Cryptocurrency like bitcoin and ether are lines of code on a server. Since crypto is fully digital and there are no physical assets, protecting it requires some technical know-how. Where you store your digital currency and how it could be susceptible to hacks are important to understand.
We’ll walk you through the different types of crypto wallets and a few helpful security fundamentals. Here’s what you need to know to keep your cryptocurrency safe.
Using exchange default wallets is risky
Many newcomers buy cryptocurrency from an exchange, such as Coinbase or Kraken, and leave their holdings in those sites’ “custodial” wallets. But like any other online entity, exchanges are vulnerable to hacking — and as the crossroads for many billions of dollars of transactions every day, they make for particularly attractive targets.
The cautionary tales of Mt. Gox, which “lost” 750,000 of its customers’ bitcoins in 2014; NiceHash, which was robbed of $60 million in December 2017; and a close call at Binance in 2018 show the risks associated with leaving your coins in an exchange’s online wallet.
Cold storage vs. hot wallets
Conventional wisdom dictates that if you’ve got more virtual currency than you’d be comfortable carrying around on your person, or you intend to hold it as a long-term investment, you should keep it in “cold storage.” This could be a computer that’s disconnected from the internet or a specialized USB drive called a hardware wallet.
Dedicating a computer to store your cryptocurrency or shelling out for a hardware wallet isn’t an option for everyone, however. Well known devices such as the Trezor and Ledger cost between $120 and $220 and, by design, add complexity and a few extra steps to every transaction. Software wallets, by contrast, are usually free and easily accessed though, ultimately, less secure.
Three kinds of software wallets
A cryptocurrency wallet’s primary function is to store the public and private keys you need to conduct a transaction on the blockchain. Many also offer features such as integrated currency swapping. Software wallets can be roughly divided into three kinds: desktop, online and mobile. These categories overlap, as many software wallets can function across devices. Each type offers a different combination of convenience and security.
- Mobile app wallets are optimized for retail transactions — that is, paying for stuff with bitcoin or another cryptocurrency. But because your encryption keys are stored on your phone, you lose your coins if you lose your device. But if you keep your private keys in a safe place, you may be able to restore your wallet on a different device, depending on the type of mobile crypto wallet you use. You thought it was a bummer to leave your phone in a taxi? Imagine how bad it will be if it has thousands of dollars of cryptocurrency locked on it.
- Desktop wallets are software you install on your computer. They give you lots of control over your assets but, if connected to the internet, remain vulnerable. A malware infection, the remote takeover of your computer or — even if you’re not online — a hard-drive failure could be a catastrophe. So make sure to keep track of your private keys and store them in a secure place.
- Online wallets are hosted on a server, typically one controlled by a cryptocurrency exchange. This makes them convenient because they’re accessible from any internet-connected device. The downside: Your private keys are usually known to the website owner. This is known as a custodial wallet, where someone else has access to the private keys and keeps them for you. So you’re trusting the company that controls the keys to your wallet. And, from a technical perspective, there’s not much to stop them from simply taking your coins.
Security fundamentals
Whether you choose a hardware, software or paper wallet to manage your passwords and private keys, there are a handful of tips you can follow to keep your stash safer. These include:
- Be cautious of any online service — any device connected to the internet is vulnerable
- Encrypt your wallet with a strong password
- Use a hardware wallet that’s disconnected from the internet, when possible
- Regularly back up your wallet and store your backups in multiple locations
- Use multisignature security, which helps maintain control of your coins even if one of your devices is compromised
- Generate, write down and hide your wallet’s mnemonic seed — a group of words you can use to restore your wallet in the event of a hardware failure
- Don’t share private keys or passwords
- Be aware: if something seems too good to be true, it may be a scam