Securing your Bitcoin is one of the most important and overlooked aspects of owning it. You don’t realize you are doing it wrong until you lose all your coins. If you are not careful, It will happen when you least expect it.
I hear about people losing their Bitcoin and alt-coins daily, because they lack the knowledge and skill on how to safely secure their digital assets. This often results in catastrophic consequences where good people lose everything. There is no customer service in crypto to call when you screw up. You learn through the painful sting to your bottom line.
I too have made mistakes and lost some Bitcoin along the way. This is what motivates me to continually research new strategies to optimize my own security practices. Along this journey I have met some incredibly smart people who were happy to share with me some of their expertise.
Bitcoin custody is somewhat shrouded in secrecy. This is due to the malicious attacks you open yourself up to by going public with this information. The fascinating part about this game is you cannot go to any company, organization or anyone who calls themselves “experts” in Bitcoin security to get this information. You can try, and you will get some good tips, but this is not enough. You need to diligently do your research and listen to multiple opinions. The rest is up to you. Hopefully you choose wisely.
The best way I have found to learn about these things is to go to the developers and cypherpunks who have been in the trenches for years pioneering this stuff. Most of these people do not consider themselves anyone special, nor are they willing to openly discuss their practices. Fortunately, I have gained some trust over the years. After talking with a few of them about the need for an article like this, they agreed to participate but some insisted on leaving their identities out.
The following five Q&A’s only scratch the surface. Hopefully this motivates you to think more about how you can up your security game. The last contributor answered in English and Spanish.
Jimmy Song teaching one of his Programming Blockchain courses in Austin, Texas.
What is your preferred way to lock down your Bitcoin and crypto?
In a wallet I control.
What are your thoughts on paper wallets?
Good security, bad on the privacy side. People generally are better at securing paper than digital goods.
bitaddress.org is a good option for a paper wallet.
What paper wallet(s) do suggest?
bitcoinpaperwallet and bitaddress are pretty good. Just make sure you generate the wallet offline.
Do you like hardware wallets?
Mostly. They tend to suffer from the fact that you can’t audit the hardware. That said, physical security is something people are more used to so it tends to be better in that way. Security you don’t use is generally not that great.
Do you have any recommendations on hardware wallets?
I use Trezor, but I can’t vouch for the safety of the hardware itself. I’m still waiting for an HSM (hardware security module) that’s consumer-level.
What are a few of your best tips for anyone using a hardware wallet?
They’re designed to be simple to use so use them the way they’re intended unless you know exactly what you’re doing. Nobody does multisig very well, for example.
Generally, keep your seeds locked up somewhere with tamper evident stickers. That’s the minimum I would do.
What other high-security wallet software options are there?
Armory on an offline device (like an old laptop) is pretty good. I’m a bit biased though, since I helped make that thing.
How do you feel about storing Bitcoin on hot wallets?
Only in small amounts, like less than $500. Being paranoid doesn’t hurt.
Trezor makes a few hardware wallets that are easy to use.
What are a few hot wallets you can suggest?
Depends on your use case. If it’s to pay some people, even centralized hot wallets are fine as long as you’re okay with losing it. Treat it like money in your physical wallet. You might lose it, so don’t keep your life savings with you, for example.
I used to like Mycelium, but they’re still slow to adopt segwit. I haven’t really played with too many because I don’t use Bitcoin to buy small items, generally.
What are a few of your best tips for anyone using a hot wallet?
Keep only the amount that you’re comfortable losing.
How do you feel about the companies who offer, in their words, “extra secure” Bitcoin storage?
It goes against the spirit of being your own bank, but regulations require this for hedge funds, for example. The history of exchanges is such that theft is always something that’s on the table, so I wouldn’t necessarily trust any of them.
Why is an exchange a horrible place to store your crypto even with 2 factor authentication?
It’s fine for small amounts. It’s bad for larger amounts. If you store your coins on an exchange, you’re essentially lending them your coins with the possibility that they can’t or won’t pay you back.
