With Bitcoin (BTC), you are your own bank.
This is liberating for many, as you can make payments without permission. But it also means you are responsible for keeping your funds safe. If you misplace your funds or they’re stolen, then you’re screwed. There’s no support helpline you can ring up to sort it all out. With Bitcoin (BTC), there are no second chances.
Because of this, it’s important that you take some simple precautions.
In this post, I’ve compiled 6 ways to help you avoid losing access to your funds and protect your Bitcoin (BTC) from thieves. (This is a follow-up to my previous post about the steps you can take to secure your computer.)
1. Unless you’re actively trading cryptocurrencies, do NOT hold your funds on an exchange
Although you might find it more convenient, you shouldn’t leave your cryptocurrency on an exchange like Coinbase Pro, Binance, Kraken, or wherever else.
Centralised exchanges are attractive targets for attackers and there is a LONG list of exchange compromises that have occurred over the years. The Mt. Gox hack is the most famous of these, but exchanges continue to be hit in the present day.
If you are actively trading cryptocurrencies, consider spreading your trades across the best cryptocurrency exchanges to reduce the impact of any single exchange being compromised.
Withdraw cryptocurrency you’re not intending to trade with into cold storage (see below).
2. Keep the majority of your cryptocurrency in cold storage
Although you might like to keep some of your cryptocurrency in an easily accessible web, mobile, or desktop wallet (i.e. a ‘hot wallet’), you should consider keeping the majority of your funds in a ‘cold wallet’. This means creating a paper wallet or using a hardware wallet like the Ledger Nano S or Trezor.
Hardware wallets are probably less secure than a paper wallet. However, properly creating a paper wallet can be a little much for beginners. There are a few ‘traps’ you can fall into, which can mess everything up too.
Hardware wallets are well-recommended in the community for this reason, as they are affordable and easy-to-use straight out of the box.
I’ve reviewed all of the most popular hardware wallets on the market. Check out my list of the best hardware wallets for an up-to-date view of your best options.
3. Securely store your private keys (or 24-word seed)
- NOT store your key or seed on a digital device (which will ever be connected to the Internet). Write it down on paper, use something like Cryptosteel / BlockPlate, or punch it into a slab of metal (see here and here)
- If you’re using paper, store it in a ziplock bag inside something like this.
- Have at least two backups of your key or seed. Ideally, you want each copy to be recorded from the source – not another copy. This prevents the chance that you’ll replicate a bad copy of your seed.
- Split your key or seed into multiple parts. Although not necessary, this is an extra precaution you can take against the possibility that you’re robbed. The Winklevoss twins do exactly this.
- Keep at least one backup off-site (i.e. outside your primary residence). This one’s a little awkward, as not everyone will have someone they can trust with such sensitive information.
- NEVER enter your seed into any website or let anyone see it.
Some wallets, like the Ledger Nano S, also have hidden wallets.
This is a plausible deniability feature which can help prevent a devastating wrench attack. You’ll want to make sure you’re VERY comfortable with these features before using them. In other words, test them out extensively.
These steps are a little inconvenient. At least for me, it’s worth the effort for the peace of mind against robbery, fire, flood, or other unfortunate circumstances.
I talk about this in my Ledger Nano S review, so check that out if you’re interested.
4. Check bitcoin addresses BEFORE sending or requesting funds
If your computer is unknowingly infected, then it’s possible that Bitcoin addresses could be changed when you paste them from the clipboard.
Unless you double-check the address before confirming the transaction, you could send your hard-earned crypto to a wallet controlled by an attacker.
Kaspersky Labs reported that (as of 31st October 2017), a virus that did this (named ‘CryptoShuffler’) had stolen over 23 BTC.
Check out my previous post for some basics steps you can take to secure your devices.
5. Don’t be a blabbermouth
It’s fine to be enthusiastic about cryptocurrencies online or in real life, but you should never disclose how much you’re holding.
Even if you trust friends or family enough to reveal this, they might not appreciate the sensitivity of the information and blabber to someone else. It’s easier to just keep it tight-lipped.
Given that Bitcoin (BTC) is NOT anonymous (just pseudo-anonymous), you should also be conscious of leaving a digital trail which could lead attackers to the balance of your primary wallet.
If this is something you’re concerned about, check out these posts:
Alternatively, find the best place to buy Monero (XMR) in the UK. It’s a privacy-focused cryptocurrency which I’m quite a big fan of.
6. Make death preparations
Regardless of how much we distract ourselves from this truth, we are all mortal and each has an expiry date.
It’s convenient to ignore this step, but it is critical if you want these funds to be accessible to others in the case of your unexpected death.
The easiest solution is to ask yourself: who would I want these funds to pass along to?
Once you’re certain of this, have a 1-to-1 conversation with those parties. This removes any trail which might lead an attacker straight to your funds (i.e. where your private keys are stored). It’s prudent to make a will too.
Like this post?
If you liked this post, make sure that you share it with others who it might help.
If you have any questions, comment below and let me know. I’ll respond ASAP.
2 thoughts on “How to Protect Your Bitcoin & Cryptocurrency”
Hi, please can you provide a step by step guide to store tokens on a Trezor One?
Thanks for commenting, Jonty!
I don’t have anything on my site about this, but I’ll put it on my to-do list.
I’ve previously used MyEtherWallet and MyCrypto to access my Ethereum (ETH) wallet and receive/send ERC-20 tokens on the Trezor One. Check out this guide for MyEtherWallet and this one for MyCrypto.
If you want to use something else, then check out this list of compatible apps for the Trezor One and Trezor Model T.