Digital assets such as cryptocurrencies are a technical innovation that could potentially revolutionize the current financial system and make it more of an Internet Financial System (IFS). However, with everything being digital, and often irreversible, there have been an array of hacks and scams within the crypto sector, often in the millions of dollars. But apart from overall security of certain crypto platforms (bridges, exchanges, protocols), it’s probably far more important for you to safeguard your own digital assets. Not being careful could lead to getting scammed, hacked, or doxxed, any of which will likely have large implications on your financial and personal security.
As such is the case, it’s incredibly important to ensure your crypto security knowledge and methods are watertight. Not taking good care of your information, or being aware of potential scams and/or red flags could be disastrous for you. In this piece we’ll outline the biggest mistakes to avoid with your crypto security, along with some good practices to use when managing and securing your digital assets.
Biggest Mistakes to Avoid
There are a few main mistakes to avoid when it comes to crypto security, and thankfully they aren’t very complicated.
The first two things involve your recovery phrase. This is the phrase given to you when you create a crypto wallet, and it’s used to recover your account should you lose your device.
There are two things you need to do with your recovery phrase, which are:
1. Keep it somewhere safe/where you’ll remember (but also don’t take a picture and keep it on your phone as this could be hacked much easier than your crypto wallet), and
2. Don’t tell anyone what it is.
No matter what someone says, or their perceived authority, they don’t need your recovery phrase to help you with anything. Anyone asking for your recovery phrase is trying to steal your funds.
The second mistake to avoid is giving anyone your private key. This is the same thing as giving away your recovery phrase, and likewise will never be needed by anyone other than you.
Finally, be sure to avoid blindly signing transactions, as less reputable platforms can sneak in permissions when you allow the site to connect to your wallet. Always double check what you’re agreeing to in the transaction before signing.
Managing Crypto: Picking a Good Exchange, Withdrawing to a Private Wallet
Now that you know the biggest mistake to avoid, we can outline some good practices when it comes to managing your crypto security. Firstly, be sure to pick a good exchange, such as one that has some sort of insurance fund in case they’re compromised. Exchanges like Binance have a fund put aside that can make users whole if a hack occurs, making them a fairly safe place to keep your crypto. Be sure to check if the exchange has some sort of emergency fund, as it’s a good extra layer of assurance. As long as the exchange is reputable you should be safe to hold funds on the exchange.
However, if you’re not planning on trading the assets anytime soon, then it’s a good idea to withdraw the crypto assets to an external wallet that you control. This could be a software wallet such as MetaMask or Exodus, or a hardware wallet such as a Ledger Nano X or Trezor One.
Securing Your Crypto: Personal Wallet, Hardware Wallet, Strong Passwords
When it comes to securing your crypto with a personal wallet, rather than an exchange wallet, there are a few things you can do to improve your security.
First, make sure to use a strong password for approving transactions. This is also true of creating a password for your exchange account. You’ll only need to create a strong password for software wallets, as hardware wallets have their own separate password and transaction signing process.
Second, be sure to use two-factor authentication if it’s available, for both exchanges and wallets. This adds another layer of security which makes it harder for bad actors to steal your funds if they manage to get access to some of your information.
Finally, be sure to store your hardware wallet and/or recovery phrase backups somewhere safe. As mentioned earlier, it’s not a good idea to just take a photo of your recovery phrase as a way to back it up, especially if your phone automatically backs up your photos to a cloud service. This is because these services are much less secure than physical storage of a piece of paper with the phrase written down.
Someone would have to physically take the piece of paper (if they even know where you hid it), in order to steal your funds. In contrast, they would simply have to be able to see the photo on your phone or cloud to steal your funds if that’s how you stored it.
Similarly, keep a physical hardware wallet somewhere secure. While it’s not as easy to use as a recovery phrase to steal your funds, it still creates a hole in your crypto security if everyone knows you keep your Ledger in a drawer in the dining room.
