Even though this industry is only a little over 12 years old and has gained much attention, the general public still does not seriously take their bitcoin's security.
Anyone can become a victim of cryptocurrency theft if they do not take care to follow good practices. The result is plain to see, large amounts of money are lost or stolen. Bitcoin's enormous advantages in terms of decentralization also mean that hackers can disappear with all the money.
Why protect your Bitcoin?
Just like we keep fiat money or credit cards in a purse or wallet, we also use apps called by the same name to manage our bitcoins. There are many types of cryptocurrency wallets that we will talk about today while showing their strengths and weaknesses.
What is essential to understand is that it is not a wallet as such, having cryptocurrencies inside it, but only manages the private keys that allow us to access them on the blockchain. Some options will be more secure than others, but what is interesting to understand is that the protection of our bitcoins is up to us. We are the ones who determine how safe we want them to be.
Cryptocurrencies, especially Bitcoin, give the user great power, transforming them into their banks. But that comes with a huge responsibility that not everyone contemplates. One of the main risks of Bitcoin is that the user loses the private key or that someone has stolen it.
What matters is the Private Key
Hot Wallets
The different options that exist are:
Exchanges
Tablets
These wallets present a risk of creating and sometimes keeping the users' private key on those devices connected to the network. They are very convenient when accessing our funds and making and sending transactions, but we give up some security in return. Of course, they are not a complete danger, and there are cases where their use is interesting. Few people take the necessary precautions because they don't know how to protect their money.
It is not uncommon to read that someone has been robbed of funds and in different ways. If we go to Reddit, we will find a series of posts telling what has happened to their bitcoins for not storing them in the right way. The whole point of these wallets, or at least how we should use them, is as a place to carry little change. We don't go out with our wallets loaded with euros or dollars when we leave home, only with what we need to have a coffee or make a small purchase. That should be the purpose of these wallets.
The central idea of all this, and I repeat this for the sake of clarity, is basically to have as few funds as possible and to use another medium, as we will see below, to store the more significant amounts. A mention must be made of the exchange wallets because, as we have already said, we do not have control over those funds, but a third party, presenting the risk of someone stealing them, a server with hundreds or thousands of BTC is very tempting. This company will disappear in the future.
It may sound crazy, but banks, institutions that we would think of as safe because they have physical brick and mortar offices, have "disappeared," leaving their customers without money. Few of these companies have insurance in place to replace cryptocurrencies in the event of a problem. And while they have security measures in place, such as holding much of the funds in cold wallets, at day's end, it defeats the purpose of cryptocurrencies.
There is a phrase that goes:
Your keys, your bitcoin. Not your keys, not your bitcoin. Andreas Antonopoulos
And I couldn't agree more. In the end, so much technology and advantages to give the power to someone else is not the wisest decision in the world. But these wallets have the problem of internet connection, which creates an attack point for anyone who wants your cryptocurrencies. That's why we will now look at the second group that is more secure.
Cold Wallets
Paper Wallets
Physical Wallets
Inside them, there is software that takes care of all the technical details to make this option the most secure, from signing the transaction inside the device to never revealing it to requiring the user to enter a PIN to approve it. Since they connect to a computer to gain access to the Internet and what is transmitted is the transaction, no matter the security level of the PC, the hardware wallet is not affected.
Some options feature open-source software, leaving it up to the community to determine how secure they are. The downside is that while they are the best choice for someone who cares about security, they come at a cost that not everyone wants to pay at the end of the day.
Cold wallets are the best option for storing Bitcoin, although they require extra steps when sending funds. They need some additional technical knowledge to use them and get them up and running, but it is well worth it if we intend to have a lot of BTC. If you are starting, it is good to learn what alternatives exist and analyze them. Then decide whether you can afford to spend on a wallet or use a free option.
Protecting your online Wallet
In the exchange's wallets, knowing what a private key is or the address is not necessary. They make everything easy so that someone with little knowledge can operate. Even these services are very similar to those found in a bank account.
We do not need anything special, just a browser or download an app to start using them. That's why I'm going to give you some tips oriented explicitly to how to keep this kind of wallet safer, so you don't end up with a bad experience. Just remember to use them for small amounts and to learn, then it is a good idea to learn about the other wallets. Here are the best practices to raise the level of security:
Use Double Authentication Factor (2FA).
Do not use the phone as 2FA.
If you have the phone number associated with your account, it is best to use a different number to receive the code, a secret SIM card that no one knows.
Use separate email accounts.
I'm sure you are just like many people who use a separate email for daily communications, our Facebook, Twitter, PayPal, etc., account. We share the address with everyone, friends, family, and co-workers so that they can send us things, but it's also easy for attackers to know it.
If our exchange account ties to this email, the attacker already has vital information to access our wallet. The advisable thing to do here is separate the emails, one for personal use and one for the wallet (that you do not use for any other purpose). Different email addresses minimize the chances of a malicious agent discovering your account.