Where are some safe physical places you might recommend for people to store hardware wallets, paper wallets or private keys?
I’m not an expert on physical security, but some sort of vault is good, I’d imagine.
Is there a preferential operating system people should be using that might offer better security for Bitcoin or crypto transactions?
Linux is generally my preferred OS because it’s open source.
What about suggested browsers?
Something open source.
Describe some of your best practices and tips for sending and receiving Bitcoin or crypto?
For small amounts, use a hot wallet. For larger amounts, use a hardware or off-line wallet. Double check everything and don’t rush.
Describe some of your best practices tip for storing your Bitcoin or crypto?
Be careful and have a good plan.
Do you have any other words of wisdom?
Hopefully, they’re in the other questions!
Check out Jimmy’s 2-day, in-person seminar for Bitcoin Development training. Find out more at programmingblockchain.com. Follow @JimmySong on twitter.
Akin Fernandez is the co founder of Azte.co and hates the word “crypto.” This image is one of his paintings.
What is your preferred way to lock down your Bitcoin and crypto?
There is no such thing as “crypto.” I lock down with OpenDime and Ledger. Because both of those provide offline storage, you can rest assured that your Bitcoin is safe.
What are your thoughts on paper wallets?
They are very useful. As the software used to generate, import and manage them gets better, they will be even more useful.
What paper wallet(s) do suggest?
Armoury produces useful paper wallets; that’s one I’ve experimented with myself.
Do you like hardware wallets? Yes. They’re essential for any Bitcoin user’s tool kit, and in the future, will be commonplace. Everyone who earns money will have a hardware wallet of some description, that fits into their personal banking process hierarchy, where devices and practices are ordered by the need for security balanced by convenience and how much Bitcoin you’re talking about. If you have millions of dollars in Bitcoin, storing them on a single hardware device in your house might cause you sleepless nights. Putting them under a mnemonic isn’t satisfactory either; what if you bang your head and can’t remember the words? What if you get killed? How will your children inherit your fortune? You can’t tell your lawyer your words; he might steal your money. You can’t leave your money on an exchange, because that’s not safe. This is a real business problem looking for a strong solution, the best one to emerge will not require trusting anyone or any manufacturer, and will be so simple that anyone can do it. For now, a mixture of devices and methods is best, with fallbacks that are as infallible as you can make them. It has to be said, if you live a life where you can’t trust anyone, you have bigger problems than where to store your Bitcoin.
Opendime makes very affordable and secure USB Bitcoin Stick that is easy to use.
Do you have any recommendations on hardware wallets?
I recommend Ledger and OpenDime. OpenDime is a transformative device, that turns Bitcoin into a physical bearer instrument. Ledger is good if you need to keep Bitcoin safe and offline, and spend from your wallet over the internet or disburse to your phone wallet. Ledger has a good mix of capabilities and form factor, and it’s very easy to use and absurdly inexpensive given what it does.
What are a few of your best tips for anyone using a hardware wallet?
Read the manual. Read it again. Read it once more. Follow all the instructions. Become intimately familiar with how it works. This applies to Ledger, and not to OpenDime, since OD is so simple it requires very little understanding. It is easer to use an OpenDime than it is to make a phone call. OpenDime is even laundry proof. Understanding how your devices work is crucial; you cannot outsource your Bitcoin security without losing some security. It’s not hard to do, and a lot of work has gone into these devices to make them consumer friendly, and they are very consumer friendly. Moving Bitcoin from Ledger is easier than using a Credit Card online.
What other high-security wallet software options are there?
If you have a MacBook pro with the Reference Client on it, turned off and in a safe, that is very high security. Generally, if you stay away from Windows, and limit your use to the known secure platforms and devices, you will be safer. Security is complex; seemingly normal behaviors can compromise you, and in it’s character, security is a process as much as it is a destination. Samurai Wallet is a very good option, with the sort of functions you need to manage your Bitcoin properly. Importing wallets from other wallets from a seed works perfectly on Samurai, and it is developed by a crack team of experts, and I strongly suspect it is going to be the number one wallet globally.
