The golden rules of keeping your bitcoin wallet secure
Everything you need to know about how to keep your cryptocurrency wallet safe.
The BTC.com wallet has just released a new feature that helps users assess the security of their account! For this occasion, we thought to gather the most important account security tips.
- Password (yes, I know you know but…)
The most simple and often overlooked step is choosing your password. Hackers are well aware of typical vulnerabilities: many people use their names, variations of the same password with one letter difference, basic combinations like “asdf”, and replacing letters with numbers. Easy to hack! Be sure to choose a strong and random password with a variety of character types (small, capital, number, and unusual special characters).
Remember to change your password periodically to mitigate the risk of forgetting it and to make it harder for hackers to access your wallet.
Email address
Probably you have been using your main email address for ages and nothing wrong happened so far. However, we advise you to check that you account was not compromised in any past security breach, for example at: https://haveibeenpwned.com/. If you want to play it extra safely, change the password of your email address and set up two-factor (also called as two-step) authentication with e.g. Google Authenticator or Authy.Backup document
When you create a new wallet with BTC.com, you get access to your private keys. During the sign up, you are given a PDF backup document. This document contains a mnemonic, representing an encrypted version of your private key which looks like a lot of strange words (appr. 60 words) and you can find it under “Encrypted recovery secret”. You MUST carefully save these words.
In case you lose access to your wallet e.g. forget your password, you can use this and ONLY this set of words to regain access to your wallet.
Extra tip: We advise you to print the backup PDF in 2 samples and separately lock them up in a safe and secret place which you won’t forget and where the paper can’t be damaged. Once done, delete the email (if you choose to email it to yourself) or delete the file (it you choose direct download/ cloud back up).
- Advanced security settings
Two-factor authentication is a method that creates an extra step to access your account. In practice, it looks like the following: once you’ve typed in your email address and password to start the login process, the wallet asks you to enter a random string of numbers. To enable two-factor authentication, please log in to your web wallet and visit “Settings”. You can set up two-factor authentication with the Google Authenticator or Authy mobile app. Extra tip: We know it starts to get a bit crazy with security to-do’s but we always recommend to back up your two-factor authenticator account, in case you lose your phone. Saves a bunch of stress!
Make use of PIN protection. In the BTC.com wallet we enable PIN protection for the mobile app as default. Make sure to use a random, hard to guess PIN (e.g. not your birth year). You can edit and change your PIN in the mobile app via the “Settings”.
- Good browser habits
To protect your web wallet, we advise you to use a reliable and modern search engine such as Google Chrome and keep the browser updated to the latest version. Be sure to never save your password on your browser and don’t forget to log out after every session.
Nice!