Tips for Securing Your Cryptocurrency Holding

February 2, 2022 - As cryptocurrency ownership soars, it is becoming increasing important to properly secure your holding of cryptocurrencies. Cryptocurrency wallets do not hold any cryptocurrencies themselves, but instead hold secret private keys. The private keys allow for the wallet owner to demonstrate ownership and perform transactions on the wallet. Hackers will target crypto wallets using devious tactics to obtain the private keys from which they can transfer the funds into wallets control by them.


Learn more about private key leaks and wallets with regard to cryptocurrencies based Zero Friction's recent analysis.

Here are some ways to safeguard your cryptocurrency holding.

  1. Use Online Services with Care - Unlike banks, online services are not required to return your lost cryptocurrencies in case of breaches. Select online services with high security focus and enable multi-factor authentication to access your account. Be careful not to re-use passwords.

  2. Use a Cold Wallet - Cold wallets are only connected to the Internet when you need to authorize a transaction. These wallets are typically hardware wallets such as Ledger Nano S, Nano X, or Trezor (although, they can also be software cold wallets) and they utilize embedded encryption technology to safeguard your private keys. When not in use, maintain the cold wallets into secured storage like safes, deposit boxes, or hidden in places where you can retrieve. The majority of your cryptocurrencies should be stored in cold wallets. Do not travel with your hardware wallet as you are prone to be targeted. Here is a comparison of different hardware wallets. In contrast, hot wallets are wallets on exchanges, your computer or mobile devices where they have a persistent Internet connection. You access hot wallets using your browser, software wallet application or your wallet apps. Use hot wallets for daily uses and maintain only small amounts of cryptocurrency.

  3. Protect Your Seed Words or Seed Phrase - The seed words or seed phrases are the last safeguard to recover a lost or damaged wallet, thus do not treat this lightly. Do not store seed words in email, screenshot, text file, etc. Ensure that the seed words/phrases are legibly and accurately documented in the correct sequence, encrypted if applicable, stored and backed up in multiple secure locations. For electronic storage, store files within encrypted containers. Whatever is the method, don't lose it in the dump.

  4. Use Strong Passwords and Change Regularly - If you use software wallets, you must encrypt the wallet with a strong password. This should be a combination of upper and lower case letters, numbers, and characters of at least 16 characters in length. Make it memorable but not easy to guess from all your public profiles and known details. Change the passwords regularly to further reduce brute-force attempts.

  5. Do Not Use Public Internet - Public internet such as those from coffee shops, airports, malls, and other cannot be trusted. Use only internet use points that you know and trust. Avoid using Wifi hotspots setup at crypto-kiosks as those may be compromised. Check here if you do not believe this is is not possible.

  6. Use Malware/Virus Protection on any Supporting Computing Devices - Ensure that the computing devices where you connect your cold wallet such as your desktop or laptop are trustworthy and secured. This means that the devices are free of malware and persistently monitored by update to date malware protection such as Microsoft Defender. If not, the attackers may intercept and reroute the address on your authorized transactions.

  7. Diversify and Use Multiple Cold Wallets - Don't put all your eggs in a single basket. Maintain multiple wallets and spread your holding across them to further reduce your risk profile.

  8. Phishing Awareness - Phishing either through emails or SMS are ways hackers want to obtain your private keys. Be vigilant of unknown senders or known senders with unusual urgency. Do not click on any unknown links or open attachment unless you are certain the artifacts are legitimate. Maintain active malware protection on your supporting computing devices. Don't trust search results from Google. Hackers have known to setup ads to mimic legitimate sites to trick users to fork over their seed words. Use official sites by typing in the URL address yourself.

  9. Plan for Your Testament - Provide a backup plan to pass hardware wallet along with any backups and documentation to members of the family. Lost testaments are becoming common news.