What is cryptocurrency security really? If you have 1,000 USD in paper bills, you have to keep those paper bills safe, right? You can have them in your wallet that you have in a special zipped pocket in your jacket. You should also be careful not to take all of the paper bills out and wave them around in crowded environments. Ideally you should have them somewhere safe and not bring them around with you. So that’s the security measures worth thinking about when it comes to Fiat currency. Oh how we wish that it was easy as that when it came to cryptocurrencies as well… But it’s not. It’s much more difficult.
By reading this guide, you’ll get the cryptocurrency security knowledge you need to be as careful with your cryptocurrencies as you are with your fiat currencies!
General Information on Cryptocurrency Security
To buy or sell any cryptocurrency, you first need a wallet for storing them. There are hundreds of wallets out there. We have listed 130+ wallets (the largest bitcoin wallets, the best altcoin wallet etc.) at cryptowisser.com and to find out which one of those that suits you best, we recommend using our Wallet Comparison Table.
If you have ever been the owner of any cryptocurrency, you have had a wallet. You need to keep Bitcoin in a Bitcoin wallet, Ethereum in an Ethereum wallet and so on.
Some of you might now say:
“But what? I have never had a specific wallet, I just traded on Changelly and had my cryptos there.”
Well, this is because many exchanges have their own wallets for different cryptocurrencies. Without knowing it, when trading at the relevant exchange, you place the different cryptocurrencies you purchase in the Bitcoin wallet or relevant altcoin wallet generated for you by the exchange when you trade. Accordingly, only you have access to these generated wallets through your password you use when logging into the exchange. If you want to increase your security, however, you should store your cryptocurrencies in individual wallets.
What are the wallets, really?
Crypto wallets does not hold anything, unlike a physical one. One interesting way of describing it is that the crypto wallet is like Gmail (with a specific login and a specific password), but without storage of emails. You’re simply accessing the account. Your tokens and transactions are saved on a blockchain, which is distributed across a vast network. The transactions are always there, no matter if you lose your wallet. This is however hardly comforting as you won’t be able to access or do anything with the tokens without your wallet.
Sending and receiving tokens
Every wallet has its own unique address. If you trade on four different exchanges, you will have a different wallet and wallet address for each exchange for each token. The wallet addresses are like different website addresses or URLs. Wallet addresses consist of a very long string of characters, called a hash.
To send tokens between wallets, you will need to first copy the receiving address, and then enter the address into the recipient field when sending. Here comes two important chapters of any investor’s cryptocurrency investment strategy that we would feel bad – in our capacity as your trading cryptocurrency guide – if we didn’t highlight:
It is very important to double-check the address you are sending tokens to, because once you send your coins to an incorrect address, they are unrecoverable.
It is also very important to double-check the amount that you are sending. Bitcoin, for instance, is divisible up to ten millionth of a unit, so it doesn’t take much to erroneously send 0.0047 BTC instead of 0.00047 BTC. Be very careful.
The wallets are also currency specific, meaning that they only allow sending and receiving of their own token. This is very important to understand. In the crypto world, with a few exceptions, you cannot send different coins to different wallets (for instance, you can only send Dogecoins to your Dogechain wallet). The most important exception is the ERC-20 based tokens based on the ERC-20 protocol (generated from the Ethereum blockchain). You can store ERC-20 tokens in the same ERC-20 compatible wallet. For instance, if you have two ERC-20 tokens, “Apple Coin” and “Orange Coin”, you can send them both to an ERC-20 wallet. One of the most popular ERC-20 wallets is the Enjin Wallet.
Different types of Cryptocurrency Wallets
There are many different types of crypto wallets, and here we list most common categories. New wallets pop up almost every day though, some recent examples include Abra, Hodly, Infinito Wallet and Jolt.
Desktop wallets are wallets that the token developers usually create. To find the right desktop wallet for you, we recommend our Wallet Comparison Table.
Mobile wallets are what we call app-based wallets that you download and install on your phone. These solutions are however more common for Android based phones. Examples include the Blockchain mobile wallet for Android. One mobile wallet is Enjin.
As mentioned above, all exchanges offer online wallets, to allow you to send and receive tokens. We highly recommend that you store tokens offline (i.e., outside of the exchange) to reduce the risks of hacks, phishing attempts, and also the collapse of exchanges. While most of the exchanges have solid security protocols in place (see which ones have the highest security score here), there have been disasters like the infamous Mt Gox hack in 2014 where USD 460 million worth of Bitcoin was stolen. A wallet many think is good is the Spectrocoin Wallet and if you are more interested in storing ETH or ERC-20 tokens, have a look at the Enjin Wallet.
Paper wallets are print outs of your wallet’s public and private keys, along with a QR code you can scan. A private key is a sequence of letters and numbers (much like a long password), that you, and ONLY you should know, in order to unlock your wallet and access your tokens. Find the best paper wallet for you in our Wallet Comparison Table.
These are doubtlessly the most secure way to store your tokens. Hardware wallets are completely offline (often referred to as cold storage). They do not support every token out there, so you will need to find out if the tokens you want to store are supported by the hardware wallet. The most popular hardware wallet – that we also think is the best hard wallet – is the Ledger Nano S.
Enable two-factor authentication (2FA)
This is the first thing anyone investing should immediately enable after you register on an exchange, or any location where you store your tokens. Each exchange that calls itself “the best cryptocurrency exchange site” has this option, so enable it! 2FA ensures that even if your login and password is compromised, hackers cannot get into your account unless they also enter a time-sensitive 6 digit code, that only you can access on your phone.
To setup two-factor authentication:
- Download either Google Authenticator or Authy
- Navigate to where you can enable 2FA for your account on the exchange/website
- You should see a QR code, simple scan it with the app, and that’s it.
After that, everytime you login to your account, it will additionally ask you for a 6 digit, time-sensitive code as an extra security, before access to your account is granted.
A common misconception is that you must use Google Authenticator to enable 2FA. This is not true. I personally recommend Authy for managing your 2FA. This is because it can sync with multiple devices. That means that in case you change or lose your phone/device, you can always recover your 2FA codes.
There are also places where 2FA is simply an additional password of your own choosing. Where that’s an alternative, we recommend you use it.
We’re sure it comes as no news to you, but longer passwords are generally speaking safer than shorter passwords. It might be a bit of a hassle to dig it up every time you want to login to trade or check your balances, but if you put that hassle at one side of the scale and the risk of being hacked at the other side, it’s pretty clear to us that it’s worth it.
If you want to facilitate the process without compromising the length of your password, you could also take advantage of secure password managers that helps you generate and remember every login/password for all exchanges you trade on. Two alternatives are 1Password (free for 1 device) and LastPass (free for multiple devices).
Don’t reuse passwords and logins
This goes without saying. If one of your accounts get compromised, it’s not hard to imagine the hacker can easily find your other accounts on various exchanges. So, better safe than sorry, use different passwords everywhere.
In conclusion, there are a number of ways to protect yourself from the dangers of hackers and other malevolent parties. We have listed some of them in this guide. Use our Wallet Comparison Table to find the best altcoin wallet or best Bitcoin wallet for you and stay safe out there!
If you thought this guide was helpful, please also read our guides on How to Get Started with Cryptocurrency, How to Pick the Right Cryptocurrency Exchange and How to Invest in ICOs.