The one question I keep hearing over and over again irrespective of gatherings as small as casual meet ups over coffee or as large as weddings – Have you Invested in Bitcoin yet?
It doesn’t just stop there. Cryptocurrencies like Ethereum and Litecoin are instant follow ups in such conversations.
The whole world seems to be driven towards the financial revolution that Satoshi Nakamoto (the alleged founder of Bitcoin) once dreamt of. But as we gear up for this exodus from fiat money to virtual currencies, we need to really halt and introspect – how much do we understand about the world of cryptos?
On one hand, it goes without saying that investments can be highly lucrative, but on the other, you can end up losing all your funds overnight, even when the market is at a high.
Sounds abrupt, doesn’t it?
Security is a majorly growing concern that the cryptocurrency community faces today. The brave new wave of hackers, malware, ransomware and scams has converted the virtual world into a war zone that is brimming with financial threats.
The scenario is simple in essence. If you don’t know what you are doing, you’re leaving your money on the table.
This blog aims to bridge the knowledge gap between cryptocurrency security and what is required to invest responsibly in these tokens. Here are some crucial weapons that you need to have in your arsenal before you begin flashing around your hard earned money on the crypto trading platforms!
Security Guide for Crypto Baby Boomers:
1. Password Manager
Security starts and ends at passwords. Since there are a lot of cryptocurrencies that one can choose to invest in, you might also end up using multiple wallets at the same time. I use no less than four wallets and exchanges to play in the virtual token market.
Why do I have multiple sources to invest in the same commodities? That is because it gives me a range of rates and hence, a chance to go for the best ones. People also use multiple exchanges to earn through positions of arbitrage, that is, making profits through the price difference of tokens at different exchanges.
Whatever may be your reason, managing multiple accounts means having multiple passwords. You just cannot have the same password for all accounts. That is a rookie mistake even a 10-year-old won’t make in today’s day and age.
Additionally, the need to remember multiple passwords may cause one of them to slip through your mind. Consider the case of Mark Fraunfelder from Wired who lost $30,000 worth of Bitcoins when he forgot the password to his wallet!
It is situations like these where a password manager comes into the picture. It requires you to remember only a single password – known as the master password. All other passwords are randomly generated, are strong in nature, and hence, highly secure. They can even be changed in an instance in case your wallet or exchange has been subjected to data theft via a cyber attack. More over, your data is encrypted and only you can access it with your master password.
You can go with Dashlane here, since it is a powerful choice for the purpose. It integrates with your browser to enter passwords directly on websites with the click of a button. They also offer iOS and Android app and all your passwords are in sync. Of all the password managers I have tried over the past couple of years, Dashlane clearly stands out.
After installing Dashlane, you can also import existing passwords from your browser. Another cool feature of Dashlane is secure notes storage. Since a lot of crypto websites require us to copy-paste the private key for login (which is not the best thing to do but we have limited options for now), you can store those on Dashlane instead of using Evernote or Google Docs. There are few other features that make this app worth having. However, I’d let you find it out yourself.
2. Two Factor Authentication
Although having a strong password is a must, it may not prove to be enough in the case of sophisticated cyber attacks such as Brute Force.
Two-Factor Authentication (2FA) helps combat such scenarios by adding another layer of security to the login process. The act of entering the password is clubbed with a piece of information that only the user would have. This can range from a token number that they can see on their smartphones or a one-time password (OTP) sent to their email.
This makes it much harder for potential attackers to steal your data since they also need to have physical access to your smartphone or login details to your email address.
There are 3 types of authentication factors that can be used:
- Knowledge Factors: Something that is known only to the user (assuming he/she has not shared it with someone else). These can include a password, PIN or an answer to a secret question.
- Possession Factors: Something that is physically present with the user, such as an ID card, smartphone, or a token number.
- Biometric Factors: Something that the user is. Also known as Inherence Factors, these are personal attributes that are unique to the user such as a fingerprint, face or voice. It can also include behavioral patterns such as keystroke dynamics.
You can also watch this video to gain a deeper insight.
Here’s how you can implement Two-Factor Authentication or 2FA with the help of Google Authenticator. Follow these steps:
- Log in to your cryptocurrency wallet or exchange account and enable two-factor authentication from the respective option in settings.
- Download the app ‘Google Authenticator’ on your smartphone from Google Play or the App Store.
