A couple of years ago Bitcoin made quite a stir all across the mainstream media when the price skyrocketed. People that never even heard about blockchain, cryptocurrencies or Bitcoin wallet suddenly started looking into buying some.
That’s when more and more horror stories from people that lost all their assets due to a lost password or stolen keys started to appear in common press, like the Guardian. Though we’ve all been reading such horror stories on Reddit for years before that.
I remember reading this article back then, the guy described in every excruciating detail how he forgot his PIN and tried to get access to his money for almost a year. I clearly remember thinking when I finished reading — “I wouldn’t want to live through something like that”. Yes, investing in a bit of cryptocurrency seems to make sense, but the risk is too high, it’s too easy to lose all my investment. Or is it? Luckily, I have done the research and know precisely how to protect my investments. And today I’m going to share that knowledge with you.
Read on to find out how a BTC wallet works, what are available Bitcoin wallet types, and most importantly — how to secure Bitcoin wallet to get yourself a safe wallet and thus never have to publish your own horror story on Reddit.
Here is a table of contents for your convenience:
- How does a Bitcoin wallet work
- What are the types of cryptocurrency wallets
- How to protect hot cryptocurrency wallet
- How to protect cold cryptocurrency wallet
- Final word
- Read more
How does a Bitcoin wallet work
For the purpose of not making this post as long as the Song of Ice and Fire saga, we assume that you already have an understanding of blockchain, Bitcoin and how it works.
Now, let’s take a look at a cryptocurrency wallet. Unlike a physical purse, it does not actually store any coins. All the cryptocurrency is compiled in the blockchain, which in its turn is accumulated on thousands of node computers across the world.
What the wallet does contain are the Bitcoin address, public key and private key, which combined create a permission for the wallet’s owner to use the coins associated with it.
Every Bitcoin address is unique, there are no two identical addresses. It looks like a string of random characters (both numerical and alphabetical, upper and lower case).
Think about the Bitcoin address as a bank account number. Just like you’d do with a bank account, if you want someone to pay you, you simply give them a wallet receiving address. One bitcoin wallet can have an unlimited number of receiving addresses, generated by the public key assigned to it.
The public and private keys are also strings of random characters.
Every crypto wallet contains a single public key and at least one private. These keys are encrypted and correlated, the public one is used for receiving funds and the private one is used for verifying the ownership and allows you to spend the coins.
Without the pair of keys, you won’t be able to use your coins, you won’t have the permission. So losing a key means losing your assets. That’s why crypto wallet protection is so imperative.
| Read also: The Most Common Ways of Credit Card Fraud
What are the types of cryptocurrency wallets
Just as you won’t keep all your dollars under the mattress (at least I hope so) the safest way to store bitcoin is to not put all these eggs in one basket as well.
All the BTC storage options are divided into two big groups — cold (hardware) and hot (online) wallets. You can’t get by without a hot wallet, one is necessary at least to buy BTC. But storing your keys online is a lot less secure. Hardware storage, on the other hand, can easily be physically lost.
So common sense dictates — use both types. Think of the hot wallet as the cash, it’s easier to access, spend, and steal. While Bitcoin cold storage is better compared to a savings account, it’s harder to access and a lot more secure. And take bitcoin wallet protection very seriously.
Now, let’s look at the available wallet types, their pros and cons, and then we’ll discuss how wallet protection can be implemented for each of them.
Hot cryptocurrency wallets
A hot wallet can be defined as simple as “one that is connected to the Internet”. These are often offered by trading platforms. In other cases, they are provided by middle-man storage suppliers.
With a hot wallet, all the keys are turned over to the platform, this is one of the security issues with bitcoin. Another issue with a virtual wallet — it’s a lot easier to hack into.
Finally, if all your coins are stored with an exchange marketplace you might lose everything very suddenly if it goes down because of government regulation, or a hacker attack, or a technical issue.
So what are the pros and cons of an online BTC wallet?
Almost all hot wallets are free
You do not manage the keys
Susceptible to regulations
Generally, a lot less secure
1. Web wallets / online wallets / cryptocurrency exchanges
As we’ve already established above, web-based is the best bitcoin wallet for those who buy cryptocurrency, regularly trade or generally need it available 24/7 with very little hassle to access it. With a web wallet, there’s no need to install any software, everything is accessible in a browser.
With the increased popularity and demand, the security problems with cryptocurrency have risen tenfold and the crypto exchanges understand this. Most of these platforms offer some protection wallet options. Though a lot of the web-based wallet providers still do not give the user the benefit of managing the private keys, some do. So check if this option is available. Among other protection tools, look for password wallet protection, two-factor authentication (2fa), anti-phishing code, device and withdrawal address management. It’s a great sign if the platform provides all of these security measures.
2. Mobile wallets
These are smartphone apps which use QR codes to run the transactions. This option is perhaps the most convenient one. Especially if you have cryptocurrency transactions daily.
