The Crypto-Trader’s Guide to Online Security

Eugene Tartakovsky
Apr 10, 2017 · 5 min read

Your security habits are the one thing keeping your personal information safe, and are especially important if you are managing your money online. Although it may seem like a lot to set up at first, every crypto investor should take time to learn the best practices he can use to protect himself.

As a crypto trader I feel the need to secure my personal assets. As a software developer, I understand how things work and choose the right tools for the job. But I don’t want to overcomplicate things. The combination of these factors prompts me to write a simple how-to guide on how anyone can secure his assets with minimal effort.

There are four important topics to consider:


What constitutes a password that can’t be easily broken? How can you remember all of your passwords while keeping them secure?

Two-Factor Authentication

What is it? How can help you protect yourself, and how can you avoid pitfalls using it?


What kinds of wallets are out there? Which one is right for you? Is there one you can just use and forget about it?


Can you store your assets on exchanges? Are they protected enough?


For a strong, hard-to-break password, length is key. Use passwords at least 8 characters long — the longer the better. You can use either long sentences in plain English or long randomly generated passwords:

Never use obvious passwords like 12344321 or myun1quepa55word. These are easy to break in minutes.

Never use the same password for different websites. This is incredibly important.

To remember your passwords, use a password manager. While not 100% issue-free, they beat everything else in terms of security/convenience ratio.

Rule of thumb

Two-Factor Authentication

Two-Factor Authentication — or 2FA — is a second layer of protection after a password.

Why would you need that? Because a password can stay the same for a long time, so it’s a good idea to have a second step if your password is ever broken or stolen.

The most optimal kind of 2FA is One-Time Password (OTP). There are others, but most are inconvenient or less safe, so if in doubt, use OTP.

OTP is a short, usually 6-digit number generated every 60 seconds by a mobile app such as Google Authenticator or Authy. You’ll enter this number as a secondary password to verify you are the owner of the account.

The catch with OTP 2FA is that to set it up, you’ll need a seed number, which is usually presented as a QR code you’ll need to scan. Be sure to save the QR code or plain seed number somewhere safe. Otherwise, when you change your phone you wouldn’t be able to access your account anymore and it would be complicated to get your access back.

In this respect, Authy has an advantage over Google Authenticator in that they backup your seeds for you, so you don’t need to do it yourself. The trade off is that you need to trust a 3rd party with one of the layers of your personal protection.

Rule of thumb


All of your crypto assets are stored on a blockchain and accessed via an account. A wallet is a way of storing your private keys to that account.

There are many kinds of wallets available, including:

A blockchain node is the most beneficial for the network, the most flexible and also the most dangerous way of managing your wallet.
Representatives: Mist, Parity, Bitcoin Core, etc.

A light wallet gives you convenience for the price of foregoing control over the node.
Representatives: Jaxx, Myetherwallet, Electrum, etc.

A hardware wallet gives you convenience and security for the price of foregoing control over the node and a little bit of money.
Representatives: Ledger Nano S, Trezor, KeepKey.

Rule of thumb

Use a hardware wallet. My personal favorite is Ledger Nano S, but both Trezor and KeepKey should work just fine.

Backing up a keyphrase

There are many ways to do this and none of them are either completely secure, or simple. My personal approach:

With a setup like that your system will have 2 layers of protection: your 1Password master password and your password for accessing Authy. Those will be the only 2 password you’ll need to remember.


In crypto world, exchanges are a necessary evil. Many of them are not trustworthy. Most of them get hacked semi-regularly and money gets stolen. The rule of thumb is to never store tokens on exchanges unless you absolutely need them for trading (e.g. you have a short term stop loss orders in place).






By following these rules you’ll be able to protect yourself better than most participants in the markets. That will give you enough time to figure out what personal protection rules suit you best.

If you found the article useful, please share it with your fellow traders.

The Santiment team and I want you to have secure crypto-future.

If you’d like to get information on Santiment before it’s news, then join our mailing list.

If you have any questions or need help — feel free to join our Slack and ask us directly. We are here to help.

About Me: I’m Eugene, mobile app developer, software engineer, and crypto-trader. I’m with Santiment to build the future of data-feeds for the crypto-markets!


Insight into the crypto markets.

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store