In our previous post, we discussed how to buy cryptocurrency with INR using UPI/ IMPS. This is the third post in our Crypto Basics series and here we will discuss how to keep our cryptocurrency safe.
Why do you need to keep your crypto safe? 🔐
You can never be too confident about the security of your digital assets. Cryptocurrency is a new phenomenon, introduced in the year 2009. Many cryptocurrency HODLers/ traders have lost their hard earned money to hacks/ theft. Some of them fell prey to the Mt.Gox hack and lost a considerable amount of digital assets. Cryptocurrencies are not regulated in most countries. Users do not have the choice of seeking refuge in consumer courts in case of loss/theft.
Remember, CoinDCX ensures safety of your digital assets stored on the exchange. The security of digital assets is a shared responsibility of the user and the exchange.
To ensure the safety of your crypto assets, read this post till the end.
What is cryptocurrency?
Cryptocurrency is a store of value 💰 for investors like Fiat currency (Money).
How to keep cryptocurrency secure?
In the 18th century, Royal families and wealthy businessmen stored their money in vaults and safes buried underground. They stationed trusted guards for the protection of these safes.
Can we secure our cryptocurrency in a similar manner?
You can store confidential information like - API and private keys in a decentralised wallet.
Note that unlike fiat currencies, cryptocurrencies are a digital currency. The only way to access them is an alphanumeric string called the private key.
In the crypto world, wallets are vaults and the guard is encryption.
What are public and private keys ? 🔑🔓
We will use a real world situation to understand the concept of public and private keys.
Let's consider the bank account that you use for regular transactions.
For receiving funds in your bank account, you share your account details with them. Anyone with your account details can deposit funds to your account. They cannot withdraw funds from your bank account. Withdrawing the deposited fund requires a PIN/ password that only you have access to.
An individual with access to your PIN/ password can withdraw funds from your bank account.
In the crypto world, this PIN is your Private Key and your account number is the Public Key. Your public key is the address that others would use to send crypto to your wallet. And your private key is the address that you use to send crypto to other wallets from your wallet.
Remember, any individual with access to your Private Key can withdraw funds from your wallet. Loss of your Private Key would result in loss/ theft of your digital assets.
It is advisable to use at least two different ways to store your private keys.
We will discuss detailed steps for keeping cryptocurrencies secure later in this post.
First, let's understand the two ways of storing cryptocurrencies - Hot Storage and Cold Storage.
Hot Storage 🔥
Hot Storage is akin to the wallets you carry when you go shopping or when you pay your bills.
In the crypto world, a connection to the internet makes a wallet hot.
You can transfer cryptocurrencies from a hot wallet to any address. You can also use crypto from that wallet to trade on an exchange.
Examples of hot wallets are mobile wallets, exchange wallets and desktop clients.
It is convenient to store cryptocurrency in hot wallets, but that makes them more susceptible to theft and hacks.
We recommend users to follow simple steps to backup digital assets stored in hot wallets and avoid losing funds.
Cold Storage ❄️
A cryptocurrency wallet that is offline/ not connected to the internet is a cold wallet.
It is the most secure way of storing confidential information.
Cryptocurrency exchanges across the world store their cryptocurrency funds in a Cold Wallet.
Examples of Cold Wallets would be paper wallet and hardware wallets.
Now that you understand the basics of cryptocurrency security, let's discuss the different ways of storing it.
Using pen and paper! 📝
Once lost, it is impossible to recover your private key.
The safest way to secure your cryptocurrency is to write down your passwords, security phrases and private keys on a piece of paper.
There are obvious risks associated with having sensitive information written down on a piece of paper. Ensure that the paper is secure and store it in a safe environment.
Using Paper wallets 🖨
A paper wallet is a cold wallet.
For creating a paper wallet, you print out your public and private key.
The keys are QR codes for scanning when you need to access them.
In case of a hardware wallet, there may be a situation of malfunction but in a paper wallet, there is no such risk. All you need to do is keep your paper wallet locked away in a safe.
Store your crypto tokens on decentralised hardware wallets 🔒
Most cryptocurrencies are decentralised, encrypted and secure by design. But storing them on cryptocurrency exchanges makes them susceptible to loss/ theft.
Cryptocurrency exchanges have centralised wallets that are targets for hackers.
If you are not a day trader, we recommend you to store your cryptocurrencies in decentralised online wallets.
If you are HODLing a huge portfolio of digital assets, use hardware wallets
In a hardware wallet, your confidential information is stored inside an isolated environment and locked by a PIN code.
The ease of use is another factor for considering a hardware wallet over a digital wallet.
Hardware wallets generate their own private key (that even you don’t see) and store it right on the device. They have additional layers of security such as 2FA (Two Factor Authentication) and smaller screens.
A hardware wallet connects to your device and the internet. It allows you to manage your digital assets. Once you disconnect the wallet from the internet, you can store it in a safe environment. This makes your private keys and confidential information secure from hackers on the internet.
We'll discuss further details like setting up your first hardware wallet in our next post.
Use different passwords for different accounts
We have identified a few best practices for storing passwords and we are sharing them here.
- Use a different password for every account - This is the best way to mitigate risk in the event of a hack. If a hacker gains access to one of your passwords, your other accounts are still secure. This exposes your digital assets to minimal risk.
- Use a combination of letters and numbers - An alphanumeric string and symbols are tougher to guess than your pet's name or your mother's maiden name!
- Longer passwords are tougher to hack - Make it a point to set passwords with a length of 15-20 characters to make it difficult to guess.
- Do not store passwords on browsers - This one is a no brainer. Chrome may prompt you to save the password to everything. The quickest way someone would steal your password is by accessing your devices and your browser. We recommend you to store passwords using a password manager or offline using a pen and paper.
Avoid phishing links and sites 🔍
Websites of leading cryptocurrency exchanges like Binance have prompts on their website. These prompts ask users to confirm the website address that they have accessed. This eliminates the possibility of phishing.
When you type website addresses or click on ads displayed on running a Google search, you may fall prey to phishing.
Users that fall prey to phishing sites lose confidential info like login data. This may lead to a complete wipeout of the digital assets stored in that account.
It is quite common for new cryptocurrency traders to experience such an attack.
We recommend users to bookmark the sites of the cryptocurrency exchanges or wallet services that they access for their trading activities. This safeguards them from the possibility of falling prey to a phishing scam.
We will discuss steps to set up a paper wallet, a mobile wallet, a desktop client and a hardware wallet in our next post.
Follow our official channels for more such articles, news and updates.
🔥 Facebook: https://www.facebook.com/coindcx/
🔥 Twitter: https://twitter.com/coindcx
🔥 Telegram: https://t.me/coindcx/
🔥 Support Ticket: https://coindcx.freshdesk.com/support/tickets/new