Whether you’re using a hot or cold wallet, mobile phone or computer, or a trusted third party (e.g., exchange) to store your crypto, a few general rules apply:
Always avoid installing software or programs from untrusted sources whenever possible. This includes wallets for which you own your own private keys! Some wallets include malicious code that copies your private key, or changes your send/receive addresses to a third party address.
Hackers may spoof your Wi-Fi in order to observe your Internet traffic and glean valuable personal information, including passwords, usernames, private keys, etc. Don’t connect to networks you don’t trust, especially if they’re public. If you must, avoid logging into sites with your password or sensitive information, and/or use a VPN to encrypt your traffic.
For more advanced users, consider buying a separate computer to use purely for crypto management.
It goes without saying, that a file from a sender you don’t know and weren’t expecting is liable to infect your entire device. Download and open files with caution.
A good malware detector can save you thousands down the road. And remember: iOS and OSX systems can be infected too.
For any accounts on exchanges, apps, or other platforms, make sure to protect your passwords.
A Bitcoin investor recently sued AT&T for the theft of $23 million in crypto, a feat made possible only because company employees had been engineered into giving the hackers access to his phone number, allowing them to receive his 2FA confirmation codes. As an alternative, consider app-based 2FA methods, such as Google Authenticator or Authy to avoid taking the risk of relying on someone you don’t know or trust.
Practice good password and private key hygiene. Try not to use the same password across multiple wallets or accounts. That way, if one gets hacked, the others remain secure.
If you are storing your own private key, try to do so on two or three different mediums (e.g., pen and paper, cold wallet, bank safety deposit box, encrypted message).
Note of caution: Because private keys are so important, many people choose to back up their private keys on a device or computer that they use all the time. However, backing up your private key digitally on an Internet-capable device actually increases your risk of being hacked. Try to use a device or medium that isn’t connected to the Internet, is protected from the elements, etc. Consider keeping multiple copies stored in safe locations.
Of course, the most foolproof way is to memorize all sensitive information. As with the Wallfacers in Liu Cixin’s Three-Body Problem, the safest place to store your secrets is within your own mind.
Although we all must take responsibility for keeping our assets secure, not all users have the time or resources to deal with setting up elaborate security measures. Indeed, even large institutional investors are waiting on custodial services to develop and mature before buying crypto.
At Cobo Wallet, safety and security is our first priority since. As a leading custodial wallet solution, our reputation depends on it. We utilize multiple layers of security, including physically distributed and air-gapped servers, bank-standard HSM, user 2FA, multi-signature verification, and “hot”/”cold” wallet isolation mechanisms. Each line of code undergoes repeated security audits before compilation, and we regularly schedule white hat penetration tests in order to spot any potential security flaws.
Regardless of which wallet you decide to use, make sure that you’re taking the right measures to keep your investment safe, for you and your family, well into the future.
August 20, 2019
August 09, 2019
August 08, 2019