Cybersecurity In-Depth: Feature articles on security strategy, latest trends, and people to know.

How to Secure Your Cryptocurrency Wallet

With your investments in a digital wallet, under your control, you are the sole owner and can have the peace of mind that no institution can confiscate your digital assets.

Rui Maximo, Cybersec Entrepreneur

July 22, 2021

5 Min Read
image of bitcoins transmitting from a wallet to a phone
Serhii via Adobe Stock

Owners of Bitcoin, Ethereum, and other cryptocurrency typically trade on centralized platforms such as Robinhood, Coinbase, FTX, and others. They don't need to worry about creating and managing digital wallets since the platform handles those tasks. That's the convenience of a centralized platform.

However, there are serious drawbacks to keeping your crypto assets on a platform. If the platform gets hacked, or your account credentials are stolen, or the government decides to seize your digital assets, you could lose all of your crypto investments.

If you would rather not rely on these platforms to secure your digital assets and prefer not to be subject to their policies, it's better to move your digital assets off of the platform and to where you can have full control.

Centralized platforms are the on-ramps to purchase digital assets with dollars. Once you make the purchase, you can take custody of your assets by transferring them to your wallet. Decentralized applications (dapp), on the other hand, require users to hold funds in their own wallet. Decentralized finance (DeFi) – such as lending, borrowing, insurance – requires using a digital wallet. DeFi is only slowly becoming available to users of centralized platforms.

If you want to diversify into crypto assets in your small business treasury, you're a crypto investor, or you just want to have a crypto wallet in place in case you're faced with paying ransomware attackers, the solution requires setting up a digital wallet and transferring your crypto assets to it. With your investments in a digital wallet, under your control, you are the sole owner and can have the peace of mind that no institution can confiscate your digital assets.

That said, the benefits of owning and managing your own digital wallet do come with one major drawback: Should you lose your private key and recovery words, you have no recourse and your digital assets will be lost forever. However, there are steps you can take to avoid this situation.

Best Practices
The best practice for securing your digital assets is to use a hardware wallet (also called a cold wallet) instead of a software wallet (also called hot wallet) to avoid getting your digital assets stolen. In the case of a software wallet, if the private key is stored on your computer and you become a victim of ransomware, you could be locked out of your digital wallet.

A crypto wallet is represented by an asymmetric key pair: private and public keys. The private key must be kept secret. The wallet's address is derived from the public key. The wallet address is what others use to transfer digital funds to you. If the private key is stored on your laptop or phone, as is the case for a hot wallet, your digital wallet is vulnerable to attacks and ransomware. The private key can easily be stolen through any of the vectors of attacks (phishing, zero-day attacks, fileless attacks, etc.) or it can be locked up through ransomware.

To avoid getting into a compromising situation where your digital assets are stolen or lost, use a hardware wallet:

1. Purchase a hardware wallet:

  • Purchase directly from the manufacturer, not a third-party site (eBay, Amazon, etc.) or a used one.

  • Verify the seal on the box hasn't been tampered with. You don't want a fake version.

  • Have a trusted friend make the purchase, sent to their address. This is to avoid potential phishing attacks.

  • Do not register yourself with the manufacturer. This is to avoid being targeted if the manufacturer's customer database were to get compromised.

2. Create your wallet:

  • Set a strong passcode to your hardware wallet. Don't use your birthday or a number that is publicly associated with you, like a ZIP code, house number, or phone number. A hacker could easily deduce it.

  • Write down your recovery words. This is equivalent to the wallet's private key. Anyone with the recovery words can recover your wallet and steal all your digital assets.

  • Safeguard the recovery words to your hardware wallet on a metallic plate for fire protection and store it in your bank’s safe deposit box

  • Transfer your digital assets from your platform account to your hardware wallet.

  • Set up directives to release access to your deposit box to your heirs; instruct your heirs on the value of your digital assets and how to safely recover your wallet and your digital assets.

Then Be Sure to Check In
Once you've set up your wallet, connect to it once a month to make sure you remember how to do it and keep your passcode fresh in your memory. Do not write down the passcode: If someone loots your wallet and discovers the passcode, they can unlock your wallet and steal your digital assets. And be careful not to fall prey to phishing attacks that request your wallet's private key or recovery words.

To monitor the balance of the digital assets without having to always connect your hardware wallet, use a mobile app that allows you to track wallet addresses without having to enter the private key. Copy your wallet's address from the display of your device or connect it to your computer. This address can often be displayed as a QR code from your hardware wallet. This avoids the need to retrieve your hardware wallet every time you want to check your balance.

Should you lose your hardware wallet, no need to panic. Here's what to do:

  • Purchase a new hardware wallet using the above recommendations.

  • Retrieve the recovery words from your safe deposit box.

  • Instead of creating a new wallet, restore your wallet address on your new hardware wallet using the recovery words. Your hardware wallet manufacturer will provide you detailed instructions on how to perform this operation.

  • Your assets are recovered!

  • Store your wallet's recovery words back in your bank's safe deposit box.

Hit me up if you would like any suggestions for acquiring or securing your wallet, or if you have any feedback.

About the Author(s)

Rui Maximo

Cybersec Entrepreneur

Rui Maximo developed a strong interest in security during his master's program in Mathematics. After completing his thesis in cryptography, he was recruited into security roles throughout his 25 years career in the software industry, and held a variety of roles from software engineer, program manager, manager, author, principal engineer, instructor to software architect and consultant. When he's not honing his skill sets, you'll likely find him reading, studying the market, writing an article, snowboarding or traveling (at least until covid hit). He loves to spend time with his kids. Rui grew up all over the world, but calls Seattle home.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights