(This page includes affiliate links – my full affiliate disclaimer page is available here)
When someone reads about Bitcoin for the first time, one of the most interesting features that grab their attention has to do with security.
The word “cryptocurrency” refers to the fact that there is something cryptographically protected and this, together with other characteristics, results in a system with security that’s incredibly hard to break.
In fact, the Bitcoin blockchain has never suffered a hacker attack in its more than ten years of existence because it is simply too difficult to hack.
However, millions of dollars in bitcoin – around 4 million BTC – have been lost forever, and a good deal of this money has been stolen.
How is this possible when Bitcoin is supposed to be the safest money in the world?
Well, the problem is that there are other factors, many related to human failures, that can put the security of bitcoins at risk. Furthermore, the imagination, skill, and tactics of cybercriminals are almost limitless.
If you are one of the fortunate holders of bitcoin and have already started to worry or be deeply concerned after reading the previous paragraphs, then no need to worry, because today, insha’Allah (God willing), with this guide on The Best Way to Secure Your Bitcoin, you will learn some best practices in securing your bitcoin.
1. Use an online vault if in doubt
“Not your keys. Not your bitcoin”. These are the famous words of Andreas Antonopoulos.
When we enter the world of Bitcoin, one of the first lessons we are taught is that we absolutely must not keep our bitcoin on custodial centralized exchanges where the exchange is the holder and manager of the private keys to our bitcoin.
Yet many people, especially those who are new to Bitcoin and crypto as a whole, keep their bitcoin on centralized exchanges even after hearing the famous words of Andreas Antonopoulos because, not only is it convenient and easy, but also because many people do not feel confident enough in securing their own bitcoin.
Ultimately, I absolutely believe that you should take your bitcoin off of centralized exchanges and secure it in a wallet of your choice, but I also understand that in the beginning, everything can be so confusing, and even finding a wallet to store your bitcoin may take some time as you need to find a wallet that you feel confident operating as well as fulfills the needs you have.
So what do I recommend? I recommend, that if you are not confident when it comes to self-custody, then see if the exchange has a vault option to store your crypto such as Coinbase.
So what does the Coinbase vault do? Coinbase’s vault protects your bitcoin by storing them offline in what is called, cold-storage, this protects your bitcoin from online hacks.
Another added security feature of their vault is that in order for you to withdraw your bitcoin, an additional approval verification request is needed not only from the primary email address but also from a different email address to execute the withdrawal and once the approval verification is verified, there is a 48 hour wait time before the bitcoin is released, This added layer of security makes it much harder for a hacker to access your bitcoin on the platform.
In addition to increased protection, users are also able to stake other cryptocurrencies in their vault and receive staking rewards.
If you do not have an account with Coinbase, then please feel free to use my Coinbase referral link and you will receive $10 of free bitcoin once you purchase $100 or more of bitcoin.
Keep small amounts for day-to-day use
Normally, you use a physical wallet to carry small amounts of fiat money when you go shopping, but you don’t keep all your money there, right? The same happens with Bitcoin wallets.
Try to make it common practice to use only the amounts you need for your daily operations and keep the rest of your money in the safest place you can find.
Protecting your online wallet
As I mentioned earlier, most users who are just starting in the world of Bitcoin and cryptocurrencies usually begin using online wallets on platforms such as Coinbase or Binance, both for their ease of use and accessibility. These services make life much easier for less expert users, and getting started can take just a few minutes.
Even with this, online wallets are not the safest option as we’ve already mentioned, since any cybercriminal could easily steal your email address, username, and password, using techniques as simple as phishing – and remember that once your private keys are stolen, you lose your Bitcoins forever.
Use a VPN to mask your IP
Constantly using an online wallet service from the same device and through the same internet connection can be dangerous.
This is because on the different websites that operate with cryptocurrencies – be it exchanges or gaming sites – in which you must login with a username and password, your IP address is always registered and associated with your user profile.
Some cybercriminals could spend some time monitoring these logs with the intention of obtaining the IP addresses and carrying out attacks on an individual level. The best thing you can do to prevent this is to mask your IP address using a trusted Virtual Private Network (VPN) service.
I normally would recommend Express VPN, since it is not only a VPN with high-level encryption, but it also works at the highest possible speed in this type of service and has servers in more than 160 locations around the world. However, at this time, whistleblower Edward Snowden recommends that it is better to not use Express VPN.
Use a Secure Email for Your Online Wallet
Now let’s talk about email addresses. Most people use email – mainly GMail, MSN, or Yahoo! – as the primary access key to all their user accounts on the internet, whether it is platforms to work online, payment gateways, crypto exchanges, social networks, etc.
On top of that, most of the time they only use a single email address to access all these services and for communication, sharing that address with many other people.
