How to buy Bitcoin, Wallet Basics and Security — a Guide for Beginners

This article is for people who want to get into it, buy their first Bitcoin, store it safely for long term storage or how to set up a wallet for regular usage. It is a long article and for beginners, mentioning things other sources mostly don’t mention. Detailed articles about recommended wallets will follow.Bitcoin itself is safe to use. But beware! There are many websites which look good and legitimate that are scamming you. You also need to take care of security. It is a long one and for beginners, mentioning things other sources mostly don’t mention. Detailed articles about recommended wallets will follow.

Finding the right exchange and using it securely

Not every exchange and also wallet software can be trusted. There are Bitcoin exchanges which look like you can buy and also sell there but in reality they only take your money and give you no Bitcoin. It also appears that some exchange scams are showing on their website that a Bitcoin buy or sell has been successful, but as soon as you want to withdraw the Bitcoin or your regular currency they do not pay out and contacting the support can end with a long time you waste and still get nothing.
Other exchanges can also operate with selective scams. If you are depositing high amounts, it can happen that you may run into problems if you have chosen an exchange which has a history of doing so.
Another important thing to look out for is if the exchange has a history of getting hacked. Some really get hacked because of bad security and some do “hack themselves” and run with their clients money, but that is just a theory which can not easily be proven and which is going around forums.
There still are safe ways to buy Bitcoin without getting into problems. You won’t find any names here to not give specifics credit or discredit, also since the list is too long.

1 Go to https://bitcoin.org/en/exchanges and find the one for your location. You may want to check out international exchanges first.

2 Type in the exchange’s name in the following website to research for feedback, positive and negative: reddit.com/r/Bitcoin and reddit.com/r/Bitcoinmarkets (click on “limit my search to …”).
Make sure to do different searches for bad and good experiences of people posting in forums. The search bar is always at the sidebar on the right if you visit reddit.com/r/Bitcoin or reddit.com/r/Bitcoinmarkets.
It is also recommended to open a thread and ask others for good and bad experiences which have similarities to your buy or sell usecase. Make sure to mention which currency you use and how you want to deposit and in which country you are.
Beware clicking any links that are not listed on https://bitcoin.org/en/exchanges. Scammers are everywhere, so look before you do something. Do not click on unknown external website links or documents. Beware of scam websites that are already listed here:
https://bitcointalk.org/index.php?topic=1326821.0 and http://www.badbitcoin.org/

3 Register to an exchange and get your account verified first. Most exchanges require personal identity verification with your ID and other documents. Some exchanges require specific documents to get you verified for higher currency deposits and withdrawals. Otherwise you may have the money frozen.

4 If any questions remain, ask the exchange’s support before you send them the money. You may invest some time to buy safely instead of wanting to buy instantly at a different site and run into problems later.

5 Set up account security. It is highly recommended to secure your exchange account before having any funds at all in there. Most exchanges offer 2 factor authentication, where you can use e.g. “authy” as your mobile phone app for. (see the chapter “Setting up your Software Wallet, Seed, Password and 2FA” for more details on 2 factor authentication) Also make sure any email address linked to your exchange account is secured and you did everything you possibly could to not have it hacked. If your exchange is offering the set up of a “master password”, be aware that this can be used by hackers to easily gain full access over your exchange account. Decide on your own which security may be the best for your chosen exchange and your situation. But choose wisely, lost funds are not recoverable and exchanges do not give you back what has been stolen because your account got hacked. Also make sure to have a strong password for your exchange account, with upper- and lowercase letters, numbers and special characters.

6 Deposit your currency and buy Bitcoin. Choose the amount of money you want to invest yourself of what you can lose if the price goes down or you lose access to the Bitcoin.

7 Do never keep your Bitcoin on any exchange, also do not use web wallets. Withdraw your Bitcoin after your purchase! Only keep them in the exchange if you want to actively trade it. Withdraw when you are done. Warning: Trading can also quickly lead to a full loss of your assets.

Using Peer to Peer Exchange Techniques

If you want to skip the centralised exchanges with their risks, you can also buy and sell Bitcoin directly with people. You can use localbitcoins.com (look very close at the reputation of users) or use applications like bitsquare.io. You then have to deal with users buying and selling directly. If you buy or sell when meeting someone you don’t know, you should be careful not getting scammed. You should do the trade in a place where others are too, places that are recommended are those who are monitored by cameras. Do not fall for scam techniques that demand the money and tell you they will need to leave to get their phone to send you the Bitcoin. People with good reputation meeting for a trade come prepared, know how to do it serious and would never behave unserious.
If you meet someone for the first time and want to do a big trade, you can expect the person to take extra security measures and you should too: Don’t come alone and don’t give away your funds blindly. It is required to meet in a place where a scammer would not try to scam and run or walk away with excuses, knowing it could cause a huge scene and he ends up busted. You will find a place. But be careful.

