We recommend that you read this whole guide, but we will highlight the most important steps that should be carefully read and understood if you want to get up and running quickly and safely.

General Practices: Simplified

Most Important Steps:

  1. Get a wallet recommended from this site
  2. Backup your wallet and secure your backup phrase
  3. Enable Password Protection (Wallets) or Two-Factor Authentication (Web Wallets & Exchanges)

Added Security:

  • Bookmark your websites so you don’t fall for phishing scams (explained below).
  • Storage – For large balances, keep your funds in multiple locations (eg. Checking vs Savings)
  • If you purchase from a peer to peer site instead of an exchange, make sure you choose a seller that has a good reputation

**There’s a detailed description of each point near the bottom of our guide in General Practices: Detailed

The steps above provide sufficient protection with convenience in mind.

If you want to maximize your protection, and don’t mind doing some more technical steps, please look at the infographic at the bottom of our guide.

Recovery/Backup Phrase

Your recovery/backup phrase is your cryptocurrency

All non-custodial wallets (wallets that aren’t controlled by a company) will allow you to back up your wallet, asking for you to write down a recovery phrase (A.K.A. Seed key, recovery key, seed phrase), which is usually 12, 18 or 24 words. The process is similar to what’s displayed below:

Steps:

  1. Write down the phrase on a piece of paper
  2. Confirm the phrase (spelling and order counts)
  3. Keep your phrase somewhere SAFE

In the event that your wallet is deleted or you lose your wallet, as long as you have control of the backup recovery phrase, you can restore the wallet onto any device and access your funds.

Tips for Keeping your Phrase Safe 

  1. Use a pen and paper to write it down
  2. Don’t put your phrase online or digital screenshots of it – these could be easily copied by hackers

For more advanced techniques, please go here

Private Keys & Custodial Wallets – 101

If you don’t own your keys, you don’t 100% control your funds.

What does this mean?

Your private keys grant authority to move your funds and ultimately determine ownership (they are usually represented as the 12-24 word Recovery/Backup Phrase mentioned above).

Avoid:

  1. Using an Online Custodial Web Wallet
  2. Keeping your funds in an Exchange (e.g. Coinbase, Gemini)
  • If your private keys are kept by a third party, you risk not being able to access your funds during website maintenance or other service interruptions.
  • Exchanges and online wallets make attractive targets for hackers and have suffered well-publicized security breaches.
  • Online web wallets and exchanges are also easy targets of phishing attacks whereby criminals use legitimate-looking websites to trick you into entering your password / details. Bookmark your websites so you don’t fall for phishing scams. Below is an example of a phishing website. Remember to double check the URLs:

    • If you receive emails, pay attention to the address it’s sent by, along with the URL the link sends you to:

General Practices: Detailed

  • Acquire  your own wallet (recommended on this site)
    • Get 100% custodial control of your funds that aren’t held by a company or third party.
    • Remember: If you don’t own your keys, you don’t 100% control your funds.
  • Backup your wallet and hide your backup phrase well – MOST IMPORTANT
    • In case your wallet is ever deleted or you lose your device, you can use a special 12-word mnemonic phrase to restore it.
    • Whoever controls your recovery phrase also controls your money. Keep this phrase hidden and secure it very safely. Follow the steps listed in our Recovery Phrase section above.
  • Enable Password Protection (Wallets) or Two-Factor Authentication (Web Wallets & Exchanges) whenever possible
    • Wallets have the option of being unlocked with a pin code or fingerprint. Anyone who takes over your device without your authentication can’t touch your funds.
    • Two-factor Authentication is an option on exchanges and Electrum. You can use an authenticator app like Google Authenticator.
  • Bookmark your websites so you don’t fall for phishing scams (explained above).
    • Criminals may use legitimate-looking websites to trick you into entering your password / details.
  • Privacy – Generate a new address for every transaction
    • Using a different receiving address for every transaction will ensure that no one can fully track what you do with your money or what your total net balance is, protecting your privacy.
    • The wallets we recommend do this for you automatically
  • Storage – For large balances, keep your funds in multiple locations
    • In general, just like having a checking and savings account, it’s a good practice to keep only small amounts of your funds for everyday uses and to keep the remaining part of your funds in a safer environment.
  • If you purchase from a peer to peer site instead of an exchange, make sure you choose a seller that has a good reputation
    • Peer to peer exchange sites will rate sellers based on past experiences. Good reputation criteria:
      • Has 99% or 100% satisfaction
      • Has at least 100 ratings
      • Doesn’t ask too many questions (Some sellers ask to verify account, enter your real name, etc.)

Technical Steps (Infographic)

If you want to maximize your protection, and don’t mind doing some more technical steps, you can follow the steps shown here:

Leave a Reply

Your email address will not be published. Required fields are marked *