- Launch the app and click on the Red Plus sign at the bottom right corner.
- Choose from the option of scanning barcode or manually entering a provided key. Select the appropriate option that is in tandem with the option you see on the website of the wallet or exchange.
- Enter the 6 digit token number that you see in the app on the exchange/wallet’s website or app.
- 2FA Authentication has now been set up for your account. Follow this procedure every time you log in.
3. Cryptonite Google Chrome Extension
If you are not aware of phishing websites yet, it is time you do your homework.
A Phishing Website, also known as a Spoofed Website, is a fake website that tricks you into believing that you are on a legitimate website. It has all the features of the website that you intended to visit, including the design and the login feature.
Do you see where I am going with this? I hope you do!
As soon as you attempt to log in to such websites, you are handing out sensitive information to cybercriminals on a platter. Same is the case when you visit fake social media accounts of acclaimed wallets, exchanges or cryptocurrency experts.
A dedicated Google Chrome extension known as Cryptonite can give you round the clock protection from such fraudulent websites. It comes with a MetaCert icon that is installed on the browser’s toolbar and turns from black to green every time you visit an authentic cryptocurrency website or social media account that has been verified by MetaCert. This gives you complete peace of mind and saves you the trouble of conducting the background check yourself.
In case the icon does not turn green, this indicates that the particular website or social media account does not exist in the database of Cryptonite and hence, you should be extremely wary of proceeding any further.
This extension is highly secure and reliable to use since it has been developed by the same set of engineers who developed the official Google Chrome extensions for Yahoo, Paypal, eBay and Google.
One important point to note here is that this extension works only for cryptocurrency related websites and social media accounts. Any regular website would not trigger the icon. On the other hand, it also maintains a database of known phishing websites and automatically blocks them.
All these features make it a one of a kind and dedicated browser extension that is a must-have for both newbies and experienced cryptocurrency enthusiasts.
Here is a quick demo on how you can install and use this extension:
4. Adblocker chrome extensions
Do you know about Segwit 2X, the proposed hard fork which gathered momentum back in November but was eventually canceled?
I recently saw an advert which claimed that the fork is being resumed and will take place on Dec 28, 2017. Like any other crypto investor who understands the market, I expected large investments in Bitcoin to follow the news since the hard fork would create a new virtual token which would be handed out for free to bitcoin holders at the block where the Blockchain splits, just like at the time of Bitcoin Cash.
Excited about the news, I jumped at the opportunity and invested some of my savings in Bitcoin.
What’s the takeaway? The news turned out to be fake and a paid PR stunt from a team of random developers. Even if they succeeded at creating a new token, the whole exercise eventually felt like a huge sham, especially with mainstream media not covering it.
I lost 16% of my investment within a couple of days.
What does this tell you? There are a lot of scams going on out there and you need to close the doors on them as soon as possible. One wrong click or misleading trading information can cost you a huge chunk of your investment overnight.
The Internet is full of fishy advertisements and this makes it mandatory to install an Adblocker on your browser. You are bound to see unending adverts related to bitcoin investments and wallet sign-ups if your browsing history consists of visits to authentic online cryptocurrency resources.
The Adguard Adblocker is one of the most highly rated Google Chrome extensions that can be used for the purpose. It works not only with search engines, but also blocks advertisements on social media platforms and YouTube.
Thus, this gives you a higher sense of security as well as a better user experience.
If you want to level up your security, you can switch your browser and start using the Brave browser.
Brave is one of the most reputed browsers that respects our privacy. It comes in-built with adblocker, HTTPS everywhere and few other features that make it the best for your cryptocurrencies related activities.
5. VPN or Tor Browser for staying anonymous
So far you have learned about password management, saving yourself from trackers, ads and phishing sites. Now, the next and most important thing is securing your IP. Even the smartest of people don’t really focus on this and becomes a victim of a smart hacker. Your IP address is one of the first things a hacker will require when trying to hack your system. Using a tool to hide or randomize your I.P is one of the best things you could do for yourself, especially for people like us who travel a lot and use public wi-fi to connect to the Internet. Using a VPN or Tor browser will help you hide the websites you are browsing. This way, you stay safe from the preying eyes of a hacker who is perpetually on the look out for ignorant crypto users.
