Topic: Bitcoin / Cryptocurrency Security Best Practices (Read 346 times)

I didn't create this post, rather thought it to be a solid write up for a complete beginner like myself.

If you would be kind enough to share these resources you mentioned, I would be highly appreciative.

I have my bitcoins on blockchain.info, and I consider that site very secure. That site requires email confirmation on any new device, and I use two factor authentication on my email account. I also use two factor authentication on blockchain.info. As a golden rule, if two factor authentication is avaliable, use it!

In general: Keep your PC/laptop clean with a good antivirus. If you are bagholding for the long term then use either a hardware wallet or a completely offline wallet such as paper wallets or simply another computer kept offline.

Usually though for small amounts, storing your coins in electrum will do the trick.

To secure my accounts, I save my private keys and passwords offline with an encrypted paasword in winrar archiver. To make sure it can't be easily hacked by someone.

My golden rule is never to store loads of coins in any online wallet or exchange. We do not know how secure these services are and for this reason, we should not store large amounts of coins there. I like to store small amounts of coin on several paper wallets. It is easy to sweep a small amount of coins into these services, when you need it.

I also have a hardware wallet handy, if I quickly need to buy something or pay for a service. ^smile^

Always have 100% control over your private keys. Do not share this information with third party services.

it is a long wall of text you made on steemit which is mostly repetition of the obvious. i saw at least 3 times you repeated the thing about private keys and if you don't hold it....

as secure bitcoin wallet you introduce "samouraiwallet" which i have never even heard of before you wall of text!

as the hashes, you said check the MD5,... and with an online wallet. first it is not wise to use a website for these things, second checking hashes is not enough. you must verify the signature of the downloaded file versus the public key of the developer signing the binaries.

i didn't really go through it all, just quick scroll though. an i assure you nobody will read these types of "walls of text" just to learn something that can be found and learned much easier through better sources.

This is one bit of wisdom to keep in mind. Security begins with you and what you choose to share with those around you.

Be paranoid. Assume compromises have happened. Be vigilant. Be smart. Do not be greedy. Use good technology. Have a process in place for you handle your coin. And while it's important to maintain privacy, don't be the only person who knows what's going on.

And if there's something keeping you up at night or a lingering thought about a risk, it's worth getting it taken care of. Figure out a way to mitigate the risk.

One thing I can't stress enough is - write down all your passwords / phrase codes / google authenticator IDs and never ever store it anywhere digital. 2FA is a must as well - just like everyones saying..

Be paranoid.
Assume if it can be compromised it is compromised.
Be vigilant.
Be smart.
Learn a lot, read about security etc.

Good Article. In my opinion that's why a lot of hacking events happened lately are because of:
two errors, first is the human error or the account holder , second is the human error on the system creator, there are lot of system creator that has a very weak security features that makes this accounts vulnerable to hacking, some sites may have a strong security features yet produce human error because if the strong security features, to solve this, System makers should have a solution to maintain the easiness of recalling the passwords for their secure system.
2FA can be a good example and the best example is the phrases or seed that easily to be memorized or to keep.

You have to think also that there are some Two Factor Authentication that's useless, hitbtc is one of them, the security of this exchange is too weak almost week by week there are  new reports for from a hacked accounts of the exchange.
To secure your funds don't use an exchange that has weak security, like I mentioned. Regarding to wallets don't use any web wallets lexcept blockchain.info coz they have some advantage also, just backup the recovery phrase so you're safe all the time.

it is always good to have a back up, however everything is hackable spending some time with internet that connects your cold storage to the network might rise some doubts that your holdingBTC is at risk.

you will only find yourself transferring bitcoin every now and then and will repeat the same process over and over.

Unfortunately, 2FA does not protect against a 3rd party organization going down for whatever reason. Name me one company that as been in the crpyto business for more than 5 years? There are very few. Most of them, no matter how large end up failing. It is just the simple reality.

Excellent publication almost all the practices here exposed were very high level, sincerely I knew some of them but here are explained all the techniques possible with great detail, the practice that I liked most it was the second phone nobody knows.

I think there are other threads regarding this which teach on what are the best things or practices to do to safe guard the wallet. Well, anyway from what i have read and from what i am doing. First is you have to make backups and do not just put your bitcoin into one wallet, as the saying goes do not put the egg in one basket, it is also applicable to bitcoin. One wallet gets destroyed or stolen then there goes all the coins, never tell your password to anyone, or if you think you might be having an amnesia soon then write down the password or the phrase and hide it, tell the person who you trust the most that you may need that soon, don't tell them what it is for though, or you can if in case of emergency then someone knows what it is for and someone can use it. Third do not divulge any information on the web, if you feel the need that you have to, then better check first if the site is legit or not, if there is not much information about that on the net then just avoid it. Research will be your best weapon. Fourth is that you do not show off, never tell people or show people the amount of bitcoin that you have, you are just attracting fire. Im sure there is more you can do the research about it. Just avoid scam sites. if it is too good to be true, avoid it. do not believe a thing they will say.

You should learn about the different types of services designed to keep your balance online. Many online exchange places and wallets have experienced security flaws. Generally they still do not provide certainty and security that exist for use as a storage like a bank. Instead, you can use other Bitcoin Wallet services. If not, you should choose this type of service carefully. In addition, it is highly recommended to select services that use two-factor authentication.

One of the best practice in terms of securing your email account or your wallet is to setup a Two Factor Authentication, a code that is needed to login into your account besides your own password that will be sent through text message to your mobile phone, email address etc. another thing is when your copying your private keys don't save it online or in notepad, write it on a piece of paper.

I would love to read up more on how to secure your bags (in general).

Best practices to:
Protect your wallet / private keys
Protect your email / exchange account from getting hacked
etc.

Here's a great article I found and would like to read more similar to it.

https://steemit.com/bitcoin/@notsofast/4-ways-to-secure-your-bags-bitcoin-altcoins-cryptoasset-tokens-whatever-a-notsofast-security-primer

Any suggestions?