These practices are a serious mistake since this is like placing the master key to our finances and our entire digital world, on a silver platter for hackers. And not to mention that free email services only use one layer of protection (HTTPS) to ensure the security of communications.
HTTPS is not enough since there may always be an application that requires permission to use our email, with the risks that this entails. The best practice, in this case, is to use a separate email account with high-level encryption, at least for the most sensitive part of the formula: our money.
Currently, there is a whole series of email services on the market that protect your whole email account with zero access encryption and end-to-end encryption for message transmission. Currently, the most popular option on the market is ProtonMail – and it is also free to use. Check out Protonmail here.
Two-Factor Authentication (2FA)
Another excellent recommendation if you use online wallets is to always add a second level of security to traditional access with username and password through the double authentication factor.
This process is used to verify your identity when accessing a web service, and it is already a common option in most of the web services out there. This is something of great importance since today, 99% of passwords are stolen through phishing attacks, no matter how long and complex they may be.
By adding a second layer of security using 2FA, you can prevent someone who has stolen your password from accessing your account, as they would need a second password provided through an alternative route – such as a mobile phone. Many websites allow you to do this by SMS, Google Authenticator, Authy, or by email, so it is basically a free method.
In addition to this, using 2FA is quite simple, since once you have configured and synchronized this option with the online service you are using, after entering the password, the system will ask you for a unique code through the alternative route you have chosen, either SMS, email, Authy, or Google Authenticator.
In this way, if someone steals your password, they won’t be able to move your bitcoin, since they will need that second security code provided by your 2FA app. This system greatly increases the level of general protection.
However, nothing is perfect; remember that this is a software security layer, and a cybercriminal could devise a way to intercept the second security code. Now, at this point comes another recommendation.
Use hardware-based 2FA
Universal Second Factor (U2F) is an open technology developed under the guidelines of the Fast Identity Online Alliance (FIDO) and used in hardware devices to reduce the dependence on passwords in user accounts on the internet.
These are devices similar to a USB key that come in different shapes and sizes and that serve as a second layer of 2FA security.
In this case, the second layer of security is not provided by a code sent to your phone via SMS, email, Authy, or Google Authenticator, but instead, the process is performed internally on the device itself.
The advantage of this is that it’s practically impossible for a cybercriminal to intercept any code since everything is done at the hardware level.
Right now, the most popular device among those available on the market is without a doubt, YubiKey by Yubico.
The best thing about YubiKey is that it’s compatible with a wide variety of online services such as cloud-based systems, password managers, email platforms, social media, game development tools, crypto exchanges, and even offline computers. Check out YubiKey products here.
2. Keep control of your keys
Although this is very basic advice, this is probably the best practice to protect your bitcoin. As we said at the beginning, everything on the internet is liable to be hacked, both by external and internal agents. So it is best to always distrust – you should analyze very well the service and/or storage method you’re going to use before sending your precious cryptocurrencies there.
Keep control of your private keys! Once you move off of custodial wallets move to wallets where you get to hold the private keys
Many of the big bitcoin thefts that have occurred in the past have occurred on sites that are reputable and trusted by users – Binance hack and Liquid hack – so it is best not to keep your funds for too long in the hands of other people.
The best option: Keep your Bitcoins off the network
The following method, although it is somewhat more complex than the others, can add a very large layer of security to your bitcoins. It’s as simple as storing your cryptocurrencies in a place disconnected from the internet. This is what we know as cold storage.
When you use an online wallet, you are authorizing your service provider to “protect” your private keys. This makes your life easier by getting rid of all the technicalities behind such work, but it also makes the service more attractive to cybercriminals.
An offline wallet is the opposite; you have to take care of the tedious technicalities, but in return, you gain full control over your private keys. There are different types of offline wallets:
Software wallets are programs that you can install on your device, be it your PC, smartphone, and even a USB key. These applications store your private keys on the device without the need for an internet connection.
Later, when you need to do a transaction, you must use an internet connection. This process requires a bit more technical knowledge and is a more tedious process, but it also provides a much higher level of security.
An excellent and reputable software wallet is the Electrum Bitcoin wallet.
Hardware wallets are physical devices similar to a USB key or an external hard drive that generate and store pairs of private and public keys. These devices usually come with an application that you must install on your PC or smartphone.
When you need to make a transaction with your cryptocurrencies, you must synchronize your hardware wallet with the application, generally through a wireless connection such as Bluetooth.
The transaction will be signed and approved in the hardware wallet and registered in the application, but the private keys will never leave the wallet.
All this provides a very high level of security, really difficult for any attacker to pass. This is the reason why these devices are so popular with Bitcoin enthusiasts and the crypto world in general, with Ledger, Trezor, and KeepKey being the top three options on the market right now.