With a mobile wallet, the private key is kept directly on the smartphone. Which, from the point of view of cryptocurrency security, is more reliable. On the other hand, people tend to change their smartphones rather often, and if you forget there was a key stored on your old phone and dispose of it…. Well, you throw away all your crypto too. Another obvious safety issue with this type of storage, as with any other online one, is the vulnerability to malware infection.
3. Desktop wallets & Bitcoin clients
A desktop wallet is a piece of software that is installed locally on a computer. What makes this option a more secure bitcoin wallet is the user’s full access to the keys. A desktop wallet creates a wallet.dat file and stores it locally, the private key is contained in that file. Bitcoin security dictates that this file should be protected with at least a password. Losing the file or forgetting the password will result in losing the funds though.
Bitcoin clients are probably the most interesting software, considering history. A Bitcoin client is the first crypto wallet ever to exist. All the wallets we discussed so far rely on third-party bitcoin services. Bitcoin clients though are what forms the blockchain core. A client downloads the network in its entirety on a node computer and manages the direct communication with the Bitcoin network.
A Bitcoin client has to be continuously synchronized with the whole of the network. Some of these clients require you to download and verify a huge amount of data. So using a client can be quite daunting. One might think this is the most secure bitcoin wallet, considering that every client adheres to the protocols that make it virtually impossible to hack or corrupt the network. But it is as secure as the machine it’s installed on and the keys it holds.
| Read also: 10 Windows Computer Safety Tips
Cold cryptocurrency wallets
This should not come as a surprise by now — a cold wallet is one that has no Internet connection whatsoever. With the biggest vulnerability (being online) eliminated, this type of storage is generally considered the safest cryptocurrency wallet.
These wallets are not as convenient to use on a daily basis as the mobile ones. But a hardware wallet is definitely the best choice if you are looking for a storage to keep your long-time investment safe, especially if it’s a big sum.
What are the pros and cons?
Much more secure than the hot wallets
Can be pricey, a hardware wallet costs averagely about $80
Full control over the keys
Can be physically lost, damaged, stolen
1. Paper wallets
If you print both keys on paper you will get yourself a paper crypto wallet. There are generators which provide the service, many of them provide unhackable options (you can get a generator on a flash drive for example, or even have the keys sent directly to your printer from a USB device) so your keys are never exposed.
If a wallet is safely stored and printed on paper that’s hard to damage, the BTC it holds are rather safe. But there’s a huge drawback — you can not spend the funds partially, you can either send all of it or nothing. For example, to spend 0.5 BTC out of 3 that are stored with a paper wallet you’ll have to send the whole sum to another wallet (web, mobile, desktop, etc), then spend the 0.5 you needed, create a new paper wallet for the remaining 2.5 BTC and return the funds there. Rather a lot of movements, don’t you think?
In any case, a paper wallet is a great way to store big long-time investments.
2. Hardware wallets
When it comes to bitcoin cyber security hardware storage is perhaps the most bulletproof option. These devices generate the keys (both private and public) with a random number generator and stash the keys on the device itself. Hardware wallets do not have any connection to any network, so compromising the keys stored within such a safety wallet is rather hard to do.
A hardware wallet is a lot more convenient than a paper wallet. Yes, it’s not as versatile and easy to access as hot wallets. Yet, it is still better than all the other alternatives considering security-convenience ratio. And some online wallets can be connected to a hardware wallet to let you trade with little hassle.
A hardware wallet is not invincible of course, everything can be stolen or hacked into with enough motivation. But these wallets are pretty close to unbreakable. Especially if you wisely use all the security features, like PINs and recovery phrases.
| Read also: Man In The Middle Attack Prevention And Detection
How to secure hot Bitcoin wallet
1. Keep only a small amount of Bitcoins in your wallet
Just as you won’t carry $1000 in the pocket every day, it’s common sense to store just the BTC you need for everyday use with a hot wallet. Unless, of course, you trade big sums daily.
Cryptocurrency exchanges are not legally obliged to compensate their clients, so if you store your BTC with an exchange make sure to keep there only the sum you are ready to lose in case the marketplace goes down for whatever reason.
2. Use two-factor authentication
You should be using MFA (multi-factor authentication) wherever possible, not only for bitcoin risk related reasons. But in all fairness, this is one of the most solid reasons to start using 2FA.
Every hot wallet described above offers encryption with a user password as a security measure. What 2FA does is add a second tier to that protection. Below I’ve gathered the most convenient ways to employ 2FA for your security wallet, starting with the safest one:
- Protectimus Slim NFC. A physical programmable token Protectimus Slim NFC looks like a bank card and generates random time-sensitive one-time passwords without any connection to the Internet. This is the most bulletproof bitcoin two-factor authentication possible, since intercepting the passcode or infecting the device with malware is impossible. Here’s a guide on how to set up a hot wallet 2FA with Protectimus Slim NFC.
