Even though this industry is only a little over 12 years old and has gained much attention, the general public still does not seriously take their bitcoin's security.
A practical guide to protecting Bitcoin (Pic by Photo by Franck, @franckinjapan on Unsplash)
Anyone can become a victim of cryptocurrency theft if they do not take care to follow good practices. The result is plain to see, large amounts of money are lost or stolen. Bitcoin's enormous advantages in terms of decentralization also mean that hackers can disappear with all the money.
And it's also not very nice not to have a backup copy to access a wallet that has access to several BTC that has now become entirely unreachable. That's what we're going to talk about today, showing you what the dangers are and the best tips for keeping your BTC protected at all times.
Why protect your Bitcoin?
After it hit all-time highs in late 2017 and 2021, Bitcoin has become a major digital asset for investors and thieves alike. And that's because as new people joined this ecosystem, especially with no cybersecurity experience, the more interesting BTC became for the misnamed hackers. Not only that, but they have been generating new ingenious ways to take control of the bitcoins of the most unwary.
Just like we keep fiat money or credit cards in a purse or wallet, we also use apps called by the same name to manage our bitcoins. There are many types of cryptocurrency wallets that we will talk about today while showing their strengths and weaknesses.
What is essential to understand is that it is not a wallet as such, having cryptocurrencies inside it, but only manages the private keys that allow us to access them on the blockchain. Some options will be more secure than others, but what is interesting to understand is that the protection of our bitcoins is up to us. We are the ones who determine how safe we want them to be.
Cryptocurrencies, especially Bitcoin, give the user great power, transforming them into their banks. But that comes with a huge responsibility that not everyone contemplates. One of the main risks of Bitcoin is that the user loses the private key or that someone has stolen it.
We will not access the BTC without this private key, even though we know how many are in that wallet. In the end, it is a tough job that few people, when they start with Bitcoin, take the trouble to learn.
What matters is the Private Key
Many investors or holders of cryptocurrencies like Bitcoin or Ethereum buy from a crypto exchange and then hold them on that platform. These platforms are custodial wallets, as they keep people's cryptocurrencies in custody by holding their private keys. They may have a mechanism to protect the BTC or ETH that users hold, but it is a massive gamble at the end of the day.
The best way to protect our investment is with a non-custodial wallet, one in which we have full control of the funds, i.e., the private key. There are two groups of wallets, hot and cold (also known as online and offline). Suppose we are looking for the most secure alternative. In that case, it will probably be the cold wallets, especially the hardware ones, which in the end implement a series of crucial measures to guarantee the security of our funds. Let's see what other types of wallets exist within these two groups.
Hot Wallets
Online or hot wallets are so-called for the simple reason that they have an online connection, which makes them a problematic offer for attackers to refuse.
The different options that exist are:
These wallets present a risk of creating and sometimes keeping the users' private key on those devices connected to the network. They are very convenient when accessing our funds and making and sending transactions, but we give up some security in return. Of course, they are not a complete danger, and there are cases where their use is interesting. Few people take the necessary precautions because they don't know how to protect their money.
It is not uncommon to read that someone has been robbed of funds and in different ways. If we go to Reddit, we will find a series of posts telling what has happened to their bitcoins for not storing them in the right way. The whole point of these wallets, or at least how we should use them, is as a place to carry little change. We don't go out with our wallets loaded with euros or dollars when we leave home, only with what we need to have a coffee or make a small purchase. That should be the purpose of these wallets.
The central idea of all this, and I repeat this for the sake of clarity, is basically to have as few funds as possible and to use another medium, as we will see below, to store the more significant amounts. A mention must be made of the exchange wallets because, as we have already said, we do not have control over those funds, but a third party, presenting the risk of someone stealing them, a server with hundreds or thousands of BTC is very tempting. This company will disappear in the future.
It may sound crazy, but banks, institutions that we would think of as safe because they have physical brick and mortar offices, have "disappeared," leaving their customers without money. Few of these companies have insurance in place to replace cryptocurrencies in the event of a problem. And while they have security measures in place, such as holding much of the funds in cold wallets, at day's end, it defeats the purpose of cryptocurrencies.
There is a phrase that goes:
Your keys, your bitcoin. Not your keys, not your bitcoin. Andreas Antonopoulos
And I couldn't agree more. In the end, so much technology and advantages to give the power to someone else is not the wisest decision in the world. But these wallets have the problem of internet connection, which creates an attack point for anyone who wants your cryptocurrencies. That's why we will now look at the second group that is more secure.
Cold Wallets
The other group of wallets we need to talk about, which is the more secure option of the two, is the cold wallets or offline. Just as hot wallets connect to the Internet, the key of these wallets is that they never connect online, at least not directly, which offers excellent benefits in protecting our cryptocurrencies.
Perhaps they are not so convenient when sending transactions since you have to take a few extra steps. But if we want to control our funds, it's as easy as looking at the Bitcoin address in a browser.