Visit the Ledger website here
Visit the Trezor website here
Visit the KeepKey website here
Update your software frequently
The programs that work as wallets to be used on your smartphone or PC can present flaws and security breaches. Cybercriminals can exploit these weak points to access your private keys and steal your cryptocurrencies.
It’s also important to ensure that all the software on your computer or mobile phone is up-to-date and free of malware of any kind. It doesn’t matter if you use a web wallet, as your operating system could be infected or out of date, and even the browser could have a malicious extension that you aren’t aware of.
There are many programs on the web that seem innocuous and that when installed on any of your devices, can activate or update themselves automatically and infect your computer to steal your private keys.
Encrypt your private keys
Cryptocurrency wallet programs typically create your private keys automatically. The problem is that not all wallets follow good practices when carrying out this process, so there is a risk of a security breach.
Once they have been created, these keys are saved on your device in plain text format or in another type of database file, and it’s at this point where the encryption of these files plays an important role.
Some wallets incorporate a process to encrypt the private key with a password or PIN that they ask for when sending money. This means that if someone steals your private keys, they must know that password or PIN in order to access your bitcoins. Whenever possible, the best practice is to use a complex password to encrypt your keys.
Preferably, you should use complex text that is difficult to generate by brute force – a 200 character alphanumeric text with enough weird characters should work quite well.
Make backup copies
If you use some type of offline wallet, it’s always convenient that you make several backup copies, encrypt and store them in a safe place. Then you can save these copies in cloud storage services, USB keys, external hard drives, etc.
This is especially important when you aren’t using a Hierarchical Deterministic (HD) wallet, in which case you’ll need to back up more often than usual.
Having backups is important for all your data and files, but even more so for your money – you don’t want to let what happened to James Howells, who inadvertently threw away a fortune in bitcoins, happen to you.
On the other hand, although periodically backing up your wallet is a very healthy practice to protect your Bitcoins, it can also be very tedious to do everything manually or semi-manually. How about doing it automatically then?
You can do this with Backblaze, a cloud-based backup service that is very well suited to users with little experience thanks to its ease of use.
The service allows continuous and automatic backup of any content you specify, uses high-level encryption to protect backed-up files, and employs various optimization techniques to increase download and upload speeds. All for a small monthly. Check out Backblaze here.
Use multi-signature addresses
This is undoubtedly one of the best security methods to protect your bitcoins due to its low complexity for novice users and the high level of security it provides.
As you already know, in the world of Bitcoin and other cryptocurrencies, there is what is known as a simple address, which has a private key associated with it. This is what gives you ownership of your Bitcoins.
But in the case of multi-signature addresses, several private keys can be associated with each other to sign and validate a transaction.
This means that, if you have your bitcoins associated with a multi-signature address of let’s say, three private keys, in order to make use of your cryptocurrencies, you must have access to these three keys; otherwise, you won’t be able to use your digital currencies.
Best of all, you can configure this as it best suits you, since you can create a multi-signature address with three private keys, but that only requires access to two private keys to authorize a bitcoin transaction.
To give you an example, you can manage one of the keys from your mobile phone, another from your PC, and another from some other device.
This method would force a criminal to have access to all these devices in order to steal your Bitcoins. The problem is that you’ll have to be very careful not to lose your access to such devices…
The solution for this is to create backup copies of the private keys, so if you’ve read the previous two sections, you already know how to do it without complicating your life. Another option is to use hardware wallets that are capable of managing multi-signature addresses. Ledger and Trezor offer multi-signature options.
3. Paper Wallets
A paper wallet is basically key pairs printed on paper in the form of a QR code. These paper wallets can be created on websites such as bitaddress.org and their operation is quite simple; you must scan the public key using a wallet software application and send it to another user when you want to receive some BTC.
In case you want to send bitcoins, you just scan your private key, and so the transaction is signed and approved.
The advantage of this is that being a cold storage method, your bitcoins remain totally offline and safe.
The problem is that this carries with it the risk of using paper: they can be lost, they can be burned, someone could steal it. This means that you’ll need to be extremely careful with this method.
Bitcoin and other cryptocurrencies can be a very lucrative investment. However, you should never lose sight of the security factor, especially if you own large amounts of bitcoin.
Before converting your assets in bitcoin to fiat money, for example, you must make sure that you have taken all the necessary security measures. Only in this case, can you use this cryptocurrency with total peace of mind.
All the tips and technologies already mentioned will help you increase the overall security of your bitcoin. Remember that the more security measures you apply, the more difficult it will be for thieves to access your precious digital assets.
PLEASE KINDLY SHARE THIS ARTICLE IF YOU’VE FOUND BENEFIT IN IT