tweeted about the discovery of a “dangerous” issue that could lead to “compromised recovery seed generation” or “private key extraction.” The research also encouraged users to “switch to a new recovery seed” if a user was overly paranoid about losing their funds.

According to the company’s CEO, who attempted to clear the air – via the /r/ledgerwallet subreddit where users were expressing their concerns in a panic – stating that the claims were overblown, and are “massive FUD.” The Ledger CEO claims that the security flaw was “greatly exaggerated,” explaining:

“The vulnerability reported by Saleem requires physical access to the device BEFORE setup of the seed, installing a custom version of the MCU firmware, installing a malware on the target’s computer and have him confirm a very specific transaction. While possible, this proof of concept ranks by no mean as a critical severity level and has never been demonstrated.”

Ledger asserts this is no cause for panic, and many Reddit users believe that the security researcher attempted to blow the issue out of proportion in hopes of earning a greater bounty for his discovery.

The security flaw is yet another reason that customers interested in purchasing a Ledger Nano S should purchase it directly from Ledger to avoid any chance of a seller tampering with the device before it reaches the end user. With the surge in cryptocurrency popularity, the Ledger Nano S has been difficult to obtain through official channels, which led to customers purchasing from third party sources such as eBay, resulting in pre-generated passphrases and theft of funds. At the time of this writing, the Ledger Nano S is in stock via Ledger themselves.