Wallets

Never store your Bitcoin on any website at all or trust any third party with your Bitcoin. History has shown that his leads to loss of funds if you are unlucky, incredible amounts of Bitcoin have been stolen because people kept it in their exchange’s wallet or in a non exchange web wallet.
Think about what kind of wallet fits you the best: A hardware wallet or a software wallet. Hardware wallets are known to be more secure according to user reports. If you like it simple, you may want to look at the “trezor” hardware wallet, made by SatoshiLabs. Available at: https://trezor.io/.
Software wallets can lead to your Bitcoin wallet getting hacked and the funds stolen if your computer is infected. This can happen quick and needs to use your computer very secure and browse safely, not trusting all unknown files, links and websites.

Choosing the right wallet

If you think you can keep your computer safe and avoid future infections with any kind of malware, viruses and trojans then you can choose from any of these trusted Bitcoin wallets listed at: https://bitcoin.org/en/choose-your-wallet. If you go and google a wallet by it’s name or to select a random one for trying it out, chances are very high you end up with a wallet that steals your funds. There are wallets out there made for stealing funds, they may look legitimate, some are even direct clones of the original trusted wallet versions. Scammers developing this are using similar looking website addresses and also paid Google ads to fool you and only notice it when it’s too late.
So be careful.

Setting up your Software Wallet, Seed, Password and 2FA

Some wallets require lots of time until they can be used because they may download the whole blockchain to your hard drive, such as Bitcoin Core. This is a trusted wallet and in fact the most secure one. You install it and let it “sync” (downloading the whole blockchain history). This can take anywhere from a day to more, it depends on your computer and broadband connection. Be aware that it loads over 100 GB of blockchain data.
If it’s done, you have the most trusted way to use the blockchain because you have all transactions ever made on your computer, have them verified with the network and will download the latest transaction blocks automatically.
You can also choose Electrum, which has other features and is faster since it does not need to download the whole blockchain history.

Every wallet has different settings you need to go through to set it up before usage. The most important parts are: If your wallet let’s you set up a password (for having access to the wallet) or a “seed” (several words which restores the whole wallet) you need to write this down and store this safely so that you can always access it in the future. Store it safe against theft, fire and water. If you lose your password, seed or both (depending on the wallet) you lose full access to your Bitcoin, it can never be “cracked” or restored. If you use a hardware device like a phone for 2 factor authentification: Choose the right 2 factor authentication app which let’s you recover all of your settings if your phone breaks. Phone number, 2 factor auth app pin, email address. it depends on the app. Authy is recommended since you can restore it if anything get’s broken or lost, also make sure to write down your restore informations of your 2 factor authentification too, store it safe and make sure you have always access to it. If you linked it to a phone number, make sure you keep update the number in the app if it changes. 2 factor authentification apps are very hard to restore if you lose all restore data. You will find an article on all possible ways to restore it in a worst case another day. You will also find highly detailed articles for recommended each software wallet here too, but it will take time to write this.

Before you do send your Bitcoin to any wallet address, read the everything following.

The most important parts of any wallet: Your keys

Your public address for receiving money
If you have set up your first wallet configuration, you will find your personal “public address” for receiving Bitcoin in either the main menu or a tab called “addresses”. Some wallets generate many addresses for you.
Addresses are like your bank account numbers, just longer.
You can copy the public address and use it for receiving but remember it is case sensitive. One wrong letter or number results in your Bitcoin send to a different address that no one has control over. Always check what you type or copy pasted into somewhere before you initiate a receiving process. A mistake can not be undone, there is no way to “crack” or “hack” it back!
Generating an address is a random process the wallet does for you.
A generated address is unique. You would need millions of years, all power of the universe and also lots of luck to generate an address that another person has generated too. This is called a “collision” by the way and if you find out how to produce collisions you can consider being the person who broke an important cryptographic part that is used in Bitcoin.
If you send Bitcoin to a random address (a little typing mistake is enough) it is gone and can not be moved away by no one. This has happened very often and is called “burning coins”. It’s like you write down your “private key” (see chapter below) which is linked to your address where Bitcoin are sitting in on a piece of paper, delete the wallet software files forever, and then burn the piece of paper — you then have burned your Bitcoin too, but in a different way: You had access to the address before you took away the access to it yourself.