How do you feel about storing Bitcoin on hot wallets?
Someone has to run hot wallets, otherwise services can’t operate. The device or class of wallet you’re using should be governed by your use case. If you are storing Bitcoin for a long time, you select devices and methods that suit that. If you are running a Bitcoin service where you’re sending out lots of Bitcoin, then you need a hot wallet. It is less about feelings than it is about practical considerations.
Screen grab of Bitcoin Core’s “choose your wallet” page.
What are a few hot wallets you can suggest?
Bitcoin Core. Electrum works well also.
What are a few of your best tips for anyone using a hot wallet?
Run Linux. Failing that, run MacOS. Do not, under any circumstances, run Microsoft Windows.
How do you feel about the companies who offer, in their words, “extra secure” Bitcoin storage?
In a free society, people are at liberty to offer services to each other. You can run your own “extra secure” Bitcoin storage yourself. The same software these companies use is available to you. The only advantage they have are storage facilities that can withstand fire and water damage. Bear in mind also, that when you use these companies, they are instantly less secure than storing your own Bitcoin. Once they know who your are, you are compromised. If the State asks them to hand your Bitcoin to them, it is likely that you will lose your Bitcoin, without any means to get it back without going to court.
Everyone has the right to run businesses and offer services to others. As long as these businesses don’t use fraud they are acceptable for the market. The problem is how can you measure what “extra secure” means (if it is even a real thing), and can you trust that people will do what they say they will do. This is especially important in countries like the USA where businesses can be compelled to compromise you by National Security Letters, and are forced not to reveal that you have been compromised. I wonder if any of the custodial Bitcoin businesses in the USA have ever received a National Security Letter? I don’t think this is a question anyone has asked, and I don’t know if any of them have a Canary signal in operation. Of course, none of this matters to you if you manage your own Bitcoin, which is exactly why you should do that.
Why is an exchange a horrible place to store your crypto even with 2 factor authentication?
Akin published “The Pillar and the Pond” on Hackernoon.com
Because exchanges are Bitcoin custodians, and you should store your own Bitcoin where it can never be arbitrarily seized. If you want to hold your money in a third party service, why not keep your money in fiat in a bank where it is “safe”? All the top Bitcoiners use exchanges only to trade Bitcoin and they don’t keep their Bitcoin on the exchange. No matter what happens to the exchange, be it change of ownership, National Security Letters or some other shenanigans, if you keep your Bitcoin in your own device, no one can prevent you from spending it in any way you see fit. Storing Bitcoin on an exchange is regressive, and anyone who has suffered having “their” account shut knows this is true. Not keeping your own Bitcoin perpetuates the bad habits of bankism. Thankfully, distributed exchanges like HodlHodl will put custodial Bitcoin businesses to death, and push security out of the pillar and into the pond https://hackernoon.com/the-pillar-and-the-pond-9eea73318b92
Where are some safe physical places you might recommend for people to store hardware wallets, paper wallets or private keys?
There are generations of best practice methods for keeping sensitive documents safe, and that is what Bitcoin is. Bitcoin is not money, it is text that can be printed out or stored on a device. Looking at how archivists store paper and data for decades is a good place start. Printing on to acid-free paper with acid free ink is essential, especially if you intend to keep your Bitcoin for decades printed out.
Is there a preferential operating system people should be using that might offer better security for Bitcoin or crypto transactions?
Linux or MacOS, and no excuses. If you are really serious, then Qubes OS is a reasonably secure operating system.
What about suggested browsers?
Google Chrome is sufficient, and you can use it to run your Ledger software.
Describe some of your best practice tips for sending and receiving Bitcoin or crypto?
