Cryptocurrency wallets are typically highly secure. It is up to you, however, to use best practices such as storing your private key, seed paragraph, pin and/or password somewhere safe and use 2FA where appropriate.
The same is generally true for other crypto accounts, but there are threats to any third party network where you don’t directly manage your private keys (like an exchange).
In certain cases, a cryptocurrency such as Bitcoin or Ethereum is lost 1. The product of the hacking or going MIA by a third party site, 2. A person who loses his private key, or seed sentence, or 3. A person who sends in the wrong address.
You will prevent this by using non-custodial services or covered custody services by using best practices for copying/pasting / storing your private key, seed phrase, and/or password.
Below we’ll walk you through some of the best practices to protect your crypto wallet and other accounts irrespective of whether you’re using custodial services (you don’t control your private keys) or non-custodial services (you’re managing your private keys).
How to Secure Your Crypto Wallets and Accounts – Basics
Copy and transfer your public key, private key, seed expression, pin and/or password (do not write down by hand) and securely store it somewhere.
If this information is lost you can lose your crypto. If you have this information you will not lose your crypto unless you hack the network on which you hold your crypto.
Here are some more tips:
Don’t share or lose this information.
- Build a copy of your information and archive it at a different location (in the event you lose one computer or lose access to that location).
- use a password system such as LastPass, Google 2FA and a secure offline computer that is secured by passwords.
FACT: An account will rarely have a public key, private key, seed phrase, pin, and password. You only need to record the information relevant to each account.
How to Secure Your Crypto Wallets and Accounts – Advanced
We cover the gist above, that is to copy and store your public key, private key, seed term, pin and/or password somewhere secure. Here’s the more sophisticated version of this:
- Get a password system like LastPass and Google 2FA to help protect your wallets and other crypto accounts.
- Try having one more secure offline devices like the Trezor hardware wallet for cryptos and/or a secure encrypted USB drive that you can protect with your password (such as those wireless USB drives).
- Using “powerful” passwords forever.
- Often use different passwords for each account (this is why a LastPass-like password system is handy).
- Often create new stable offline passwords.
- Copy/paste / generate offline, if possible, all seeds, pins, keys, passwords, etc..
- Whenever you can, use 2FA still. You can only do this in general for custodial services. 2FA is your best defense against hacking your account. Third-party insurer usually against a hack on them, not on you!
- Using different email addresses for different accounts (that way you don’t actually compromise one).
- Unless you have to (this prevents being vulnerable to “sim jacking”) aim to back up your 2FA on another device by capturing the seed sentence with two devices when you set it up. If you lose 2FA, you can contact a custodian’s help to recover your account.
- You’ll get a private key and a public key for the non-custodial wallets. The address you share to obtain crypto is your public key, your private key is like your password to that wallet. Still keep your private key safe somewhere. Ideally, you’re going to keep it offline, e.g. on an encrypted USB, but you can also have it on a password system like LastPass (although it might be less secure).
- If anyone has access to your passwords and your 2FA, you are in trouble. When you have all the security layers, social engineering is more of a hazard than traditional hacking.
- In general, custodial wallets won’t give you access to a private key or seed sentence.
- You may use a seed phrase to restore an account even though you forget a password.
- If you use a custodial service and you forget your password, you might be able to recover your account by contacting help.
- Some wallets can struggle with updates or if they have not been updated, reinstall and re-enter your seed sentence if that happens.
- Having everything in one position can be wise.