With the ongoing boom in the prices of major cryptocurrencies, security incidents involving them are also on the rise. Many folks are testing the waters and blindly investing in cryptocurrencies without understanding the full spectrum of risks associated with these intangible digital currencies. As a cryptocurrency miner and aficionado, I’d like to ensure that the folks reading this blog post, at least, won’t fall victim to the numerous ways by which a novice cryptocurrency investor might be separated from their investment.
Most novice investors end up storing their purchased cryptocurrency directly on the exchange they purchased it from, which is not a bad plan, assuming certain precautions are taken.
It might go without saying, but only ever do business with well-known, government regulated exchanges, lest you end up being duped by an exchange that just disappears overnight. The former customers of the (in)famous Mt. Gox exchange learned this lesson the hard way back in 2014 when the exchange filed for bankruptcy and left their customers with no access to either the money or the cryptocurrency those users had stored on the exchange. To this day, many Mt. Gox users haven’t received a single cent of the money they lost when the company declared bankruptcy, despite the almost 7 years which have passed. If you’re a US Citizen and looking for a recommendation on who to trust, I personally do business with Bittrex and Kraken for my cryptocurrency exchange needs.
Assuming you’ve decided to do business with a reputable exchange and want to trust the exchange to store your cryptocurrency, you must treat access to that exchange account just like you’d treat access to a bank account. Use a unique password to access your account, ensure Multi-Factor Authentication (MFA) is enabled on your account, ensure your MFA credentials are required for all withdrawal actions, and ensure you enable login notification emails. Login notification emails can seem like a superfluous step, but getting notified of a suspicious login can be the deciding factor in whether you are able to respond fast enough to a security breach to protect your money and cryptocurrencies or not.
If you want to avoid relying on an exchange to safeguard your purchased cryptocurrencies, you can also choose to hold these cryptocurrencies on a wallet that only you control. This avenue isn’t as simple as the leather wallet you might have in your back pocket; it comes with a number of caveats all its own.
First and foremost, when you create your own wallet, you’ll be presented with a wallet recovery key or phrase. It is absolutely crucial that you store this key somewhere secure, as it is the only way by which you’ll be able to recover access to your digital cryptocurrency wallet if such access is lost, as in the case of a hardware failure. This key can be thought of as a digital key to a digital lock; anyone who possesses this key can unlock your wallet, send transactions from said wallet, and sign messages with your wallet (a method of communication in which you can prove ownership of a digital wallet). It bears repeating; keep track of your wallet recovery phrase and treat it similarly as you would to any other critical document.
If you want to have your own wallet without worrying too much about the software side of things and want the most secure solution possible, you might want to look into a hardware wallet like the Trezor. This wallet uses many of the same principles as many of the popular software wallets, with the notable caveat that these operations happen directly on the Trezor device, meaning that you are significantly less likely to have your coins stolen as a result of a computer infected with malware designed specifically to steal your coins. Additionally, these devices implement encryption of the data stored on each device via the use of a PIN, with logarithmically increasing timeouts between attempts. In layman’s terms, that means 30 incorrect PIN attempts will take about 17 years!
However you chose to keep your cryptocurrencies, just make sure you’re taking the appropriate steps to keep them as safe as possible from those would would seek to separate you from them.
Stay safe out there!
— cdchris12