Naughty or Nice? Essential Do’s and Don’ts in the world of crypto security

12 months ago 43

“More than $4 billion worth of bitcoin and altcoins got stolen through all kinds of hacks from exchanges and custodians over Bitcoin’s existence,” stressed Matej, our CEO, during the unveiling of our new products recently.The digital assets industry is...

“More than $4 billion worth of bitcoin and altcoins got stolen through all kinds of hacks from exchanges and custodians over Bitcoin’s existence,” stressed Matej, our CEO, during the unveiling of our new products recently.

The digital assets industry is growing rapidly. As one study puts it, in total, there are over 420 million crypto users worldwide. Yet, many still fall prey to bad security practices.

As millions more begin their crypto journey, it is of utmost importance to understand and implement good security practices. After all, being your bank comes with its responsibilities!

Here’s a list of five good and bad practices. Give it a read, and we’ll leave it to you to decide if you’ve been Naughty ? or Nice ?.

What gets me on the ‘Nice’ list?: 5 essential practices

(You’ve got a Trezor ?) Understanding hardware wallets: Give yourself a pat on the back if you’ve been using a hardware wallet to safeguard your coins and tokens. Hardware wallets are essentially the safest way to own your coins, keep your wallet safe offline, and maintain anonymity. Familiarise yourself with how hardware wallets work (Here’s a 2-minute guide). Knowing why hardware wallets like Trezor are safer will enhance your confidence and help you use your device effectively.Pictured (L-R): Trezor Model One, Trezor Model T, Trezor Safe 3You make it a point to withdraw your coins from exchanges: Don’t let your coins linger on exchanges longer than necessary. Move your assets to your hardware wallet for safer storage. We’ve seen numerous instances of the risks associated with exchanges. Consider the Mt. Gox incident in 2014, where users lost approximately 740,000 bitcoins. Similarly, the unexpected closure of the QuadrigaCX exchange led to a significant loss of customer assets. FTX exchange’s bankruptcy from last year has left many users in financial limbo. Maintain control of your digital assets. Embrace self-custody! While you’re at it, here’s more about self-custody. Trust us, you’ll own the conversation at the dining table this holiday season ?.You do backup your recovery seed: When you set up your Trezor or any other hardware wallet, you’ll be given a recovery seed/recovery phrase (usually 12 or 24 words). A recovery seed provides full access to the associated wallet (the private key is mathematically derived from the seed)?—?this is why you must keep it safe. This is the ultimate backup of your wallet. Make sure to write it down and store it in a safe and secure place. Never store it digitally to avoid hacking risks. Here are alternate ways of storing your backup.You always double-check addresses: Whenever you’re sending crypto, double-check the receiving address. If your device is compromised by malware, the addresses could be swapped. Trezor devices display the address on their screen for this purpose.Use a passphrase: OK. Using a passphrase qualifies you as extra nice. The passphrase feature in Trezor Suite is a method used to increase the security of your assets by creating unique hidden wallets. This helps to protect your accounts from unauthorized access. A passphrase is an additional word added to your recovery phrase, providing extra security. It creates a whole new set of private keys. Be aware that if you forget the passphrase, the assets are lost forever. Know more here.

We’ll add one more here. You always DYOR and don’t FOMO.

Do any of these or all and you’ll be labeled ‘Naughty’

Share your recovery seed: Do this, and there’s no coming back from being naughty. Your recovery seed is sacrosanct. Never share it with anyone, not even with Trezor support or your loved ones. As this is the master key, anyone with access to it can access your data. There are two implications: if you lose your recovery seed, you lose your backup. Moreover, if someone steals your recovery seed, they gain access to all your funds and data, even without needing your Trezor device. Here’s more on that.

While we are at it, avoid storing your recovery phrase digitally. It might be tempting to take a photo of your recovery phrase or store it in a digital document. This exposes you to unnecessary risks. If your device is compromised, hackers could gain access to your recovery phrase.

Using public Wi-Fi for transactions: Public Wi-Fi networks can be insecure. Avoid accessing your wallet or making transactions when connected to public networks.Neglecting physical security: While digital security is vital, never overlook physical security. Keep your Trezor wallet and recovery seed in a secure location.Falling for phishing attempts: Be vigilant about emails or messages asking for your personal information or wallet details. Always verify the source before responding.Don’t care where you buy your hardware wallet from: It matters. At Trezor, we do not recommend buying a Trezor hardware wallet from an unauthorized third party. If your device was purchased from the official Trezor Shop, Amazon storefront, or an authorized reseller, it is most likely safe to use.

(Here are some handy tips that can help you shed the naughty tag when it comes to device safety.)

In summary

Understanding and implementing good practices in crypto security can prevent the most common threats to your digital assets. Stay vigilant, stay up-to-date, and most importantly, stay in control of your cryptocurrencies. If you’re ready to leap into the world of self-custody, Trezor is here to make your journey safe and secure!

Leading up to the 15th of December, we’ve got a special Free Shipping offer on all Trezor products. Check it out now.


Naughty or Nice? Essential Do’s and Don’ts in the world of crypto security was originally published in Trezor Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.


View Entire Post

Read Entire Article