5 Ways to Keep Your Crypto Safe

Beginner Oct 28, 2020

Security and money go hand in hand, especially when it comes to digital money like Bitcoin. Here at Invity, we've already shared ways to buy crypto safely and tips for protecting yourself from crypto scams. Once you've made your first crypto purchases, keeping your investments safe becomes even more important—and it's an ongoing job. Some of these are evergreen topics that are good to keep in mind for any digital dealings, but they should all be particularly front of mind as Bitcoin prices continue to rise. Luckily, we're here to share five easy tips for how to store Bitcoins and altcoins safely. So read on and rest easy as you continue to buy and exchange crypto with Invity!

Privacy is the best policy

We've said it before but it bears repeating: the first rule of crypto is don't talk about your crypto. Anytime you talk about how much money you have or what form it's in, your funds become a target. Even if you're talking to friends or chatting at a party and the topic comes up, keep things general and try to steer the conversation elsewhere: you never know who might be listening in. But when it comes to posting online, it's a hard no: cybercriminals pay close attention to even the smallest details you post on social media, forums, or anywhere else, and anything you write can stay around forever. Gather enough breadcrumbs, and it's easier than you think for scammers to piece together a good picture of how much crypto you hold and where. Just don't share this info in the first place!

The same is true for all of your personal data. Even simple things like your routines, info your might use to create usernames and passwords, and location data for in shared photos can tell a lot about you. Using a technique known as "social engineering", malicious actors can pull together enough info about you to impersonate you, blackmail you, or other nasty things—often using tools as simple as Google or phishing emails. The bottom line is to be careful what you share about yourself and always be wary of sharing with people and sites you don't know and trust.

Cold wallets keep you secure

The most secure crypto wallet is a cold wallet. You can still keep your coins safe if you're reading this in Texas or the Sahara: cold wallets simply mean wallets that aren't connected to the internet. By keeping your wallet's private key offline, you also keep it out of reach of hackers—not your keys, not your coins, after all. Cold wallets can be very simple: a paper wallet, a piece of paper that you laminate and keep in a safe deposit box, does the job alright.

A Trezor Model T hardware wallet is the best way to keep your crypto safe.
A hardware wallet is the best way to keep your crypto safe. By Trezor.

However, the best offline crypto wallet is a hardware wallet. These gadgets are connected to your computer only when you are making transaction, and they're designed by security companies specifically to keep your coins safe. This means they include lots of features like password protection and multifactor authentication made to the specifications of experts in the field, and the very best hardware wallets even feature touchscreens so your button presses can't be logged by software. The Trezor Model T includes all of these features and many more, so this is the top cryptocurrency wallet in our view; it's truly worth the investment.

Practice password hygiene

You might have read recently about Donald Trump's Twitter account being hacked after a researcher correctly guessed his password. And it's no wonder: "maga2020!" is a really good example of a really bad password. Whether you're the leader of the free world or you're accessing your crypto account, five features go into creating good passwords.

  • Uniqueness: Don't reuse passwords, period. It may be slightly harder to remember, but it's certainly easier than trying to get your data or your money back if stolen. Use a different password for each account you make.
  • Length: Good passwords are long. Many sites recommend 8 characters, but it's good to go up to 16 or more if you can.
  • Hard to guess: Your dog may be cute, but it's name doesn't make for a good password—remember social engineering! Your birthday, "password", or "QWERTY" are also bad ideas. A random string of characters or a nonsense mnemonic device are much better options.
A visual comic by XKCD about good password hygiene.
A fun rundown of what makes a hard-to-guess password. By XKCD.
  • Frequently changed: This is perhaps the biggest challenge for most of us. The truth is that it's hard to be certain that your data hasn't made its way into the wrong hands after a certain amount of time. Updating your passwords regularly means that even if an old password gets out, it won't compromise your security.
  • Private: If you have a sticky note hanging from your monitor, it's time to change your password now. Remember your most vital passwords if you can and don't tell anyone. If you have a lot, a password manager is a more secure way to help (many also help you generate long, unique, hard-to-guess passwords).

For the best security, just remember to treat your passwords like underwear: change them often, keep them private, and never share them with anyone!

Enable multifactor authentication

But if passwords are like underwear, security in general is like dressing for winter: layers are key. The more layers of security you have, the less likely the is that an attacker will be able to breach all of them. There are lots of different types of layers and lots of ways they can be applied, but the most common is two-factor authentication ("2FA"): you'll first input your password and then you'll have to confirm it's you on a separate device. For example, if you're making a crypto purchase through one of Invity's provider's you'll probably have to input a code you receive in a text message, and if you're using a Trezor hardware wallet as recommended above you'll have to press a button on the device. The end of this article by an Invity colleague has an in-depth section on 2FA (as well as other great info on passwords and security in general!).

Trezor multifactor authentication can be used for your wallet and at a number of other sites.
Trezor hardware wallets have 2FA as standard, and you can use your device for added security elsewhere. By Trezor.

Don't keep all your crypto in one place

"Don't put all your eggs in one basket" is excellent advice for digital currencies too. Even if you have perfect passwords, multifactor authentication, and great skill at keeping your crypto holdings secret, there's still a slim chance that someone, somehow may be able to access your crypto. And while crypto is great because you can be your own bank, this also means that you typically don't get the protections from agencies and law enforcement that you would get at, say, a traditional bank—in other words, if your crypto is gone, it's gone for good.

So as your crypto investment grows, it's a good idea to start a few different accounts so that you can't be cleaned out completely all in one go. For example, if you spend crypto frequently, transfer a small amount to a mobile wallet while keeping most of your coins in a hardware wallet. Or if you want to keep growing your investment and hodling, grabbing an extra hardware wallet or two may in fact be a cost-effective way to keep maximum peace of mind. Whatever route you take, always make sure you apply these security principles to each and every account you make!

Great! You've successfully subscribed.
Great! Next, complete checkout for full access.
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.