Tor is the best browser/network in the world when it comes to maintaining anonymity on the Internet. While a Virtual Private Network also does a satisfactory job of hiding your IP address, the VPN provider knows your IP address at the end of the day and can point to your Internet traffic on the VPN Server.
Tor, however, takes the game to a different level altogether. It routes your signal through a number of nodes. Each node knows the IP address of only the adjacent nodes. Hence, at no point can someone exploit the details of the whole chain and reach your IP address.
Let’s look at a complete comparison between TOR and VPN in the table below which will help you make the correct choice as per your requirements:
Although transactions on the blockchain are anonymous, the IP address of the computer through which the transactions are carried out can give away your details. VPN or Tor helps combat this by masking your IP Address and making you completely anonymous on the Internet.
You can visit the official website of Tor here to download the browser package.
If you are looking for a reliable VPN, NordVPN is a great option to go for.
6. Hardware Wallet for storing cryptos
If you have been using built-in wallets provided by cryptocurrency trading platforms and exchanges, you are making a grave mistake. Such wallets are always susceptible to cyber attacks.
Take the recent breach of the popular cryptocurrency wallet NiceHash, where cyber thieves stole $63 million dollars worth of Bitcoins in a single heist! And there was nothing that their users could do apart from watching their investments vanish within seconds.
First things first – let’s look at the basics.
There are mainly two types of crypto wallets:
- Hot Wallets
- Cold Wallets
The wallets on crypto exchanges and trading platforms are the hot ones. Although they are easy to transact with, they are also highly insecure and you don’t have access to your private key. If that exchange gets hacked or they decide to shut down, you lose all your crypto assets stored on that particular exchange.
What makes me say so? Statistics!
The total value of cryptocurrency hacks and fails as of January 1st, 2018 stands at a staggering $1 billion in valuation.
I’m sure you don’t want your cryptocurrency portfolio to add to this mayhem.
Cold wallets come to your rescue here as they are not connected to the Internet. And something that cannot be marked on the map cannot be stolen.
Although there are different types of cold wallets, hardware wallets are the most popular ones. A hardware wallet is a tangible physical device that is kept offline but can be connected to the Internet and used whenever needed. They are completely hack-proof since each transaction requires you to press a button on the device. I have never heard of a hardware wallet being hacked.
If you are looking out for the best hardware wallet, Ledger Nano S is the most popular choice in the market. It supports multiple currencies such as Bitcoin, Ethereum, Dogecoin, Ripple, Litecoin, Dash, New, Ethereum Classic, Zcash and few others. You can see the complete list here.
The device is known to be completely tamper-free and water-proof, and also comes with a sturdy design. It uses some powerful cryptography standards to give you round-the-clock protection.
You can also check out our resource on the best Bitcoin wallets to make a more informed decision.
- Read: Why Should You Order 2 Or More Hardware Wallets At The Same Time?
- Security Risks of Mobile, Web & Desktop Bitcoin Wallets [Must Know]
7. Anti Virus
Let’s wrap up the post with the basics – using an antivirus! You will be surprised to know how undervalued this step is among traders.
As discussed earlier, the virtual world is plagued with powerful malware and ransomware that can steal your coins before you know it. Even a basic key logger can track your keystrokes and figure out the password to your email or cryptocurrency wallets.
Thus, having a proven antivirus to back you up can do more than just saving your portfolio. It can protect you from an entire identity theft altogether.
When it comes to the volatile market of cryptocurrencies, mere investments are not enough, however ingenious they seem to be. You have to be smart. It makes no sense to build a pile of fortune if it can be taken away in a second, literally.
The future of cryptocurrencies is brighter than the sun and the tale is just getting started. This is the perfect time to get into the market and an opportunity that, if missed, can render you remorseful for the rest of your life.
After all, in the words of Bill Gates, “The future of money is digital currency.”
Harsh Agrawal is the Crypto exchange and bots expert for CoinSutra. He founded CoinSutra in 2016, and one of the industry’s most regarded professional blogger in the fin-tech space.
An award-winning blogger with a track record of 10+ years. He has a background in both finance and technology and holds professional qualifications in Information technology.
An international speaker and author who loves blockchain and crypto world.
After discovering about decentralized finance and with his background of Information technology, he made his mission to help others learn and get started with it via CoinSutra.
Join us via email and social channels to get the latest updates straight to your inbox.