Keeping Your Money Safe In A Crypto Wallet: Here's What You Need To Know

The decision of where to store your crypto assets is as important (if not more) than which cryptocurrency you decide to hold. There are a myriad of cryptocurrency wallets on the market – some safe and some not so safe. Unfortunately, it can be difficult to tell which is which, and much of this safety is reliant on exactly how you choose to store your private keys which are required in order to spend funds from the wallet. 

In recent years, hacking has become a real threat, with cyber thieves finding sophisticated ways to circumnavigate safety measures put in place by wallet owners. The most recent hack, at the time of writing this, was performed by the notorious BlueNoroff Threat Group. The advanced persistent threat group (APT) used malware, in the form of a fake MetaMask extension, to trace and withdraw cryptocurrency from the wallets of small to medium-sized businesses. And let’s not forget the Ledger wallet data leak that took place in July 2021, where 270,000 of the hardware wallet’s customers’ details were compromised and exposed to scammers. 

To get an even better idea of how many crypto wallets are vulnerable each week, look no further than the innumerable Reddit threads, where you’ll see the devastating entries from individuals whose coins have been stolen. 

To keep your money safe in a crypto wallet and decrease the odds of becoming the next victim of a cryptocurrency hack, there are a few things you need to know. 

Trusting an exchange to hold your keys is not always the best idea

The majority of cryptocurrency wallets make use of public and private keys to facilitate transactions. Keeping your crypto safe in an exchange-connected wallet depends greatly on the safety and accessibility of your public and private keys. If you don’t want the responsibility associated with holding your own private keys, there’s an increased risk to putting all your trust into the exchange. If you don’t hold your private keys, do you really own your coins? Not having control of your private keys is the equivalent to giving your neighbor your cash savings to store in his home safe, but if thieves come in and crack his safe, you lose all your money. In essence, you are outsourcing security for your digital assets to a third party.

Storing your own private keys, as opposed to leaving them in the hands of the exchange, ensures that you have control over your crypto assets. However, finding an exchange that allows you to do this is almost near impossible, since exchanges will control the keys to their custodial wallets where they hold customer funds. So, if you prefer to store your crypto in an exchange wallet, which is the easiest and most convenient option for most “newbie” investors, you’ll need to do your research in order to find a highly secure exchange wallet. 

The key to recognizing a secure exchange wallet is paying attention to where the funds are stored. If users’ assets are stored in an offline cold wallet, the risk of funds being stolen is significantly reduced. Another indicator of a secure exchange wallet is whether they allow users to utilize weak passwords. An exchange that takes its users’ security seriously will ensure that only strong passwords are permitted, and will also insist that users set up two-factor authentication (2FA) where both a password and one-time security code are generated.

Utilizing a non-custodial wallet can offer high protection against hackers 

A non-custodial crypto wallet gives the user the ability to be their own bank. With this type of wallet, users have ownership of their private keys, giving them complete access and control of their funds without any third-party authorization. This method of cryptocurrency storage puts the responsibility of safeguarding directly into the hands of the investor. The best of these wallets can be app-based or purpose-specific hardware wallets.

The private keys themselves which are required to spend wallet funds are typically presented to the user upon wallet setup as a list of 12 words and an optional passphrase that must be stored in secret. This is based on a common standard called BIP44/39 and any wallet adhering to that standard, can be used to regenerate your wallet and all your transactions. Anyone possessing these words (and the optional passphrase) will be able to regenerate that wallet and spend those funds.

This kind of wallet is virtually impossible to hack, as long as the owner of the wallet keeps their passwords safe. In other words, your wallet is only as safe as your ability to protect your private keys. If there’s a measure of risk attached to every wallet, what are the cons of a non-custodial wallet? In this case, you are the risk. According to cryptocurrency data firm Chainalysis, around 20 percent of the existing 18.5 million Bitcoin — currently worth around $140 billion — appears to be in lost or otherwise stranded wallets. In essence, the safety of your fund is dependent on your memory, or lack thereof. There are also instances where individuals have written their private keys on a piece of paper or stored it on their phone, only to have someone find it and steal their digital assets.

The best way to keep your private key safe would be to save it onto a couple of encrypted flash drives that are in separate locations, in case one is lost or fails. Never rely on a single place or one piece of computer hardware to store your keys. You should also use a dedicated password manager such as Bitwarden or Lastpass to hold the encrypted passphrase. Also, always use a wallet that supports BIP39 passphrase and be sure to set a secure passphrase when creating the wallet, making sure to keep the passphrase separate from the wallet words, and remembering that this passphrase cannot be recovered. To be clear, if your wallet is lost or stolen or is reset as part of a firmware update and you lose either your wallet words or your passphrase, then all your funds will be lost

Ignoring the minor risk associated with hardware wallets could cost you 

Widely known within the cryptocurrency space as the safest wallet option, storing your assets in a hardware or offline wallet comes with minimal to no risk at all. However, an increasing number of fake and corrupt versions of these are being sold to unsuspecting customers. 

Having caught on that investors who are holding a substantial amount of digital assets are the most likely to use these types — often referred to as cold wallets — scammers have been selling fake devices to steal millions of dollars in cryptocurrency. In 2018, it was reported that a British man’s life savings were stolen, following the purchase of a Nano Ledger hardware wallet from a seller on eBay. The wallet had been tampered with and resulted in an illegal withdrawal of $34,000 in Bitcoin BTC/USD

Make sure to purchase your hardware wallet directly from the manufacturer, and do the research to be sure that the manufacturer has an excellent track record. 

Additionally, once you’ve purchased a secure hardware wallet, failing to pay attention to all the activity that takes place on it could result in your crypto storage device being emptied by scammers. A single transaction that you don’t pay attention to could be the one that drains all of your funds. Besides storing your keys, the purpose of owning a hardware wallet is that it allows you to make sure that the number of assets you are sending as well as the address that you’re transferring the funds to is correct. Pay close attention to the details on the tiny screen on all hardware wallet devices, making sure that every single transaction you make is accurate.

Traveling with a hardware wallet is extremely dangerous

Keeping crypto assets close at hand might seem like the smart thing to do, especially when traveling. However, carrying a hardware wallet with you while on a trip can be extremely dangerous. If you’re spotted with one, criminals may assume you are carrying a lot of crypto on it, and have in many cases kidnapped and held people up until they revealed their PIN and password. All hardware wallets allow for the creation of multiple ‘hidden’ wallets by using BIP39 passphrases. To keep your assets safe, use this feature to make one or more ‘dummy wallets’ containing some funds. That way, if you find yourself in trouble, you can unlock the wallet to reveal a small amount of funds. 

Thanks to modern cryptography, there is no way for criminals to prove a hidden wallet has ever been set up, so this is indeed a useful feature, but it is better to take care and never travel with your hardware wallet unless you absolutely have to. 

Weigh your options when choosing a wallet

When choosing a crypto wallet, you have to take into account your lifestyle, tech know-how, and your appetite for risk. While most established crypto investors swear by the safety of non-custodial and hardware wallets, a new investor might find many of these very difficult to use. Custodial wallets that are connected to an exchange are rather risky, but offer an easy-to-use and secure storage solution for new crypto initiates, especially if the wallet has security features in place. The key to keeping your money safe in a crypto wallet is to understand the phrase “your keys your money; not your keys, not your money”, no matter what type of wallet you choose.

Posted In: CryptocurrencyMarketscontributorsCrypto