Important security tips for those using crypto exchanges - including how to memorise your complex password

in #cryptocurrency7 years ago (edited)

Screen Shot 2018-02-13 at 11.05.52.png

The issue of security has become more important than ever after Coincheck, one of Japan's largest cryptocurrency exchanges was infiltrated on Jan 26th and $534 million in XEM was stollen. Thankfully this particular exchange were able to re-pay all their customers, but this may not always be the case and with the rise of cryptocurrencies comes of rise of hackers and the dark side of human nature.

So the matter of security is not to be taken lightly.

Darth Vader dancing.gif

Exchanges

It is the job of each exchange to keep us safe. But with ever more advanced trickery to gain access to the millions they hold they are by no means impenetrable and it is our job to ensure that should they get hacked, we have done everything we can to protect our funds. Wouldn't it be annoying if the unthinkable happened and you knew you could have done this but didn't? I know how I would feel.

2 Factor Authentification

The first thing you will want to do when joining an exchange is enable the 2FA. You will need a 2nd device (phone or ipad) to get into your account.

two_factor_authentication.png

Before turning on 2FA, write down or print a copy of the provided password and put it in a safe place. If your phone/ipad gets lost, stolen, or erased, you will need this key to get back into your account!

Passwords

Each exchange requires a password which we get to choose unlike the automatically generated passwords of Steemit, and there are a number of important points to remember here:

  • Use a different password for each exchange

  • Never let your browser save your password

  • Don't ever log in on someone else's computer/internet cafe

  • Keep your passwords offline

  • The email account used to confirm your account is now a priority too. If the dark ones hack you they can reset your password on the exchange by going through the forgotten password procedure. You can check if your email address has ever been hacked by going to https://haveibeenpwned.com

How to choose your password

To combat bots designed to try multiple passwords per second (in the hope they will find yours) we must make our passwords long with a mixture of upper case, lower case, numbers & symbols. That is why all wallet passwords are so complicated. Long gone are the days of writing one simple word to gain access.

It has been suggested by many that the best way to store our passwords is on a USB key. Every time you want to get into your account you must plug in the key and copy/paste the password. Personally I find this method time consuming and pointless when passwords can simply be remembered.

children-thinking.jpg

How to remember your password

All you need to do is remember one word and the system described here:

Choose your word.

It can be anything you are likely to remember, a person, place or object. Perhaps something which comes to mind when you say the name of the exchange? This way you are more likely to remember what the word is when you are logging in.

For this example it will be my username samstonehill.

Substitute the following vowels for numbers:

  • A to 4
  • E to 3
  • I to 1
  • O to 0

samstonehill becomes s4mst0n3h1ll

Then capitalise the first and last letters

S4mst0n3h1lL

Add a symbol of choice

In this case we will use # and then repeat it twice

S4mst0n3h1lL#S4mst0n3h1lL#

Add the first and last letter of the exchange

This is what it would look like if the exchange were Bittrex:

S4mst0n3h1lL#S4mst0n3h1lL#bx

And there you have it!

Now you have a password which is tough to crack but easy enough to remember.


I encourage you to adjust this system to your own taste. Go with whatever feels right to you. Once you have your system you can apply it to all the other exchanges, memorising just one word for each. I suggest you write the passwords down at first and practice typing them by memory. It won't take long before you remember them, at which point you can destroy the piece of paper.

tut09.jpg

Further security

Whilst this is the safest way to store your password it means that your head holds the only key to your kingdom and should you (god forbid) die or lose your memory in an accident, your family can forget about ever getting access to that money.

Choose a trusted friend or family member to hold on to a hard copy of your passwords. And don't piss them off!

Make sure you tell your immediate family who the trusted friend is.

Don't keep your coins on the exchanges

Having told you all of the above, the safest thing you can do is not hold any of your investments sitting idle in exchanges. It won't take you long to find a wallet for each of your investments. Get them downloaded and set up. And make sure you use a strong password system in case your computer should be stollen.

There are some wallets like Exodus which hold multiple coins. It has a lovely pie chart to make you feel good about your holdings, it is simple to use and if you don't care about the high fees you can use the built in exchange mechanism (ShapeShift) enabling fast movement between coins.

Screen Shot 2018-02-13 at 21.03.39.png

For more advanced users try out the unsupported Exodus Eden which holds a bunch more than the current version. As yet I have found no bugs.

To conclude

Again, I cannot stress enough the important of security. Get a safe system in place today if you haven't already and teach others as you go.

