[Matthew Henry/Unsplash]

Crypto Security: Best Practices

Cryptocurrency presents security issues that normal users of fiat money don’t have to contend with. Unlike your local corporate bank, cryptocurrency doesn’t benefit from steel vaults, self-locking cages, armed guards, or the safety-net of knowing that your bank will cover your losses in the event of a robbery.

A holder of cryptocurrency is wholly responsible for their own assets. Depending on how organised you are, that statement will either relieve you or terrify you. If it terrifies you, it’s with good reason. It’s estimated that just as much cryptocurrency is lost each year due to individual negligence as due to hacking.

Regardless of your disposition, there are several key steps you can take to secure your digital funds, and protect yourself against the malice of others, and the ignorance of your own.

Mnemonic Phrases and Passphrase's

When you open a new crypto wallet you’ll be given a randomly generated string of words (usually between 12–24) that you’ll need to remember. These words represent the key-code of the wallet, and make up the hierarchical deterministic address generator (BIP32/39/44).

The string of words (mnemonic phrase) would be something nonsensical and random, like: “Dogs fish swimmingly underneath soft woodbine sandals without songs targeting arenas…”

Words are used instead of numbers because they are easier for humans to remember, and are friendlier on the eyes.

Once you have your mnemonic phrase, you can create a further mnemonic phrase out of it. So, you’d take the first letters of every word and apply a new word to it.

For the set of random words above, the phrase could become: “Don’t forget Sue Unsworth, she wants some wellingtons sent to Arthur…”

This adds a layer of detachment from your actual password, so that even if someone saw your second mnemonic, they wouldn’t be able to identify how it related to the first one. Of course, you don’t just want to rely on memory…

[Bernard Hermant / Upsplash]

Two-Factor Authentication (2FA)

Two-factor authentication adds another layer of security to whichever application or device you store coins, or data about those coins on. 2FA can be used for email accounts, financial accounts, mobile devices, online wallets, and just about anything else you can think of.

A One-Time-Password (OTP) is generated by an app like Google Authenticator, or Authy, which is tied to seed number, represented by a QR code. Every 30 seconds a new password is generated by the app, and will only be released to you if you scan the correct QR code.

With 2FA, there is a human element involved that no hacker can replicate. The upside is that only the correct QR code, applied to the correct account, will grant access to the password input screen.

The downside is that if you lose your QR code or the device you hold it on you lose access to the accounts you locked them with.

[Markus Spiske / Upsplash]

Backing-Up Passwords/Phrases

Use the internet to your advantage here, and split your key-phrases or codes up into parts and scatter them around in disparate places.

Let’s say you have a 24-word key-phrase that you want to back up, in addition to hidden physical copies that might be written down, and you don’t know which third-party site to trust. Here’s how you could go about it:

1. Divide the phrase/password in two (or more) parts.

2. Encrypt each part of the phrase and store the encryption keys in a password manager (e.g. Last Pass, 1Password).

3. Find four different online storage services which support 2FA (Google Drive, Dropbox etc). Enable 2FA on all accounts and then store those seeds/QR codes in your authentication tool (Authy/Google Authenticator).

4. Now drop each part of your encrypted phrase into two of those storage sites each. Now you have 2 different sets of online backups all hidden from each other.

With this back-up system, all you need to remember is the password to your password manager, and your authentication code.

The upside is that even if your house goes up in flames (god forbid), your data is still safely stored and encrypted online, hidden behind multiple layers of passwords.

The downside is that if you somehow misplace your authenticator code, or lose access to your password manager, then you lose access to your accounts.

[Clem Onojeghuo/Upsplash]

Hardware Wallets

While online wallets and exchanges offer convenience in some areas, the security risk of losing all of your currency is simply too big to take. Hardware wallets give you direct access to your coins and tokens, all from a physical device around the size of a USB stick.

Hardware wallets allow you to store your coins offline, and are protected by their own private key. The benefits of using hardware wallets are obvious — no need to risk keeping your money on an exchange, no possibility of being hacked online, and you can always have it with you, or locked in a physical safe.

If you use a hardware wallet, apply the same 2FA and back-up techniques to its 24-word phrase as you did with your other passwords. This way, if you lose the physical wallet, you’ll still have access to your currency addresses. A new hardware wallet can be programmed with your existing phrase/seed, thus restoring your access to your coins.

Good Old Paper

If you really wanted to leave as little online footprint as possible, you could just do it the old fashioned way. Keeping your addresses and keys on physical paper, possibly in code, perhaps laminated, and in a host of different physical locations, reduces the need for all of the third party sites and applications that come with crypto-security.

Store it in Steel

Many online vendors offer steel plates, shaped like credit cards or dog-tags, which can be engraved with your private key/seed.

This provides a stainless, fireproof, waterproof and shockproof solution to storing your passwords, which can withstand natural disasters and accidents.

Conclusions

The truth is, no one security practice on this list is a complete solution on its own. If you have a hardware wallet, back it up with paper. If you have an online wallet, double its security using 2FA. Regardless of what you choose, be sure to create multiple, secure back-ups of your passwords and seed-keys.

If you take these fairly simple steps, you’ll avoid the pitfalls of negligence which relieve hundreds of users of their cryptocurrency every year.

For all the latest news and updates follow us here: