Basics of Security
If you are getting into bitcoin and other crypto, you'll need to get at least a basic understanding of security of your system. As the holder of your money, it is up to you, and you alone, to properly secure your private information. As an analogy, consider if you had a bar of gold to store your money. You'll need to secure it, ensuring others cannot access it.
At a minimum, cryptocoins have the following properties you need to consider:
- If you lose your crypto, there is no central authority to argue for your money back (as opposed to a bank, where you can often make a complaint).
- If you lose your private key, then nobody can access your crypto ever again. Thousands of bitcoins are already lost forever due to this.
- If anyone has your private key, they can move your money, acting as if you did. You won't be able to prove they moved the money either.
Due to these issues, you need to take security seriously.
Here is rule #1: Your private key is private. In retrospect, this seems obvious, but it is worth keeping in mind. If you save your private key to your online email, then its possible the owner of the online email can access your crypto (including any hackers who break into that email). If you give it to a friend to keep safe, they have access to your coin. If you use a software wallet, and there is a security issue with the software, your private key may be stolen.
What can you do? Store it in a password encrypted file, remember the password, and make it a secure password. If your password is a 24 word key, you may choose to keep the words, and their order, in different locations.
Rule #2 is to keep your device protected. If you run a mobile wallet, and get malware on your mobile, attackers may be able to access your crypto. If you run a software wallet and you get malware, the same thing can happen. Due to this, be very careful when you are accessing the internet or your email on a device that includes your wallet. The best strategy is to use a different computer or device for storing your bitcoin (preferably one that never touches the internet), than you use for general internet browsing or email. If you do download cracked software or pirated movies, ensure that you never use the same computer for storing your crypto.
Rule #3 is to use encryption whereever it is possible. Every major operating system has a method of encrypting the hard drive of your computer. Depending on the method, you may need to enter a password when your computer starts to access your coin. Sell or trash the hard drive without encryting it is like putting your bitcoin in a bin and hoping nobody goes through the trash. Many people buy old hard drives from trading sites (like Craigslist or eBay) and go through them, looking for private data.
Rule #4 is to follow security tips from software, and seek assistance if you do not understand a step. If a wallet advises you to perform a specific action to secure your wallet, you should (generally) do it. Take as many precautions as possible. That said, if you don't understand the step, check with a local expert first. Most cities around the world are starting to have bitcoin/crypto meetups and you can probably find someone with technical skills to help. (Just don't pass out your private key.)
Rule #5 is to take notes. Some security measures are hard, and your setup is likely to be unique to you. If you have a certain procedure for accessing your coin, make sure to take a note of how to do it. Write down everything except for your private key in a procedure. Keep your private key separate though! The last thing you want is to not be able to access your coin because you forgot how to do it.
Remember, if you get hacked or your private key is leaked, there is no method to claim back your lost crypto, there are no central authorities to complain to, and it would also be quite hard to prove who actually stole your coin. It's lost.
Take your security seriously