- 2FA app. This way is not as secure as the physical token above. Instead of a device, an app installed on your smartphone generates the second tier passwords. The smartphone is connected to the Internet, so the app is more vulnerable to hacking. But if you prefer 2FA apps to hardware OTP tokens, choose Protectimus Smart, you can additionally protect it with the PIN. And never forget to backup software 2FA tokens.
- SMS. Better than nothing, but this option is the least secure method of 2FA. A second tier password here is delivered via SMS. This creates a plethora of opportunities for criminals, from SMS interception to social engineering scams.
3. Encrypt your Bitcoin wallet
Encryption is a basic security measure, it simply means setting a password (16 characters long preferably) to protect your wallet. Use both upper and lower case letters, numbers and special characters. This method alone will not protect you against a keylogger attack though. But combining it with 2FA will. And never forget the password, Bitcoin wallet recovery is very hard to do.
4. Backup your Bitcoin wallet!
Regular backups of the entire hot wallet are simply necessary. I stress out the entirety of it because a lot of these wallets hold internal private keys hidden, not backing those up might result in a big chunk of the coins lost forever. Keep the wallet.dat file backup in various forms (flash-drive, CD, paper etc.) in different secure locations (a bank vault is a good one). Encrypt the backup for good measure. And backup the password too.
5. Keep your Bitcoin wallet software up to date but turn off auto-updates
Outdated software is one of the most obvious bitcoin security issues. First off — hackers never sleep, second — it’s in the providers’ interests to keep your BTC protected, so they come up with new security measures and eliminate vulnerabilities with each update.
Turning the auto-updates off is advisable though. Just monitor the updates, wait a couple of days after the new one is released and the bugs are fixed, and only then go for updating your soft.
6. Use multi-signature to protect against theft
The multi-signature concept is a rather ingenious theft protection. What it implies is an approval of a transaction from 3-5 people (signatures). This way, even if one wallet of the group is compromised the coins will not be spent that easily.
7. Think about the future
What happens to your crypto if you die or are incapacitated? Is it lost forever? Does anyone except you have access to your wallet? Thinking about these things is not pleasant, but that’s life and you should be prepared. So let your family know how to recover your cryptocurrency in case anything happens to you.
8. A few more security tips
How to secure your bitcoin wallet even more? Constant Vigilance! Here are a few additional security measures you should take to make sure your investment stays yours:
- Use a clean browser. Browser extensions are one of the most common ways to spread malware. So only using a separate browser with no extensions whatsoever to access your web wallet is a great security measure.
- Check for SSL. SSL (Secure Sockets Layer) protocol ensures that all the data sent between a browser and a web server is encrypted. Meaning that all the transactions stay private. A website address has to begin with HTTPS and have a lock sign:
- Don’t use public Wi–Fi. Going online via an unprotected connection with a device that holds a BTC wallet is a very bad idea. And while we are at it – giving the device to anyone you can’t trust is even worse.
- Get a non–public email address. Use it for everything related to your cryptocurrency accounts and protect it with 2FA.
- Beware of phishing scams. Always check if the email addresses and domain names are spelled as they should. Never click on Google ads.
- Check the receiving wallet address before sending BTC. Check it twice or even thrice if you have to. A good practice is to send a very small amount of crypto first, and only after it’s verified send the whole amount.
- Change the wallet regularly. Another good practice is to change the provider every few months.
- Move the funds if your smartphone needs service. If you use an app, do not make the scammers’ lives too easy, move the funds before giving the device for service.
How to secure cold Bitcoin wallet
Safeguarding a cold BTC storage is much more straightforward. Keep it locked in a vault or safe deposit box. If you opt for a paper wallet you can laminate it.
If you chose a hardware wallet make sure to have the recovery code safely stored as well. A recovery code or seed is a passphrase that consists of 24 words. It appears only once, when a hardware wallet is first set up. Never-ever expose this passphrase to the Internet, write it down on paper if you have to. Better yet, have it done in steel on something like this thingy.
Before actually transferring any coins to a hardware wallet practice the wallet recovery with that code. Only after you’ve successfully done that transfer big sums to the device.
And use common sense — don’t buy a hardware wallet from someone other than the official provider.
| Read also: 4 Reasons Two-Factor Authentication Isn’t a Panacea
Well, this turned out to be long. But now you are informed enough on how to protect cryptocurrency wallet to make good investment decisions. Will bitcoin go back up? No-one can say for sure, but you can bet it is a good investment nonetheless. Is bitcoin safe? If you make it safe. The best wallet? A combination of hot and cold storage with every security measure carefully applied.
- The Pros and Cons of Different Two-Factor Authentication Types and Methods
- 10 Steps to Eliminate Digital Security Risks in Fintech Project
- Phishing, Vishing, Smishing, Pharming – What Is the Difference
- Ransomware – to Pay or Not to Pay
- 9 Must-Follow Gmail Security Rules
- 9 Data Protection Tips for Safe Online Shopping
- How Does Brute Force Attack Work