One of the biggest arguments in favor of crypto is that it’s highly secure. No one can spoof your wallet, make payments on your behalf, freeze your accounts, or prevent you from using your assets in the way you wish.
All that’s true. So why are there so many stories about crypto theft? Well, it almost always comes down to user error. Here are Blocks Decoded’s top seven tips to stop someone from stealing your crypto.
1. Don’t Leave Your Tokens on an Exchange
Ah, the golden rule of crypto storage. It’s repeated ad nauseam on every forum, website, social media platform, and by all the crypto experts in the industry. So why do so many people ignore it?
If you leave your crypto assets on an exchange, you are at the mercy of said exchange’s security vulnerabilities. Those vulnerabilities are at the root of all the worst crypto hacks in history. Hackable backends and corrupt company employees can relieve you of your entire Bitcoin balance in a matter of seconds.
And remember, crypto assets aren’t trackable (at least not without an extraordinary level of technical knowledge) and are not underwritten by any central body. Once they’re gone, they’re gone.
2. Use a Hardware Wallet
So, you accept that you need to transfer your crypto out of an exchange. Great. But where do you put it?
The most secure approach is to use a hardware wallet. There are several hardware wallets on the market, but the Ledger Nano X and the Trezor Model T are widely considered to be the best. We’ve written a review of the Nano X elsewhere on the site.
3. Don’t Share Your Private Keys
All crypto wallets have two keys—a public key and a private key. The public key is the one you give out to other users when you want to receive a payment from them. The private key is the one that allows you to have control over the funds within your wallet.
To repeat a well-worn crypto adage: if you don’t have control of your private key, you don’t own your crypto tokens.
Given the importance of the private key, you should never share it with anyone. Not friends, not family, not businesses, and not exchanges. Any company that asks you for the private key is trying to con you out of your assets. Don’t fall for the scam.
4. Don’t Share Screenshots of Your Crypto Apps
Given crypto’s high value combined with its anonymity, it’s understandably a mouth-watering prospect for criminals.
You shouldn’t, therefore, make yourself a target. Don’t post screenshots of your latest trading win on Facebook and don’t send screenshots as proof of purchase to other users. Ideally, you want as few people as possible to know that you even own such a high-value asset—otherwise, you’re just generating unwanted and unnecessary attention.
5. Store Your Seed Phrases in a Safe Place
When you create a new wallet on either a hardware device or a mobile app, you will be given a seed phrase (sometimes called a recovery phrase or a backup phrase). They allow you to recreate your wallet on a different app or device in the event that your original wallet is lost, broken, or otherwise out of action.
It’s essential to write down the keys; if you don’t have them and something goes wrong, you will be locked out of your wallet forever.
But by writing the keys down, you’re unavoidably creating a weak point in your crypto setup. As with the private keys, if anyone stumbles across your seed phrase and recognizes its purpose, they could empty your wallet and be long gone before you realize something has happened.
Ergo, it is essential to treat the phrase with care. Don’t give it to other people, don’t leave it lying around in your home, and don’t save it in an insecure online location. For more tips on how to store your seed phrases securely, check out our article.
6. Enable PIN Security in Your Wallet App
Most of the popular crypto wallet apps for smartphones will require you to set up a PIN code on your phone before you can use the app to make crypto transactions. It prevents someone from accessing your crypto funds in the event that you lose your phone or it is stolen.
But not all crypto wallet apps have that security layer. Some will still allow you to make transactions without a PIN code, making the PIN requirement an optional extra that you can enable in the app’s settings menu.
It is essential, therefore, that you check to make sure PIN protection is turned on. If your wallet app doesn’t even offer the feature, stop using it, and transfer your Bitcoin to a different app immediately. It could be a fake mobile wallet that’s trying to scam you.
7. Use 2FA Everywhere
Look, we get it, 2FA is a bit of a hassle. It makes your life a little more tedious when you’re trying to log into the apps and services you use every day.
From a security perspective, you should be using it on every online account you have. But we do understand if you decide not to enable it on services like LinkedIn or Evernote.
With crypto services, however, it’s critical that you enable the feature. Without it, someone could steal your computer and use the saved passwords to access your exchange account in a flash. Again, you’re crypto will vanish before you can blink. 2FA is a failsafe against such an eventuality.
Check out the best 2FA apps you can use to secure your accounts. Remember, non-SMS 2FA is preferable, but if it is the only option, it is still better than nothing.
Take Your Crypto Security Seriously
The seven tips in this article will all go a long way to making sure nobody can steal your crypto. Of course, there’s a lot of other tips you could add, so make sure you let us know your most essential suggestions in the comments below.
If you’d like to learn more, read our article on the most common crypto storage mistakes that people make.
We earn commission if you purchase items using an affiliate link. We only recommend products we trust. See our affiliate disclosure.