Everything in the world of cryptocurrencies and blockchain technology moves at a much faster pace than traditional asset classes. The adoption of Bitcoin and other tokens has been rapid, the volatility leads to wild rides for HODLers, and it has left many governments scratching their heads as to what to do.
These factors are often what attract crypto investors to these digital currencies as they’re happy with the risk-reward ratio that’s on offer.
However, as cryptocurrencies have enjoyed a wild appreciation in value and an explosive increase in interest from the public, nefarious people have been getting in on the action too. There have been numerous news reports over the last few years of crypto exchanges being taken offline or having their data breached by hackers, often resulting in the partial or complete loss of assets for investors. These data breaches can also be the cause of temporary market crashes, such as the issues with Mt. Gox in 2013.
There are other risks for investors too; hardware failure in your computer could make your wallet inaccessible, as could flooding, fire, or theft.
With these risks in mind, it’s never been so important that we take steps to protect our crypto assets. Thankfully, most things we can do are pretty straightforward provided you’re prepared to spend a little bit of time upfront.
Spread Out Your Holdings Across Multiple Wallets
There are no restrictions on the number of wallets you can have, so it makes sense to split your crypto assets across several.
You may want one that you use for daily transactions that you keep a small amount in, similar to how you use your current account and saving account(s).
If your crypto portfolio is large, then you may wish to use more than two wallets so that your “savings” aren’t all stored in one place.
This will help to ensure that if any of your wallets are lost or compromised, you don’t lose your entire holding.
Use Cold Storage
As part of this diversification strategy, you will likely want to use cold storage. This is essentially a wallet that is not generally connected to the internet. This prevents hackers from compromising a computer system and stealing your tokens.
There are different approaches you can take to cold storage and you may actually wish to use more than one to spread your risk. There are dedicated cold storage wallets that you can buy, you could use a USB memory stick to store a wallet file, or you can just print your private keys onto paper and store them securely.
Regardless of the method you use, you should take sensible precautions to protect your cold storage media, using a safe, a fireproof box, keeping backups, or storing them in a bank vault.
Use Passwords and 2FA
Even if most of your crypto assets are kept in cold storage, you will still need some to be stored on a computer or in an exchange account. For this, you should take care to follow all the latest advice for preventing unauthorised access to your account(s).
The first step is using a secure password. The UK’s National Cyber Security Centre recommends that we create unique passwords for each account and make them long and unguessable by using three random words in each one. The organisation also recommends using a secure password manager to aid in keeping passwords unique.
This isn’t enough though. You should also enable two-factor authentication (2FA) on any account that supports it. If your crypto exchange doesn’t have an option to turn on 2FA, then you should probably find a new exchange.
2FA is essentially a second layer of security that prevents someone from accessing your account even if they have managed to steal your password. It’s pretty common today and you can find it used by most types of businesses though there are a few different ways of implementing it. For example, the RSA Security Token is a physical device used by PokerStars Casino to let users generate a one-time code, while companies like Facebook use SMS or third-party authentication apps to create these codes instead.
Regardless of the example implementation, the 2FA process works in the same way. Each time you log in, you will be required to enter a one-time code (usually a six-digit number) in addition to your password. Since the code is algorithmically generated and linked to your account, the site knows that the code is right but it won’t allow it to be entered a second time. Therefore, anyone that tries a phishing attack on you still won’t be able to get in as a valid code won’t work a second time.
Secure Your Computer
You should also ensure your computer (and other devices that you use to connect to the internet) is protected from hackers, viruses, and other malware.
Windows 10 comes pre-installed with decent security software already, but you can always pay extra for better protection from a third-party company. Just make sure that any software you do use is always up-to-date and that it runs scans regularly.
Also be sure to use a strong password (as above) on your computer user account, since you’ll likely have passwords to exchanges and/or wallets saved on it. Consider also using encryption to prevent someone copying the contents of your hard drive(s) and stealing your wallet(s) that way.