If you have been hearing the news lately there has been a lot of media attention about Bitcoin. What is bitcoin?Bitcoin is a cryptocurrency that is digital and has no central body governing it which also means there are no middlemen such as banks or other financial institutions. Whatever your reasons for investing in the currency there are some things that you should know from a security perspective. Since there is no middleman or institution that is governing your currency aka coins you are responsible for being your own bank. You are responsible for keeping your money safe and there is no one to scream at if your security fails. If you have been following the news and other reports I am sure you have heard of people who have had their cryptos stolen in hacks either at Bitcoin exchanges or their personal computers being hacked.See these 2 examples:
Protecting your coin takes some knowledge of how the coin works and being paired with how to protect your self-using best practices. Bitcoin works almost like PKI (Public Key Infrastructure) there a PUBLIC key and PRIVATE keys I am sure I don’t have to say which one of these keys you need to protect at all costs ….the PRIVATE one of course. See below for an image that explains how a Bitcoin transaction works.
Lets first talk about how these keys are created these keys are referred to as Wallets the place where you can send a transaction to store the coins there are a few types of wallets each with their own level of security. Hot wallets these wallets are usually mobile apps or wallets that reside on websites they are always connected to the internet the private key is stored either on the device you are using or the website’s servers. You can already see the issue with this you see the public key is used to receive transactions and it is fine to let everyone know what that is just like the public key of an SSL certificate. The PRIVATE key is what is used to spend your money so, in essence, the PRIVATE key is your money.If your PRIVATE key is hacked or leaked bye bye money now with something that sensitive its best to get it as far away from the internet and third party hands as possible. Now it can be ok to leave small amounts of money for trading and spending on these HOT wallets for convenience and they are not all bad but if you are looking for the highest amount of security it is not found in a HOT wallet. This is very evident just look at some of the exchanges that are hacked and where many people have lost money these are examples of hot wallets. Hardware wallets are interesting. You use hardware to store your keys in a highly encrypted form someone would need to steal your hardware wallet to hack it the keys are stored on the hardware.Check out Ledger
how makes a hardware wallet for bitcoin and other coins.Now of course when buying a hardware wallet it is best to buy directly from the manufacturer to avoid possible tampering with the device hardware wallets offer some of the highest security you can get.
You can also use the Apricorn Aegis secure USB stick that you can use but offers a little less security as it is still a drive that can be read from and if the system you are on is compromised there is a chance your keys can be stolen as there are malware strains in the wild looking for bitcoin wallets. One of the other options is a paper wallet.A paper wallet is literally a piece of paper with your keys printed on it and a QR code to scan when its time to use see below for an example:
Above is a paper wallet paper wallets can be generated via a web browser there are websites such as https://walletgenerator.net/
that have an online utility you can use via your web browser to generate a wallet for your coin but there is a risk with this as the keys have been on a foreign server and have been online also if your computer has been compromised there is a possibility that your keys have been recorded. To have the most secure wallet you would download the software that is available on the site and create the wallet offline even one step further is to run the software in a VM that has never been online. For most people running the software offline with your network disconnected works fine.You then would print this on a piece of paper even better use a printer that is a dumb as possible as some new printers have a memory that can be used to reprint at a later time.
Remeber this may sound ridiculous to go through but you have to think like a bank as you are your own bank !.
One more wallet to look at is a warm wallet this is a wallet such as COINOMI
which is a mobile application that stores your private key locally on your phone they claim that your private key never leaves your phone. This can be a good option as well for most people it best that you use a phone that you can dedicate to this such as an old phone with no SIM card and not connected to the internet. This prevents you falling victim to downloading a malware mobile app that can compromise your phone. I would also suggest encrypting your phone and use regular best practices to ensure your device is safe. Speaking of safe, you may choose to store your paper wallets and even hardware wallets in a safe or safety deposit box at a bank for an added level of security.Do you have bitcoin or other currencies? What apps or security mechanisms do you use? Let me know in the comments.