9 Awesome, Time-Tested Tips for Ultimate Bitcoin Safety
No, you’re not paranoid. Having your Bitcoin stolen is a real risk. And it’s a more common problem than many in the crypto community would like to admit. Hackers and phishers have already stolen billions of dollars’ worth of Bitcoin. And while each case is unique, better security measures could have prevented most of these thefts. So to help you avoid the agony of losing your hard-earned crypto, we're compiled this easy-to-follow list of tips for safe Bitcoin storage.
Avoid Online Wallets like the Plague
We get it. Having to choose, set up, and configure a software wallet can seem like a hassle and a massive waste of time. Why not just use a web wallet instead? There’s no need to set anything up or worry about software compatibility. And many exchanges give you one by default when you register, so you don’t even need to make a separate account. Isn't that just the most convenient thing ever?
And yes, web wallets are super convenient. But you know what else they are? A bona fide magnet for criminals.
Often holding millions’ of dollars’ worth of Bitcoin, web wallets are the prime target of hackers. And with the bounty sometimes measuring in the tens of millions of dollars, it does not seem like this will change soon.
So our advice to you is to avoid web wallets like the plague.
Upgrade to a Safer Software Wallet
When it comes to security, not all software wallets are created equal. And it’s not even close. Some software wallets offer top-tier security and are a hacker's nightmare. Others are borderline useless when it comes to keeping your Bitcoin safe. It can be tempting to choose a wallet based on its ease of use or appealing design, but you should always base your choice primarily on security.
And when it comes to security, our experts have a clear favorite. That favorite is Electrum.
Designed for crypto enthusiasts, Electrum doesn't have the prettiest user interface and is not the easiest to use. But what it lacks in design and accessibility it more than makes up for in safety and security. If you invest the time and patience needed to learn to work with it, Electrum will become your trusted partner for many years to come. Our experts cannot recommend it enough.
But if you feel that Electrum is more than you can chew, we recommend Exodus as a more user friendly alternative. Striking a good balance between security and accessibility, Exodus offers much better security than most of its competition without the high learning curve of Electrum.
Keep Your Devices in the Best Possible Security Condition
No matter how secure your software wallet is, there's little it can do to protect you if your device gets hacked. So if you plan to use Bitcoin regularly, you must make sure your devices are in the best possible security condition. While the exact specifics will vary based on your device and operating system, in general, you must ensure your device has at least the following:
- Decent firewall;
- Good antivirus and anti-spyware software;
- Secure virtual private network (VPN);
- Latest security and software updates;
- Up-to-date modern web browser.
Consider Using a Dedicated Linux Machine for Your Bitcoin Transactions
Taking things a step further, many users elect to have a dedicated machine used for nothing but Bitcoin transactions. In general, this is a very good idea. And it’s an even better one if that dedicated machine runs a Linux distribution.
Not only is Linux known for being very secure, its comparatively miniscule user base also makes it a less appealing target for hackers. Put simply, hacking is a numbers game. As a hacker, you want your attack to target as many people as possible. So it is in hackers’ best interests to write malicious code for Windows and macOS, since the vast majority of people use those operating systems. As a result, Linux users tend to get targeted less. Which is not to say that Linux machines don’t get malware and viruses. They do. It’s just that, statistically, you are less likely to get one.
Keep Your Bitcoin Machine Offline
Taking the last tip a step further, you might opt to keep your Bitcoin machine offline at all times. This eliminates the vast majority of hacking-related risks.
In its simplest form, a setup with a dedicated offline machine would consist of the following:
- A dedicated offline Bitcoin machine. Since it won’t be doing any serious processing, this can be any old laptop or PC with a fresh Linux install.
- A primary, web-enabled computer. This machine should run the latest security software and OS updates.
- A dedicated USB flash drive. This should only be used to transport data between your online and offline machines. Don’t store any other files on it.
A typical transaction using this setup would look something like this:
- Create the transaction on your web-enabled computer.
- Insert the flash drive into your main machine and transfer the transaction data to it.
- Take the flash drive out of the web-enabled machine and connect it to the offline machine.
- Sign the transaction on the offline machine.
- Insert the flash drive with the signed transaction back into the online-enabled machine to take the signed transaction online.
Get a Multisignature (Multisig) Bitcoin Wallet
It’s extremely important to minimize your risk of getting hacked. But what happens if your private key does end up in the hands of a hacker? Does that automatically mean you have to kiss your hard-earned Bitcoin goodbye? Not necessarily. At least not if you’ve taken the preventive measure of creating a Multisig address.
Multisig is an extra layer of protection that can help you protect your funds in case your main private key falls into the hands of wrongdoers. Rather than having one private key, a Multisig address has several. In most setups, to sign a transaction, you will need to possess two or more of these keys. This means that even if any one of your private keys gets compromised, the hacker still won’t be able to steal your Bitcoin.
The most common Multisig setup is one called 2-of-3. You generate three private keys. To authorize a transaction, you will need to be in possession of two of these keys. The first key you store on your smartphone or computer for easy access. The second key you give to a second-layer authentication service. And the third key is your backup. You use it in case you lose access to your main key.
To find out more, read our dedicated article about Multisig.
Store the Bulk of Your Bitcoin in an Offline Wallet
- Create a second Bitcoin address separate from your main address. This will be your Bitcoin stash.
- Store the private key to your stash on either a piece of paper or a flash drive. In turn, store that storage medium in a safe place, such as a safety deposit box. You will never use your stash to pay for anything, only to store your wealth, so quick accessibility should not be a concern.
- Use your main address for your day to day transactions. Send all of your Bitcoin investments and savings straight to your stash.
- When the time comes, go to the safety deposit box, retrieve the private key to your stash from the storage medium, and transfer all of your savings from it. Throw the information about your stash away and under no circumstances reuse this address.
- If you have funds left over that need storage, or if you want to start the cycle from the start, create a new Bitcoin stash address and repeat the process.
Go Analog by Storing Your Private Key on a Piece of Paper
This one might seem somewhat counterintuitive. In fact, it might seem like a horrible idea. After all, weren’t we always advised not to leave our passwords on pieces of paper?
Yet when it comes to Bitcoin safety, printing out your private key and storing it in a secure place is a technique many in the crypto community swear by. Including some of our experts.
And there are good reasons for it. A piece of paper can’t get hacked and cannot fall victim to a computer virus. As long as you store it in a safe place and have a backup in a safety deposit box somewhere, there’s very little that could go wrong. And even if someone finds your private key, it’s useless to them unless they also know the public address the key belongs to. Keep those two separate, and your BTC will be quite secure.
Invest in a Hardware Wallet
Getting a hardware wallet is a simple and easy way to instantly ensure the safety of your Bitcoin.
Hardware wallets are stand-alone devices that plug into your computer via USB. They hold your private key in a safe manner and are used to authorize transactions without giving away your private key to your system. Unlike a software wallet, a flash drive, or a phone, they do not allow any program or user to read data off them.
To make a transaction using a hardware wallet, you have to create it in its software and then input your PIN on the physical keys of the wallet. This means that, even if your computer has been hacked, there is very little a hacker could do to sign a transaction. And there's literally nothing they can do to steal your private key, since it never comes into direct contact with your computer.
While the other methods on this list can be implemented for free, a hardware wallet is something that requires an investment. The sums aren’t large. Most good hardware wallets, such as our experts’ favorite Ledger Nano S, can be had for under 100 USD. And when you consider that this purchase can save you from losing all your investments – getting one is a no-brainer.
To find out more, read our article about hardware wallets.