Your computer is your bank now & you are head of security.

Now get out there and enjoy the ride!

And don't forget to keep watching the markets.

You don't want to miss that most enjoyable moment when your coin goes to the moon 🚀

Screen Shot 2018-02-13 at 10.19.57.png

Those who followed one of my rare crypto tips (known as a shill) and bought ZCL when I shilled it a week ago will be smiling at the 40% increase today. And it is not done yet...

Note of caution

Be aware that the price may drop sharply after the hardfork on the 28th of Feb, once the BTCP airdrop has been implemented. Anyone holding ZCL or BTC at the moment of the snapshot will be rewarded 1:1 with BTCP. The price is likely to drop because many people are only buying ZCL to get their hands on BTCP and once received they will look to dump it

And with the development team moving .

There are plenty more waves to catch in this ever growing crypto ocean, so you never need to feel like you missed out 🏄🏻

to the moon we fly together! 🚀 🚀 🚀

gradient banner.png

Who is @samstonehill?

He was a London based filmmaker until he sold everything and set out on a barefoot journey around the world, currently based in the south of France.

He is travelling the world with his partner & two children and with no bank account he has been living on STEEM & crypto for over nine months.

All content created for this account is 100% original (unless otherwise stated), produced by @samstonehill who invites you to use & share freely as you wish.

@samstonehill is the creator of:

@steemshop account where you can buy or sell anything you like using your steemit wallet SEE MORE

@steemmasters which provides FREE TUTORIALS, personal training & resteeming services. Website HERE
Contact me directly on steemit.chat if you want to know more about this

@steemholidays which encourages resort owners to offer holiday packages in Steem or SBD

@steemtv which aims to provide the best in decentralised films, exclusive to Steemit & DTube

The dailyquotes tag initiative designed to encourage steemians to share their most life changing quotes with the community on a daily basis.

The Aspiring Steemit Whales & Dolphins group on Facebook which seeks to help newcomers make the transition from Facebook to Steemit, providing them with detailed notes and personal assistance with their posts... resteeming them when he can.

Screen Shot 2017-09-03 at 19.44.43.png


Here is a list of Steemit Witness I have voted for & recommend you do the same:
@teamsteem @timcliff @jesta @good-karma @someguy123 @blocktrades @pfunk @klye @krnel @blueorgy @ausbitbank @thecryptodrive @ura-soul @pharesim

Without them our beloved Steemship would not fly.

Learn what this means HERE and place your vote HERE

sexy banner.png

All non original photo sources can be found by clicking on the image

Sort:  

Take what Sam says seriously, folks. If you're using an offline wallet, back that sucker up! I lost 25 Bitcoin as I could not find the data I copied off of an old desktop computer and possibly on Mt. Gox. Those Bitcoin were worth about $25 at the time, guess what they're worth now?

That would have been quite frustrating. I have heard of similar horror stories. I think we may have lost one that way but no more. Still quite a hit to the wallet even with 1 only.

Yowzer, that must have hurt. Still...all in the past now and the only way is up from here!

This is actually the best way to learn though. Am guessing your security and password system is airtight these days?

Do you have a dark brown laquer desk? Joy

Thanks for the info. We are still new to crypto and have seen some huge swings already. W are using an exchange and slowly moving them or to individual wallets as the value increases. I really like your pw memory trick, very cool. One thing to try.

Appreciate the comment. It's a trick I have been using for some time, in various different forms and so far so good with remembering everything!

Welcome to the wonderful world of crypto ;)

Thanks for sharing @samstonehill! I really have to up my game when it comes to passwords 😆

I think there are MANY people who could say the same thing. That's why I made this post ;)

After so many hacking news, the need of the hour is security. Agreed with you in the sense, we should make efforts to keep our account secure and not to just put the whole blame on the exchange where we are operating an account.
Thank you so much for sharing so much useful tips.

Thanks for reading ;)

Now many sectors are involving in online the biggest sector is banking.Now we can see many hacking in the entire world in many countries.Recently 10m USD hacking from central bank of our country.So we should more consious

Was not aware of that one. Thanks for alerting me!

This is some great advice to always have in mind, the security of our accounts should be one of our main priorities and even more so if it's about our earnings

Hope you will have a good safe 'bank' once you have lots of crypto to keep in it ;)

Coinbase asked me to scan my ID. Do you think others will follow suit?

Yes I do. It is the only way they can regulate this.