Your private key to move your Bitcoin to a different address
Your Bitcoin that are in your public address can moved with your “private key”. An address is always linked to a private key and these pairs are always unique.
You should handle the private key like it says: private. Show it to no one and do never expose it to any online computer if not needed. Also don’t write it down in a textfile on a computer, not even encrypted and never enter it into any kind of software you do not knowingly trust or any website. Exposing your private key in general to a computer, if not needed, is a high risk. You do not know if you have any yet undetected virus or similar on your computer which has been deployed to wait until a privatekey has been typed in, no matter in which window, software. Typing it out is enough on your operating system to expose it.

It is recommended to get your privatekey before you receive any Bitcoin. If your wallet data or your computer hard drive breaks you can easily recover Bitcoin with the private key with any wallet supporting the import of privatekeys, which the most do. The private key is the universal key in Bitcoin to move your coins. Since it should be kept private and stored securely you should be aware that also any hacker can steal your Bitcoin in less than 1 second if he knows your privatekey.
If you have Bitcoin stored somewhere and have no private key, you effectively don’t have access to them. If you backup a software wallet file and the software doesn’t work in the future, you will regret not taking the few minutes to write down the private key.
The private key is case sensitive too. One mistake will result in a not working key. And there is no way to undo this mistake. Even if you have written down your address too and without any mistakes, you can not use it to move your Bitcoin.
A software wallet usually encrypts and hides your private key with a password, if you have set one up. Getting your privatekey depends on the wallet, you might need to research “How to get privatekey of walletname” to find out or wait until the according articles are published here.

Security rules for wallet usage and the device holding your keys

Do not use an address twice. Only if the system and the wallet you are using can be considered really safe. If you send Bitcoin to an address of yours after you took all security steps, then infect your operating system and spend a part of the Bitcoin that an address holds, you may have bad luck and the infection will steal the rest of your funds or all of it before you can send out your transaction. This is because there is malware written specifically for every wallet software, designed to steal and they are faster than you can click the send button. So keep your system clean and do not reuse the same address twice if possible. If your machine got infected and you cleaned it before you exposed a private key or unlocked your wallet, the infection most likely won’t do anything. If your scanner detects it, it already has lost. If you got infected and did not clean up before you exposed a private key or unlocked your wallet, your Bitcoin can be stolen.

To do your best preventing infections of all kinds you should:

1 Never click anything you do not trust on the internet, don’t try to visit random links. Especially in all areas that have to do with Bitcoin.

2Never download anything where you don’t know if it’s trusted. If you have to download something where you don’t know the source, do it on a different computer and try to not have it connected to the same network if you use a software wallet.

3 Have your browser set up with ad, flash and script blocking extensions. If you get infected, clean right away. You can still get infected with alternative ways by websites that have been created only to spread malware.

If you have funds you can not afford to lose in a software wallet and want to send these away securely because you think you got infected with something, you may send the Bitcoin away by using a secure phone or a clean computer to execute a transaction. There are more ways but these go technically deeper, require more time and knowledge.

Using a hardware wallet

If you are using a trusted hardware wallet, you don’t really have to worry about security much. As long as the process of sending a transaction with that wallet is secure. The important thing with hardware wallets is: These can break too and all data is lost. For that you need to backup (not digitally) all offered methods of the wallet. Some offer a seed for restoring it, some offer the privatekey. Do not use a hardware wallet without backing up the restore credentials first. It is recommended to have a second device of your chosen hardware wallet type nearby to restore it quick if you need to. You never know when you want to sell the Bitcoin or want to spend them.
If you receive your hardware wallet you should verify that it has not been tampered on the way to you. This is a regular process since it has happened before where people had their shipments opened and had security seals removed by authorities. This should trigger warnings in general since you want to use a product for financial transactions.
If your hardware wallet does not support verifying that is has not been tampered, has no open source and no developers that are trusted, you may consider staying away from it. There have been cases where wallet generation processes have been manipulated and no one knew it until the developer decided to empty one wallet after another himself. As you may now have noticed, lots of people know Bitcoin’s value and the price shows it really has to be secured.

This article should be taken as an informational recommendation article. The author can not be held responsible for any financial or technical damages that may result. Use with caution and educate yourself on security. This article also represents no advice on investment or trading. Bitcoin has a highly volatile price, you can lose your invested funds fast. And also you can lose your Bitcoin balance based on security affecting things with your system, network and devices since this article can not cover everything of every users different system settings, browsing behaviour, installed 3rd party software and more. Take care of security and be sure that Bitcoin still is in an experimental phase where things can go wrong and software or hardware is not perfect. And remember to have fun experimenting around with Bitcoin and to not experiment with what you can not afford to lose.