Tips to protect your Bitcoins
1. Choose a Hardware Wallet.
We know that they have a cost, approximately $100/€80, but as soon as we have that value in cryptocurrencies, the price is justified. I like to see it this way if we have $100 in an unsecured wallet, it means the possibility of losing it and having $0, better to have $0 in cryptocurrencies, but a wallet of that value that will serve us for the future.
Maybe it is a bit extreme, but when we pass a number we no longer feel comfortable losing, it is best to think about shopping. The best options are Trezor and Ledger, which offers several models with different features and pre-installed security and encryption capabilities.
2. Keep the private keys offline.
Whichever system you choose, the critical thing is always to take the necessary precautions to avoid an unpleasant surprise the day we need it.
3. Always use a secure Internet Connection.
Of course, if we can avoid any gadget to send a transaction and wait until we get home, all the better. However, this does not imply that we are completely protected.
4. Use a good, updated Antivirus.
While Windows users are vulnerable to various malware, all operating systems share malicious programs. We must check that the computer has reliable antivirus software installed. Viruses and malware are the gateways to our devices, so scanning before installing the wallet is essential.
5. Do not access suspicious links or web pages.
Curiosity killed the cat, which is why some links and buttons on the Internet look very attractive to click. We must be careful with these, as they can be dangerous. If we feel that something is not right, it is because maybe you are. Don't download pirated movies or watch inappropriate things on the same computer where you have your coins. That's a bad idea.
If you are using an exchange wallet or website, verify that you visit the official URL before entering any data. Some attacks consist of replicating entire websites to make the user believe that he is browsing in the right place. We must also be careful with email scams, such as phishing, which involves sending emails inviting you to click on a link and then stealing your information.
6. Use a very strong password for your online wallet.
Choosing the password is not trivial like entering "123456" or "password," nor should it be your home address or any data anyone can get. That's the first thing an attacker tries. Phone numbers, birth dates, names, favorite movies, that's information you're sure to share freely on your Facebook or Instagram feed.
Look for an alphanumeric combination that makes sense only to you or doesn't, and avidly write it down somewhere safe. Also, try adding special characters to make it even harder. Another thing to consider is not to use the same password for all services.
7. Never reveal your Private Key.
8. Keep a separate wallet for your daily transactions.
It is extra work because we have to send funds continuously from our central purse to the daily bag, but it will pay off.
9. Use Double Authentication factor (2FA).
We talked about this before, and when it comes to exchanging wallets or some mobile ones, it is good to activate this extra authentication measure that is simple but effective.
10. Always check the Bitcoin Address.
When you make a transaction, always pay attention to the address to which you are sending the money.
Malware running in the background can intervene when we copy and paste bitcoin addresses to change the result and send our BTC to another address. If we do not pay attention, we can end up sending the money to someone else.
11. Make backup copies of your Digital Wallet.
A backup copy will allow you to access your wallet if you lose it or your device breaks down. These are files generated by the wallet or seed phrases. Choose a place other than the wallet to store the backup copy securely. In case of theft, we will be able to recover the wallet with this information.
Even if they cannot access the wallet inside the device, we will want to remove the funds from there as a precaution.
12. Encrypt your Wallet.
The wallets that we generate on the computer or a cell phone can create a file to retrieve the wallet, a backup copy as we have already seen. But we must encrypt this file, either with the function offered by the wallet or with an external program.
The idea is that we can only access this file, which contains the private key, with a password. If a hacker gets access to the file, he cannot get to the key's most critical part.
13. Use Multi-Signature (MultiSig).
The concept of a multi-signature wallet is crucial because it allows dividing the responsibility and increasing the protection by needing more than one signature to send a transaction. An example is that the wallet consists of 5 people, but we only need 3 to approve a transaction. So, as long as three people are willing to carry out the transaction, it is sufficient.
Multisig reduces the risk that someone has access to the wallet of one of the people and can control our BTC. It also reduces the risk of loss since if one of the five is lost, there would still be four others who could sign.
14. Update the software you use regularly.
The operating system's software or some tools that we use, as in the browser, always receives updates. The ones we are interested in are the security ones. We should always have everything updated to the latest version to avoid vulnerabilities coming from software that we do not control.
We should also be concerned about updating our wallet software with new features and bug fixes that make it more secure. Try to check if developers release new updates before an attacker discovers them and can take advantage of them.
15. Do not forget your password.
Do not forget your password. Whether you have written it down or written it somewhere (that's why the mental wallet is not the most recommended), you have to have access in the future.
Summary
As the Bitcoin and cryptocurrency industry has grown, so has the interest of attackers in stealing people's money.
Those who are proactive can take steps to protect their digital assets better.
One of the best ways to protect our investment is using a secure wallet such as hardware wallets. However, any cold wallet is always preferable to a warm one.
Security experts advise not to have too many cryptocurrencies in exchange accounts.
Conclusion
Don't forget that if you lose our BTC, there is no way to get them back. There is no support to call to solve the problem. That's why a proactive attitude is vital before anything else.