There are many ways to receive Bitcoin, and you can tailor your method to your needs. For example, let’s say you are a secretary, and you get paid once per week in Bitcoin. Your boss can send your wages to the same payment code every week, or you can flash a new address to him on your phone when you clock out. Once you have your wages, you can send a portion immediately to your cold storage device where you know its safe, and keep the rest for that evening’s Friday drinks. Bitcoin is very flexible; for certain, there is a business to be made out of designing “Bitcoin as daily money” throughput systems and setting up people’s Bitcoin self-management practices and software. With Azteco, you can buy a voucher and send it anywhere, without having to use your own wallet; the service does all the heavy lifting. It is a very secure way of sending Bitcoin, because you don’t have to worry about the process, or run a wallet yourself. Powerful, counter-intuitive services like this will expand the number of Bitcoin users and workflows dramatically, without these users having any technical burden.
Describe some of your best practices and tips for storing your Bitcoin or crypto?
“Crypto”
Any red flags you want to call out that often fool people into doing stupid things?
Yes. Buying alt-coins is a stupid thing. No matter what they’re called.
Do you have any other words of wisdom?
Proverbs 8:11 “For wisdom is better than rubies; and all the things that may be desired are not to be compared to it.”
Akin Fernandez is the co-founder of Azte.co. You can learn more about him by reading, “Immutable and Censorship Resistant.” Follo Akin on medium Beautyon and twitter @beautyon_
Cypherpunk — is any activist advocating widespread use of strong cryptography and privacy-enhancing technologies as a route to social and political change.
What is your preferred way to lock down your Bitcoin and crypto?
The best way is to do this in tiers. Tier 1, 2 and 3.
Tier 1: Hot wallet on your phone or an exchange for daily spending
Tier 2: Hardware wallet like Trezor for general savings account
Tier 3: Long term paper wallet cold storage for retirement backed up in multiple locations which could include safety deposit boxes.
What are your thoughts on paper wallets?
They are a perfectly reasonable and secure way of storing your private keys however they are most often used with long term cold storage.
What paper wallet(s) do suggest?
The best one I’ve seen so far is bitaddress.org
Trezor‘s new the Model-T.
Do you like hardware wallets?
I prefer hardware wallets even though some say they are more at risk then paper wallets due to the fact that hardware components require sourcing from multiple companies/locations.
Do you have any recommendations on hardware wallets?
I prefer the Trezor.
What are a few of your best tips for anyone using a hardware wallet?
Make sure to back up your seed in case your device ever gets lost or damaged.
Only use them as tier 2 storage.
Don’t always update to the latest firmware version until it’s been released for a while to make sure there are no bugs or problems.
What other high-security wallet software options are there?
One of the higher-grade security wallets out there is btcarmory.com.
How do you feel about storing Bitcoin on hot wallets?
A hot wallet should not be much different than your regular wallet and hold daily spending funds.
What are a few hot wallets you can suggest?
For Android I like Samurai Wallet.
What are a few of your best tips for anyone using a hot wallet?
Backup your seed in case your phone gets damaged and never store more than you would in a regular your physical wallet.
How do you feel about the companies who offer, in their words, “extra secure” Bitcoin storage?
It’s always a case by case basis where research has to be done to see how they are storing private keys. If you don’t own your private keys however, it’s not really your Bitcoin.
Why is an exchange a horrible place to store your crypto even with 2 factor authentication?
Mostly because exchanges get hacked almost monthly. However, this year I expect decentralized exchanges wherein your private keys never leave your possession to take off and become a new standard. Some of these exchanges interface directly with hardware wallets as well providing even more security.
Where are some safe physical places you might recommend for people to store hardware wallets, paper wallets or private keys?
All the usual places, Safes and safety deposit boxes. There are many people out there who use their imagination and get more creative.
Putting your private keys and hard wallet in a bank vault is only secure until they lock you out.
Is there a preferential operating system people should be using that might offer better security for Bitcoin or crypto transactions?
It all comes down to protecting your private keys. Private keys held on a computer connected to the internet all are in the same amount of danger regardless of OS.
What about suggested browsers?
Same condition above applies here.
Describe some of your best practices and tips for sending and receiving Bitcoin or crypto?
Always double check addresses
Use multi sig when applicable
Don’t over pay in fees. If you can afford to wait a bit longer, do it and you’ll save money.
Any red flags you want to call out that often fool people into doing stupid things?
Don’t worry too much about the price if you are not a trader. Just Hodl.
Do you have any other words of wisdom?
Always do your own research. Don’t Trust. Verify.
Secure your Bitcoin in cold storage and keep your hard wallet or private keys in a very safe place.
What is your preferred way to lock down your Bitcoin and crypto?
Can’t talk about it for security reasons.
To my mind there is no great complete solution on the market currently so people have to design their own software solution.
What are your thoughts on paper wallets?
They can be good, but it is easy to screw up. The website is often the key screw up. If my EthWallet is hacked or someone gets a virus on their machine that redirects them it can kill them. Better to download the code and run it.
Paper wallets are clunky and hard to use for the average person.
Still they are a good bet for early adopters.
The default warnings at myetherwallet.com speak for themselves. Be careful!
Do you like hardware wallets?
They are pretty good but have limited coin support, so it can never be a complete solution at this point for all your coins which is frustrating. Their interfaces are garbage. The Chrome plugin for the ledger is frustrating as all hell to use.
Do you have any recommendations on hardware wallets?
What are a few of your best tips for anyone using a hardware wallet?
Get two. Store a copy offsite in a bank safety deposit box.
What other high-security wallet software options are there?
You have to roll your own with software.
Avoid using SMS authentication and download Google Authenticator for a more secure experience.
Why is an exchange a horrible place to store your crypto even with 2 factor authentication?
I don’t think it is. In fact it is better than most people’s local storage system. That said, they can get hacked but Exchanges have evolved a lot since Mt Gox.
Where are some safe physical places you might recommend for people to store hardware wallets, paper wallets or private keys?
A safety deposit box. See banks still do have a good purpose!
Is there a preferential operating system people should be using that might offer better security for Bitcoin or crypto transactions?
Linux or Mac.
What about suggested browsers?
Brave. Or Eset’s sandboxed browser.
Describe some of your best practices and tips for sending and receiving Bitcoin or crypto?
Send a tiny amount first and verify it got there. Be sure to read the first 6 digits and the last 6 digits on both screens at least three times, every time.
Any red flags you want to call out that often fool people into doing stupid things?
Using SMS as two-factor. Not locking down their phone accounts. Call the company and don’t let them change service without you showing up with an ID in person. Use Google’s special security hard token and portal. Authenticate every device. Back up your Google Auth and Authy accounts. Use encrypted partitions with Veracrypt.
Do you have any other words of wisdom?
Triple check everything. There are no take backsies in crypto.
Bitcoin security in places like Venezuela is critical where the banks are pointless.
We wanted to help our friends in Spanish speaking countries, so we added the answers to this section in both English and Spanish.
What is your preferred way to lock down your Bitcoin and crypto?
English: Very freezing cold wallets.
Spanish: Monederos fríos verdaderamente fríos.
What are your thoughts on paper wallets?
E: They are useful because they satisfy specific types of users.
S: Son útiles porque tiene aplicaciones específicas para los distintos tipos de usuarios.
Mycelium is another wallet option.
What paper wallet(s) do suggest?
Do you like hardware wallets?
E: I do. I think they are a genius product and they’ll replace banks.
S: Si y pienso que son una genialidad porque van a ser los bancos del futuro.
Do you have any recommendations on hardware wallets?
Trezor and Nano Ledger.
What are a few of your best tips for anyone using a hardware wallet?
E: Try not to be online too much time and keep your mnemonic words in two different very safe places.
S: Tratar de no estar en linea mucho tiempo y mantener tus palabras de semilla en al menos dos lugares muy seguros.
The Nano Ledger S is another hard wallet option.
