The purpose of this post is to help you understand — in 10 steps — how you can reduce, to the minimum, the chances of an attacker gaining access to your private passwords. Furthermore, you will learn how to store your keys and never lose access to your wallet(s) regardless of situation.
According to a report by CNN, hundreds of millions of dollars (in Bitcoin) have been stolen by hackers from accounts of people from all over the world. Crypto wallets are getting hacked every day and assailants are making away with people’s assets.
Furthermore, another report, this time by The Genesis Block in 2015, claims that almost 35% of the 14 million+ Bitcoin mined at the time had not been spent or accessed since 2011. The assumption is: a large percentage of that figure (4.9 million BTC) had been lost due to carelessness on the part of the owner.
The reasons why the two instances mentioned above are a present danger as regards cryptocurrency is simple. If a hacker gains access to your wallet and sends out your coins, the transaction is non-reversible and the identity of a hacker is hardly traceable. Additionally, crypto assets are secured in wallets whose IDs cannot be recovered from the parent company; once you lose it, it’s lost for life.
As a result, securing your crypto assets in the most extensive way possible is no longer optional, it is compulsory.
Due to the cost of the services listed below, this guide is most suitable for individuals with $2000 or more worth of crypto assets.
The steps are:
Purchase two Ledger Nano S.
- Install 1Password and subscribe to their “For Families” plan to automatically synchronize and store your passwords in the cloud (to remove the chance that you may lose access to the database, at least as long as you remember your master password).
- Install Authy on 2 devices (preferably a mobile phone and a laptop), and ensure that it synchronizes OTP and 2FA keys across both devices.
- Create a master password for 1Password; the longer the password, the better. The hardest passwords to crack are long sentences and/or randomly-generated characters e.g.
action-and-reaction-are-equal-and-opposite-except-on-Wednesdays
AW<VBHF%&(#@)19083T27{+?/[}BDWOKG5. - Create another master password for Authy (never use the same passwords for two websites or applications).
- If you trade cryptos, create a dedicated email to use when trading and secure it with a strong 1Password-generated password. Then secure it with OTP 2FA and store the seed key in Authy.
Do not use Google Authenticator (unlike Authy, it will not back up your seeds for you, you have to do it yourself).
Never use 2FA recovery codes (you’re vulnerable to social engineering).
Disable SMS 2FA (they can be exploited). - Register all your exchange accounts with the email address created in 6 above. Protect each account with a strong password and store it in 1Password. Further protect each account with OTP 2FA and store the key in Authy.
- Set up one of the Ledger Nano S purchased from step 1 and protect your mnemonic as follows:
Split your 24-character mnemonic into 2 parts.
Encrypt both parts with any tool of your choosing, then store the encryption keys in 1Password.
Get 4 storage services that support 2FA. Good options include Google Drive, AWS S3, GitHub (BitBucket) private repo, and Dropbox.
Enable 2FA on all four of them and store the OTP 2FA seeds in Authy.
Put one part of the encrypted mnemonic in 2 of the storage services, and the other part in the remaining 2. - Erase and restore the ledger with your mnemonic before sending any assets there to verify that everything is working.
- Take your second ledger and restore it with the same mnemonic; it will serve as a mirror image of the first one in case you lose it. Put this ledger into cold storage, somewhere you can access within a day.
And we’re done. Phew! Quite extensive, no? Well, that’s the price you have to pay to keep your cryptocurrency assets away from lurking attackers. If you follow each step precisely as stated, your assets are as safe as they are ever going to be, and except you give someone else access, no one but you will ever be able to reach them.
IMPORTANT DISCLAIMERS
Always store your coins in your ledger, never on exchanges.
Do not use your mnemonic leisurely; access it only when you absolutely need to.
Remove the key man risk: if you get fatally hurt or suffer from amnesia, your assets shouldn’t be lost forever. Choose a person you trust with your money and educate him/her on how to exchange crypto to fiat and withdraw your funds.
You can remove the third-party risk in the step above by putting the private info (e.g. your ledger’s pin code) in the custody of a lawyer/escrow/safety deposit box under orders that the other person can only access it upon your demise.
The cryptocurrency scene is starting to take off considerably, and the focus of the whole world is on it. This means that scammers will be stepping up their game in order to relieve people of their assets, and I’m sure you don’t need to be told that this is the worst possible time to lose your crypto. Therefore, it is important that you also step your game up and shore up your account security extensively.