The loss of cryptocurrencies is often avoidable. Statistics show that most losses do not occur because investors are hacked or scammed. Instead, they often become victims of their ignorance and lose access to cryptocurrencies. The best protection against hackers and your own mistakes is a well-thought-out strategy on how to secure your wallet.
Table of contents
With this article, we would like to address the most important points regarding the secure self-custody of cryptocurrencies. We will also show which tools are best suited for securing cryptocurrencies and wallets.
Always use secure passwords
Passwords are a vulnerability in two senses. Hackers like to take advantage of the fact that passwords are too weak and are reused for multiple accounts. At the same time, if you don't use them for a long time or make them too complex, you can quickly forget them.
To prevent these problems, it is recommended to use a password manager. It uses a generator to create random passwords, which should consist of lowercase and uppercase letters as well as numbers and special characters. If you want to be sure about the length of the passwords, create each one with at least 20 characters. A password manager not only creates the passwords but also stores them together with other log-in data.
A software like Bitwardencan be installed on your smartphone, browser, PC, or Mac. A master password gives access to the highly complex and individually designed passwords on all devices. Other alternatives to the software are Dashlane, 1Password, or Enpass.
Create and store backups
Another important aspect is the creation of backups. Many hardware and software wallets use a so-called seed phrase for this purpose. This phrase is usually comprised by either 12 or 24 words, which you should write down and keep safe. If you secure your wallet by saving a file, then you should follow the same rules as with a backup on paper:
- Redundancy: More than one backup copy must be kept safe. Therefore, at least two copies are needed. The wallet that is actively used is not counted, but only the backup copies.
- Offline: You can use cloud storage, but you always run the risk that the wallet will end up being hacked. Only copies that are not permanently connected to the Internet remain protected from this.
- Distribution: If you keep the backup copies in a single place, you run a high risk. A fire, water damage, or burglary can easily endanger the backup. It is better to distribute the copies. However, you should carefully consider where and with whom you store the backup copies.
- Robustness: Great care should also be taken when selecting data media. A seed can be written down in steel with a specific set and is therefore more robust than paper. Data carriers such as USB sticks or CDs also have different qualities that should be taken into account.
In any case, one should make the backup copies immediately if this has not already been done. Around 3.7 million Bitcoin are estimated to be lost and the lion's share would probably be available if those affected had considered their backup strategy more carefully.
Cold Storage and Hot Wallet
Secure storage also involves strict separation from the wallets used. Cold storage is not connected to the PC, or only in a few cases. This wallet is therefore used for the long-term storage of crypto assets that do not need to be kept available at all times.
The second wallet is the so-called hot wallet. Here, all the funds are kept, which one needs to interact with dApps such as Uniswap or OpenSea. They are subject to constant risk from phishing or mistakes by the user. This separation is not for protection, but to minimize risk if the damage is unavoidable.
Ultimately, one bears an uncontrollable residual risk in the DeFi area, but also in crypto trading. Experience shows that even the most cautious users can walk into a trap if only it is set maliciously enough. Prominent cases include the hack of the Bored Ape Yacht Club's social media accounts. Since the phishing attack was spread via official accounts, those who were defrauded had little chance of detecting the scam.
Keep your crypto as a secret
Anyone who invests their money in cryptocurrencies is vulnerable to a certain extent. Therefore, one should maintain secrecy towards strangers or persons whom one does not trust sufficiently. This applies to the type and amount of the investment, as well as backups and passwords.
Thefts and fraud attempts occur in extreme cases among friends or within the family. Opportunity makes thieves, and if cryptocurrencies suddenly turn out to be worth a fortune due to price increases, then the temptation can be great.
You should not inform anyone about your crypto assets where your gut feeling advises against to do so. Even though the decentralized dream of cryptocurrencies is to eliminate any middleman, in practice it is often notaries who have the highest reputation so far. They sometimes not only take seeds under lock and key but also settle the estate.
What can be done if the security concept fails?
In some cases, investors are deceived or affected by a hack. The latter is particularly common in the crypto market in the DeFi sector because these protocols are vulnerable.
But you can also be unlucky in the private sector and be stolen from or being defrauded. Crypto-Tracing follows the trail of lost cryptocurrencies, documents them, and tracks the perpetrators. Together with Dr. Maisch, a lawyer specializing in cyber security, we initiate all necessary steps with law enforcement agencies. Upon request, we will accompany you through all phases of the investigation and the stages of the proceedings that may follow.
Do not hesitate and describe your case to us via the contact form. We will contact you promptly and clarify which steps make sense in your individual case.
FAQ: Securing Cryptocurrencies
Can I keep my cryptocurrencies on exchanges?
It is recommended not to keep your cryptocurrencies permanently on exchanges, as they can be vulnerable to hacks and theft. Transfer your cryptocurrencies to a secure wallet to maintain full control. Consider using a hardware wallet or a cold storage solution that is not connected to the internet to increase security.
How can I stay informed about current security threats?
Stay up to date on current security threats by following official sources, forums, social media, and news portals that regularly publish information about cryptocurrencies and IT security. Twitter, in particular, is recommended as many crypto projects have accounts there, and new security vulnerabilities and events are often reported in real time.
How do I securely store my seed phrase?
Keep your seed phrase in a secure and secret place protected from unauthorized access, such as a safe or a bank safety deposit box. Alternatively, you can divide your seed phrase into multiple puzzle pieces and store them in different locations. However, keep in mind that the loss of a part of the secret could lead to the irreversible loss of your cryptocurrencies. The storage of the seed phrase is never entirely risk-free. Safety deposit boxes may offer the advantage of insurance coverage in case of damage.
How secure is storing cryptocurrencies on decentralized finance platforms (DeFi)?
Decentralized finance platforms can have high risks because the software and smart contracts are usually in an early testing phase. Operators often disclaim liability through disclaimers. Therefore, exercise caution when depositing funds into a DeFi protocol. It is also important to understand that custody still depends directly on the wallet and the respective private key. Without the corresponding wallet, cryptocurrencies cannot be accessed.
How can one protect cryptocurrencies from physical damages such as fires?
It is recommended to create physical backups of your seed phrase and store them in a secure location outside of your residence, such as a bank safety deposit box. Additionally, various manufacturers offer backup mediums made of steel. These allow the seed to be assembled in a plug-in box or engraved directly onto steel, significantly increasing the water and heat resistance of the seed phrase.
Can cryptocurrencies be insured?
Yes, there are companies that offer insurance for cryptocurrencies. However, they only insure a limited number of types of damages and typically target exchanges with their insurance offerings. For example, the Dutch exchange Bitvavo and its customers have insured themselves against losses from hacking. Additionally, it should be considered that such insurance entails significant costs, as well as audits and security requirements imposed by the insurer. Therefore, insurance is generally not an option for individuals.
Can a hardware wallet be hacked?
A hardware wallet can theoretically be hacked, but the security measures built into these devices make it extremely difficult. The use of multiple layers of security and cryptographic techniques significantly hinders unauthorized access. An attacker would require uninterrupted access to the device for hours, if not days.