“Plus, Basic Security Tips for Safe Trading and Safe Storage”
7/14/15 By Devin Saxon. Nobody wants to be in the “hacker victim” club, starting today keep your crypto safe from unwanted hands getting into your wallet.
Enable 2FA, Two-Factor Authentication, on your Email and all your crypto-exchange accounts. The moral of the story here is, if you don’t have 2fa enabled–YOU WILL GET HACKED–it is only a matter of time. So, put down whatever you are doing and (if you have not already) enable 2fa right away.
Don’t use text message 2fa, use a trusted Authenticator Application. Hackers can switch your telephone service to a phone in their possession and access your accounts. If you rely on a text message code, you are not protected, you must use an Authenticator App.
Print out 2fa recovery codes and put them in a safe at home, a safe deposit box at the bank, or place them with someone you trust (like your mother). If you break or lose your phone with 2fa enabled you will be locked out of your accounts. This is a good thing, it ensures that hackers can not get into your account without your phone. However, if you do not have your recovery codes getting back into your accounts can be a real hassle, if not impossible.
Use a Password Generating Plug-in on your browser such as Last Pass. Let the password generating app make you random passwords for every site that needs a log in. Make sure to use numbers, letters, and symbols and to make the passwords as long as possible. If you use Last Pass NEVER FORGET YOUR MASTER PASSWORD, or you will be locked out of your password vault (which is storing all your random generated passwords) FOREVER. Never use the same password for your wallets, exchange, or email, and especially never use the same password as your Master Password for Last Pass on anything else, EVER. Doing so is essentially a death sentence for your portfolio and internet privacy; you will almost certainly lose your coins due to a hack.
Never keep currency on an exchange for very long. This goes without saying, exchanges have been prone to fail, countless traders have been burned by exchanges going under or security breaches leading to massive losses in personal accounts. As soon as you make your trade get the coins onto a personal offline wallet.
Maintain a hot wallet (off the exchanges) for trading and a Cold Storage Wallet for your savings account. A cold storage wallet is one that is 100% secure, as it has never been exposed to the internet for any potential hacker to have any chance of exploiting it. The draw back to a cold storage wallet is that coins are not meant to be withdrawn from them, store coins in cold storage that you plan on holding long term.
Encrypt your Hot wallet and Cold Storage wallet, and maintain up to date virus definitions on the anti-virus software on your computer that is maintaining your hot wallet. Never download anything that you do not 100% trust onto the computer maintaining your hot wallet; use a burner computer for risky downloads plugged into a separate router. Downloading malware will infect your computer with a key-logger, from there the hacker will gain access to every key you press including your crypto passphrases, once they have access to that its game over, you will lose all your coins–try not to cry afterwards.
Never use public wifi networks, or hotel wifi networks. Hackers will be on stand-by at these places waiting to access and infect your computer with key-logging malware. Only use private personal secured networks when accessing the internet. If you use public wifi your security is as good as dead. Bring your own mobile hotspot when you’re out and about, or out vacationing; spend the extra penny on personal internet data plans to ensure your security is tight knight and free of unwanted infiltrators. Also, be sure that your device isn’t set up to automatically connect to public wifi networks upon startup, the same with your bluetooth settings connecting to other devices. Many computers are default set-up to access public networks when your home network is no longer in range. Change your computer’s settings to never access any wifi network or file sharing application outside your home network without your expressed permission.
Store backups of your wallet.dat files on a a flash-drive or external hard-drive and keep one in a fire-proof safe and another copy in a safe deposit box at a bank to be the safest you can possibly be. If you must put your wallet.dat in an email address, or dropbox folder, make damn sure you have 2fa enabled and that you monitor devices that are accessing your accounts. You only own your coins if you’re the only one that has access to your passphrase and wallet.dat.
In summary, if you think you are safe because you have never had issues with hackers before (classic mistake), or safe without 2fa due to a withdrawal limit (hackers can get around that), you are likely to join the Hacker’s Victim club, nearly everybody involved with crypto has been hacked and lost funds from breaking these basic rules. If you want to maintain your winning streak don’t fall prey to your own self-confidence, follow the rules or you’re going to have a bad time.
That being said, if you’re following the basic rules, you are going to have a great time in crypto, and are likely to make bank. To help those who are new to the game or even veterans needing a new cold storage device Elypse is offering a cold storage prize for various Twitter and Slack competitions. Join the Pink-Army today and stay tuned to Elypse’s account on Twitter for detail on how to win huge! As always this has been the un-grim Great Pink Buffalo, holding out strong during the Great Dip of 2017. Stay safe out there folks! #2fa4life #BuytheDip #SecureYourPortfolio