What other high-security wallet software options are there?
E: Creating your own wallet, but that would require doing heavy research and study, given that at this point it wouldn’t even make sense to hire someone to create the wallet for you.
S: Crear tu propia cartera, pero eso requiere mucha investigación y estudio que para este punto tampoco tiene sentido contratar a alguien que lo haga por ti porque también podríamos desconfiar de esa persona.
How do you feel about storing Bitcoin on hot wallets?
E: Not an option. How do you feel about storing gold outside of your house in the middle of the street?
S: No es una opción. Que opinas de guardar tus lingotes de oro afuera de tu casa en el medio de la calle?
What are a few hot wallets you can suggest?
E: None.
S: Ninguno.
What are a few of your best tips for anyone using a hot wallet?
E: Don’t use it.
S: No usarlo.
Casa is a new startup that helps consumers securely store cryptocurrencies and is one of a handful of companies that offer this.
How do you feel about the companies who offer, in their words, “extra secure” Bitcoin storage?
E: There would always be a counter party risk, but if you really know or trust the company owners then go ahead, otherwise be wary and always expect and prepare for the worst scenario.
S: Siempre habrá un riesgo de la contraparte, pero si realmente conoces o confías en los dueños de la compañía pues adelante, pero debes estar preparado y pendiente para el peor de los escenarios.
Why is an exchange a horrible place to store your crypto even with 2 factor authentication?
E: Because first of all you don’t control your private keys so technically you don’t really own anything, and second of all you increase the risk twice by becoming a derived target from the exchange. A hacker could either go after you or the exchange.
S: Porque primero que nada no controlar tus claves privadas que técnicamente significa que no eres dueño de nada y segundo aumentes el riesgo al doble porque ahora el hacker tiene dos posibles víctimas, tu y/o el exchange.
Where are some safe physical places you might recommend for people to store hardware wallets, paper wallets or private keys?
E: Private safety boxes and all type of climate resistant structures.
S: Cajas de seguridad privadas y estructuras resistentes a todo tipo de climas.
Hot Wallet’s vs. Cold Wallets taken from a presentation by David Lee
Is there a preferential operating system people should be using that might offer better security for Bitcoin or crypto transactions?
E: I think the simplest is the safest.
S: Pienso que mientras más sencillo es más seguro.
Describe some of your best practices and tips for sending and receiving Bitcoin or crypto?
E: Quick Trezor transactions.
S: Transacciones rápidas en el Trezor.
Describe some of your best practices and tips for storing your Bitcoin or crypto?
E: Using a designated computer with a restricted internet access.
S: Usar una computadora especialmente designada para transacciones de este tipo con uso restringido a internet.
Any red flags you want to call out that often fool people into doing stupid things?
E: Buying crypto with your life savings and throwing them into an exchange. At least buy a hardware wallet.
S: No comprar criptomonedas con tus ahorros y guardarlas en un exchange. Por lo menos compra un wallet de hardware.
Do you have any other words of wisdom?
E: Don’t shout out that you have cryptocurrencies and neither tell people where you store them. You don’t tell people where your gold is stored.
S: No alardees diciendo que tienes criptomonedas ni donde las guardas. Tu no le dices a la gente donde guardas tu oro o si?
I have heard people mention they buried their private keys in a GPS marked location. Who is anyone to judge. Do whatever it takes to make you sleep at night!
As you can see there are many things to think about when securing your coins. This article by no means is intended to be the gospel on Bitcoin security practices. It barely scratches the surface to be honest. Not all the contributors agree on everything. I am also certain many of the people reading this will not agree either. Your main takeaway should be to focus on the new ideas and tips that resonate with you and continue doing your own due diligence so that you can optimize your security protocol. Don’t ever forget buying Bitcoin is the easy part. Securing it for the long run is the true challenge and is nothing to take for granted.
Find me on twitter @piratebeachbum or Hackernoon/@piratebeachbumwww.coinstrategy.io