Here’s part 5 of my thoughts and what I have learned after 3 years in the crypto space. Today’s topic is a very important one which often gets overlooked, especially by newcomers. Today’s topic is keeping yourself and your crypto safe.Being able to be your own bank is amazing, but banks were created for a reason - to store wealth somewhere safe because it is risky to store it in your home.How many people in the crypto space are also vocal proponents of freedom, decentralisation and self-sovereignty? There’s no doubt that crypto attracts people with these types of values or quickly instills these sorts of values into many of its users. Being your own bank is a nice thought for many who value freedom and self-sovereignty but it is a double edged sword. The trade-off for this which is very often overlooked is that by having a presence on crypto social media platforms and telling the world about this amazing self-sovereign asset you own, you’re also announcing to any malicious actors “Hello, I store lot’s of money in my house, come put a gun to my head and rob me!”. While I am exaggerating here, there are stories of people who fall victim to the $5 wrench attack and there are community members here such as the man, the myth, the mod u/jtnichol who has been targeted by hackers who are after his crypto.So what can you do to reduce the size of the target on your back?Tip 1: Never disclose the amount of crypto you hold. Ever. Don’t even suggest a ball park figure or brag about being able to run multiple ETH staking nodes when phase 0 goes live. Put yourself in the attacker’s shoes. Would you rather attack someone who has openly stated he owns upwards of $100,000 of crypto or someone who you think has more but you can’t be sure? Very few criminals who spend time online to carefully pick a target to rob would break into someone’s home and put a gun to someones head risking life in prison for an unknown reward. The last thing they want is to spend life in prison after trying to rob someone of their 0.1 BTC or 3 ETH. It’s just not worth it for them and that’s why bragging about your 10 BTC or 320 ETH also isn’t worth it for you.Tip 2: Buy a hardware wallet. Hardware wallets are by far the safest way to store your crypto which is user friendly. Ledger and Trezor are the two tried and trusted options. Ledger is slightly better if you want to use many altcoins or will make ERC-20 transactions since it has a dedicated desktop app while Trezor makes you use a service such as MyCrypto or MyEtherWallet for altcoins which can leave you vulnerable to phishing attacks. To avoid this always double check that the address you’re sending to matches what is displayed on your hardware wallet for both Ledger and Trezor.Important note about hardware wallets: Many people don’t know this, but your hardware wallet is how you access your funds and since it has a passcode, the safety of the device itself isn’t that important. What is important is that you correctly record the 24 word recovery phrase and you store it in a safe place. This 24 word recovery phrase is worth the value of your crypto as it is a complete key to your crypto. The hardware wallet simply remembers this phrase and lets you send transactions without exposing the recovery phrase to your computer of the internet.If you’re a crypto pro you can generate a paper wallet on an offline device and send crypto into that wallet but it will still be risky when you eventually want to access your account to move your crypto.Tip 3: Tighten up your online security. Start using 2FA if you keep money on an exchange. Use a different password for each website either by using a system in your head which allows you to memorise which websites have which password or as I would recommend, by using a password manager. Don’t physically write down your password in a book you keep on your desk. If that’s what you do you and you keep money on an exchange, you may as well leave your private key on your desk too for everyone to see.You can see if your emails or passwords have been in a data leak here: https://ift.tt/3foBsvS It is safe to put in your password into this site because while you type in your password, you only send the hash of the first five characters of your password to their servers and they see if it matches the hash of their list of leaked passwords. More info in that here: https://www.troyhunt.com/ive-just-launched-pwned-passwords-version-2/#cloudflareprivacyandkanonymityWhile you’re at this, you may as well tighten up your online privacy too since data which companies like google collect on you can and will get leaked, potentially compromising the security of your crypto. Plus more privacy = more freedom. There’s a great tutorial to online privacy in this YouTube video: http://www.youtube.com/watch?v=4Z7H5tXqMGo also, if you watch lots of YouTube, after you start browsing more privately like it shows in the video, check out FreeTube (app) or invidio.us (website), which are alternative front ends to YouTube allowing you to watch YouTube anonymously. You can easily import your subs into these platforms too. ^^Note ^^sometimes ^^invidio.us ^^has ^^buffering ^^issues. ^^In ^^this ^^scenario ^^just ^^use ^^one ^^of ^^the ^^mirrors ^^of ^^this ^^website ^^like ^^https://invidious.snopyta.org/Tip 4: Improve your offline security. There are many ways you can improve this. As mentioned before with passwords, don’t keep anything which allows people to access anything online of yours in an obvious spot. Put secure passwords on your devices (that means more than a 4 letter pin on smartphones and don’t use the zig-zag shape unlock thing on android). If you have a significant amount of crypto, consider splitting it across multiple hardware wallets and keeping the recovery phrases in different places. Alternatively, you could split the recovery phrase in half and keep each half in different places. One half alone is useless, so someone would have to find both to steal your funds. (more on this in my previous post about diversification here. Just ensure that you don’t forget where you keep your recovery phrase!In conclusion, remember that by having an online presence in the crypto space, you are putting a target on your back and you can’t remove it. However, you can reduce the size of this target and you will be relieved once you have done what you can to keep you and your crypto safe.Previous Post: https://old.reddit.com/r/ethfinance/comments/gyas6u/diversification_is_multifaceted_what_i_have/TL;DR: Just don’t tell us how much crypto you have. Ever. Period.
Submitted June 14, 2020 at 06:56PM
No comments:
Post a Comment