Tips To Keep Your MetaMask Safe
MetaMask, the decentralised home to your Crypto and NFTs, is an essential part of the ecosystem and more importantly, it’s your key to the Web3 ecosystem. But many people starting don’t care about the safety aspect of it, neither did I, but after getting my MetaMask wallet hacked I learned my lesson the hard way.
Unlike in Web2 space, we don't have a central authority in Web3 to reach out to if a bad actor hacks your funds, you’re all on your own. Your assets become completely your responsibility as you have to look after them yourself. Security in this space should be your number 1 priority starting, here are some tricks to keep your MetaMask wallet safe:-
- Get a hardware wallet- I cannot stress it enough, but the importance of a cold wallet in Web3 is unparalleled. A cold wallet essentially stores your private keys offline as compared to a regular cold wallet, like MetaMask, which stores them on your device. I’ll be going more in-depth about cold wallets in a later blog, but if you want to get one go with Ledger or a Trezor.
- Store your seed phrase offline- When you set up any decentralised wallet, you’re provided with a 12 or 24-word secret recovery phrase, which, as the name suggests, is the way back to get access to your wallet in case you forget your password. The way most people store it is incorrect. Some of the examples include taking a screenshot, mailing/texting it to yourself, copy-pasting it in a word document. You should keep it off of any email or cloud services. All of these storage methods essentially invites hackers to hack into your wallet. Ideally, your secret recovery phrase should never hit the digital world. It should always be written down on a piece of paper which should be kept safe. I think it goes without saying but, you should never give your seed phrase to anyone, no matter what.
- Revoke access from connected sites regularly- Even though you should only connect to trusted sites, but for an avid Web3 explorer like me, you would often have to connect your wallet to different sites let’s say for instance when trying a new Defi protocol or an NFT minting website. You should create a secondary burner wallet when connecting to sketchy websites so that even if your wallet gets hacked, it won’t have all your funds in it. After you’re done using the service, always remember to revoke access to them. Images are attached below for reference.
- Turn on the auto-lock feature- When your MetaMask wallet gets unlocked any of one of the tabs open on your browser see the details of it, even though they cannot interact with it as a connected website could, it may compromise the safety of your wallet. This feature automatically locks your wallet after a set amount of time. Additionally, it also helps if you leave your wallet opened accidentally.
Steps to turn it on are-
Settings > Advanced > Auto-lock timer > Set it to 3/5 minutes
I hope this thread helped you guys! This space is very evil and filled with ba actors, your security depends on you only.
Join Coinmonks Telegram Channel and Youtube Channel learn about crypto trading and investing