Paper Wallets
One of the options we have within this group is paper wallets, which are usually very secure but impractical because we write down the private key or seed phrase on a piece of paper. You can use the key or phrase in another wallet to sign transactions. But as long as we keep it offline, it is an excellent way to keep our BTC protected.
However, we must be careful with this method because the sheet of paper can be damaged due to various circumstances and make the wallet completely useless. Some people choose to laminate or use another material, such as wood or metal, to write the information.
The next important thing about these wallets is that we must find a safe place to store them. So no one can see the physical item and where it cannot be stolen or suffer an accident.
Physical Wallets
Physical wallets are similar to the USB sticks we use daily, although they are bigger and have a screen. Makers create these devices to store the user's private key without ever revealing it.
Inside them, there is software that takes care of all the technical details to make this option the most secure, from signing the transaction inside the device to never revealing it to requiring the user to enter a PIN to approve it. Since they connect to a computer to gain access to the Internet and what is transmitted is the transaction, no matter the security level of the PC, the hardware wallet is not affected.
Some options feature open-source software, leaving it up to the community to determine how secure they are. The downside is that while they are the best choice for someone who cares about security, they come at a cost that not everyone wants to pay at the end of the day.
Cold wallets are the best option for storing Bitcoin, although they require extra steps when sending funds. They need some additional technical knowledge to use them and get them up and running, but it is well worth it if we intend to have a lot of BTC. If you are starting, it is good to learn what alternatives exist and analyze them. Then decide whether you can afford to spend on a wallet or use a free option.
Protecting your online Wallet
The easiest option to start with Bitcoin or other popular cryptocurrencies is to make an account on Coinbase or Binance exchanges. We know they are not the best options in terms of security. Still, when you are just starting and don't know anything about this world, the truth is that it is not very comforting to overwhelm yourself with so much new information that you are absorbing to learn about this sector.
In the exchange's wallets, knowing what a private key is or the address is not necessary. They make everything easy so that someone with little knowledge can operate. Even these services are very similar to those found in a bank account.
We do not need anything special, just a browser or download an app to start using them. That's why I'm going to give you some tips oriented explicitly to how to keep this kind of wallet safer, so you don't end up with a bad experience. Just remember to use them for small amounts and to learn, then it is a good idea to learn about the other wallets. Here are the best practices to raise the level of security:
Use Double Authentication Factor (2FA).
Most of these services have what is known as two-factor authentication. 2Fa is important because when we activate it in the app or the browser if an attacker knows our email and password, he will have to enter an extra piece of information that is very difficult to obtain.
Do not use the phone as 2FA.
Not all 2FA methods are equally secure, and most likely, when we set it up, it will give us the option of several mechanisms. The advice I can give you is never to use SMS to secure your account, and some more advanced attackers have a way to "hijack" your phone and intercept this code.
If you have the phone number associated with your account, it is best to use a different number to receive the code, a secret SIM card that no one knows.
Use separate email accounts.
I'm sure you are just like many people who use a separate email for daily communications, our Facebook, Twitter, PayPal, etc., account. We share the address with everyone, friends, family, and co-workers so that they can send us things, but it's also easy for attackers to know it.
If our exchange account ties to this email, the attacker already has vital information to access our wallet. The advisable thing to do here is separate the emails, one for personal use and one for the wallet (that you do not use for any other purpose). Different email addresses minimize the chances of a malicious agent discovering your account.
Tips to protect your Bitcoins
Now that we have all the information to understand the problem we face, we can move on to the practical tips that will help us protect bitcoins.
1. Choose a Hardware Wallet.
There are many Bitcoin wallet options on the market, and that makes it difficult to choose. But if we are concerned about security, we should turn to an offline wallet, and if possible, a hardware one.
We know that they have a cost, approximately $100/âŽ80, but as soon as we have that value in cryptocurrencies, the price is justified. I like to see it this way if we have $100 in an unsecured wallet, it means the possibility of losing it and having $0, better to have $0 in cryptocurrencies, but a wallet of that value that will serve us for the future.
Maybe it is a bit extreme, but when we pass a number we no longer feel comfortable losing, it is best to think about shopping. The best options are Trezor and Ledger, which offers several models with different features and pre-installed security and encryption capabilities.
2. Keep the private keys offline.
The attackers and we are interested in the private key, so keeping it offline and away from any prying eyes is best. We saw a paid option and even the possibility of writing it down on a piece of paper. We can even memorize it and create what is known as a mental wallet, although we do not recommend it.
Whichever system you choose, the critical thing is always to take the necessary precautions to avoid an unpleasant surprise the day we need it.
3. Always use a secure Internet Connection.
Public internet connections, such as those in a cafÃĐ or airport, have serious security flaws. If you have a wallet on your computer, perhaps it is better to use your cell phone connection.
Of course, if we can avoid any gadget to send a transaction and wait until we get home, all the better. However, this does not imply that we are completely protected.
4. Use a good, updated Antivirus.
While Windows users are vulnerable to various malware, all operating systems share malicious programs. We must check that the computer has reliable antivirus software installed. Viruses and malware are the gateways to our devices, so scanning before installing the wallet is essential.
5. Do not access suspicious links or web pages.
Curiosity killed the cat, which is why some links and buttons on the Internet look very attractive to click. We must be careful with these, as they can be dangerous. If we feel that something is not right, it is because maybe you are. Don't download pirated movies or watch inappropriate things on the same computer where you have your coins. That's a bad idea.
If you are using an exchange wallet or website, verify that you visit the official URL before entering any data. Some attacks consist of replicating entire websites to make the user believe that he is browsing in the right place. We must also be careful with email scams, such as phishing, which involves sending emails inviting you to click on a link and then stealing your information.
6. Use a very strong password for your online wallet.
Choosing the password is not trivial like entering "123456" or "password," nor should it be your home address or any data anyone can get. That's the first thing an attacker tries. Phone numbers, birth dates, names, favorite movies, that's information you're sure to share freely on your Facebook or Instagram feed.
Look for an alphanumeric combination that makes sense only to you or doesn't, and avidly write it down somewhere safe. Also, try adding special characters to make it even harder. Another thing to consider is not to use the same password for all services.
7. Never reveal your Private Key.
The private key has to be seen by your eyes, and in the worst case by another person, you want to have access to your BTC. It should not be shared with anyone, and do not ask anyone to make a transaction for you. Avoid any proposal to share the private key with a third party, no matter what.
8. Keep a separate wallet for your daily transactions.
If you need to make daily transactions, such as buying coffee or paying for parking, it is best to have a separate wallet where you keep a tiny amount. There is no limit to the number of wallets we can create, so take advantage of that.
It is extra work because we have to send funds continuously from our central purse to the daily bag, but it will pay off.
9. Use Double Authentication factor (2FA).
We talked about this before, and when it comes to exchanging wallets or some mobile ones, it is good to activate this extra authentication measure that is simple but effective.
10. Always check the Bitcoin Address.
When you make a transaction, always pay attention to the address to which you are sending the money.
Malware running in the background can intervene when we copy and paste bitcoin addresses to change the result and send our BTC to another address. If we do not pay attention, we can end up sending the money to someone else.
11. Make backup copies of your Digital Wallet.
A backup copy will allow you to access your wallet if you lose it or your device breaks down. These are files generated by the wallet or seed phrases. Choose a place other than the wallet to store the backup copy securely. In case of theft, we will be able to recover the wallet with this information.
Even if they cannot access the wallet inside the device, we will want to remove the funds from there as a precaution.
12. Encrypt your Wallet.
The wallets that we generate on the computer or a cell phone can create a file to retrieve the wallet, a backup copy as we have already seen. But we must encrypt this file, either with the function offered by the wallet or with an external program.
The idea is that we can only access this file, which contains the private key, with a password. If a hacker gets access to the file, he cannot get to the key's most critical part.
13. Use Multi-Signature (MultiSig).
The concept of a multi-signature wallet is crucial because it allows dividing the responsibility and increasing the protection by needing more than one signature to send a transaction. An example is that the wallet consists of 5 people, but we only need 3 to approve a transaction. So, as long as three people are willing to carry out the transaction, it is sufficient.
Multisig reduces the risk that someone has access to the wallet of one of the people and can control our BTC. It also reduces the risk of loss since if one of the five is lost, there would still be four others who could sign.
14. Update the software you use regularly.
The operating system's software or some tools that we use, as in the browser, always receives updates. The ones we are interested in are the security ones. We should always have everything updated to the latest version to avoid vulnerabilities coming from software that we do not control.
We should also be concerned about updating our wallet software with new features and bug fixes that make it more secure. Try to check if developers release new updates before an attacker discovers them and can take advantage of them.
15. Do not forget your password.
Do not forget your password. Whether you have written it down or written it somewhere (that's why the mental wallet is not the most recommended), you have to have access in the future.
Summary
As the Bitcoin and cryptocurrency industry has grown, so has the interest of attackers in stealing people's money.
Those who are proactive can take steps to protect their digital assets better.
One of the best ways to protect our investment is using a secure wallet such as hardware wallets. However, any cold wallet is always preferable to a warm one.
Security experts advise not to have too many cryptocurrencies in exchange accounts.
Conclusion
In the end, we are responsible for the security of the bitcoins in our wallets. The cryptocurrency industry is evolving, and systems are becoming more and more secure, so we must take advantage of all these improvements in our profits and that of our funds.
Don't forget that if you lose our BTC, there is no way to get them back. There is no support to call to solve the problem. That's why a proactive attitude is vital before anything else.