Cryptocurrencies are continuing to demonstrate their value as an investment vehicle. The strengths of cryptocurrencies — the anonymity, the ease of transaction, and the portability — all make these assets easy to steal should someone find a way into your system. Although the blockchain itself is secure, weaknesses exist on your end of the equation.
Many cryptocurrency groups trade horror stories of hackers targeting you as soon as you mention Bitcoin or another crypto on any social media. Although the reality does not appear to be that bad, ensuring you secure your digital assets is integral for anyone who is investing in cryptocurrency because of the lack of available insurance for crypto and the relatively ease of it being stolen.
Choosing a wallet can be one of the hardest decisions to secure your cryptocurrencies. At the highest level, you need to choose between a hot wallet — one that is connected to the Internet — and a cold wallet that is entirely disconnected from the Web.
The ideal for the most security minded of investors is to use one of each, with a hot wallet used as an intermediary between the crypto trading markets and the user’s cold wallet where they hold their assets offline for increased security. Whether you’re holding Ethereum, Bitcoin, or any other cryptocurrency, you need to hold your currencies in a cryptocurrency wallet.
Hot Wallet (Online)
Hot wallets may or may not be connected to exchanges. Many exchanges have their own hot wallets that are included with their system. This may or may not provide you with control over your public and private keys, which can be a concern for some particularly security conscious investors.
Hot wallets, such as eToro or Coinbase, are best used for cases where you are regularly trading or using cryptocurrencies for transactions. A number of hot wallets exist in software form, able to either interact with multiple exchanges or tied to a specific exchange where it is primarily able to be used for more regular trades, either to and from cash or from one asset class to another. If you hope to use cryptocurrencies in regular transactions, this is your best bet.
Cold Wallet (Offline)
Ideally, long-held investments that you do not want to access regularly should be put into cold storage of one kind or another whenever possible. This means they should be offline, disconnected from any other computer or device. Some even go so far as to further secure their particular cold wallet by putting them in safe deposit boxes or in safes.
There are a number of off-the-shelf cold wallets available, such as Trezor and Ledger Nano, or you can make your own. The off-the-shelf wallets may provide a great deal of security for ease of use, and if you lack sufficient computer skills are likely to be more secure than your own efforts. Some even use old hard drives as their cold wallets — but beware that there are many stories of lost or damaged hard drives with countless Bitcoin stored on them.
Another common “cold” option is paper wallets — literally printing out the public and private keys of your cryptocurrencies and putting them in a safe place. Physical pieces of paper are highly secure but are subject to the same problems as holding large amounts of cash at home, so you should treat these pieces of paper accordingly.
Whatever wallet, exchange, or software you use to access the blockchain should be able to furnish you with these keys. If not, those keys are not within your hands, and in that instance you functionally do not own the underlying cryptocurrency. Without control over these keys, you do not have control over the associated asset. This makes them like bearer bonds — cashable and usable only by whoever controls them.
Securing any cryptocurrency means securing how you interact with any exchanges or transactions. This means upgrading your online security in general.
The points that follow mainly intersect with managing your hot wallet and exchanges. These break down into a number of the basic measures regarding online security. The basic practices that everyone should follow for any major online transaction include two-factor authentication (2FA), secure email providers, strong passwords, and keeping an effective antivirus software on all your devices. Those particularly concerned may want to avoid accessing wallets or exchanges via mobile devices or tablets because they may be exposed to further weaknesses to your online security.
On top of the technological options included here, other basic online best practices will help you to avoid malware, phishing attempts, scams, or any other online security threats. These include avoiding questionable emails, not clicking on suspicious links, and not giving your information out to anyone. Password managers can be particularly effective in assisting this level of security through ensuring you can use effective passwords for all your online holdings.
Two-factor authentication can be achieved through a number of applications and/or processes that require you to verify your identity with something other than just your password. This may be tied to an authentication app on your phone that generates a number to enter, a text message or email that accomplishes the same thing, or requiring you to plug in a USB or other piece of hardware to complete the process. All of these create a second factor of identification on top of entering your correct password. Whatever option you choose, it will drastically increase your security online.
Secure email providers are another avenue to upgrade your everyday online security. Gmail and Outlook may be fine for emailing your parents and managing too many mailing list subscriptions, but against a determined adversary out to get your money they are woefully inadequate. Their emails are not encrypted, meaning that once they are accessed they can be read with impunity. Once a hacker is within your Google Cloud, for example, they can read everything there.
More secure email providers with end-to-end encryption may be less user friendly than Google, but they also make it exponentially harder for people to access your information. When money is on the line, this means a lot. Solutions can range from using a secure email provider like ProtonMail or Tutanota to setting up and managing your own email server.
Antivirus options are numerous and deserving of their own review. Generally speaking, however, you will be getting what you pay for. Free options can provide a modicum of security, but most often will include bloatware or will not be as up-to-date as premium options. Many of the best-in-class antivirus options — such as McAfee, Norton LifeLock, or Kaspersky — include other measures of security including Virtual Private Networks (VPNs), ad blocking options, and more. Keeping viruses, Trojan horses, and other possible backdoors to your data closed is critical when handling significant amounts of nearly untraceable assets.
Know Your Exchanges
Knowledge and research about exchanges is integral to securing your investments. If you are aiming to put significant money into cryptocurrency, you may need access to multiple exchanges in order to liquidate your holdings if you want to execute a major sell-off at once. This can help to avoid dealing with the lack of institutional investors that can prevent price-shocks from major sell-offs.
Transactions through lesser-known exchanges put your trades at higher risk. Crypto marketplaces aren’t covered by the level of regulation or protection that exist on major financial markets. If things go wrong, the cryptocurrency or money that you are trying to trade could be taken from you entirely.
As with any investment, you will likely benefit from knowing about the basics of how investing in cryptocurrency differs from other asset classes. The marketplaces for trading stocks, bonds, futures, and even derivatives are more organized than cryptocurrencies, and many have de facto market protections built in as a result. Treating cryptocurrency like just any other asset you are investing in is likely to cause untold stress when a single bad day wipes out 10% to 20% of the value of your holdings.
One of the concerns about cryptocurrencies is that they are an inherently digital asset, and one that needs to be secured through a digital wallet or other piece of technology in order to interact with them. Investments or holdings of this type — despite the advantages of blockchain technology — lack the same institutional protections that holdings in a bank or other asset class may have.
Cryptocurrency is a highly volatile asset class that can be tricky to understand. Securing your investment requires the proper handling to address these levels of volatility, including a number of investing best practices such as diversification and knowing how to read the state of the market.
Plan for the Future
One major concern with cryptocurrency that has not yet earned the level of coverage that it likely will need in the future is the planning for the unfortunate realities of life and death. If the worst should happen — you were to pass away — your cryptocurrency investments could be lost, with your loved ones unable to access them. Including instructions to your loved ones for accessing these investments, ideally in an offline and safe space, can save countless hours of stress.
Any investment requires a level of planning to ensure that is secure. Just as you would get insurance if you were to buy a million-dollar painting as an investment, you need to take appropriate precautions to secure your cryptocurrency investments. As a technologically based investment, the security solutions for your crypto assets are also mostly technological.
Whenever possible, the safest way to handle your crypto investments is to have it entirely offline. Keeping your digital wallet or keys safely and securely away from any online access means you can limit who can access your cryptocurrency. In practice, you will likely need a mix of cold and hot wallets, moving your crypto around as needed to handle changing day to day realities.