Wash your hands, keep your passwords safeโโโhygiene in 2017
Password storage and computer โhygieneโ are critical for security, especially in the blockchain world. Here are a few pointers to keeping your system secure.
Computer security is a big deal at the best of times, but in the crypto world the safety of your funds absolutely depends on it. If a hacker manages to gain access to your wallet or exchange account and withdraws funds, youโll almost certainly never see them again.
Password security
Itโs amazing how many people still choose weak passwords. Itโs phenomenally easy for a hacker to try a long list of popular passwords or combinations of characters, and the more predictable elements there are in it, the easier it is to guess it correctly. Make sure the safety of your funds doesnโt rely on a string of characters that includes your name or date of birth orโโโworse stillโโโsomething like โqwerty123โ, โabc123โ or โpasswordโ (all surprisingly common). One incident from a few years shows that even people who should know better choose weak passwords: the vice president of Intel had his account hacked. His password? โPre$identโ. Aspirational and, at the same time, remarkably dumb.
Blockchain security
In the crypto world, security goes far beyond your choice of password itselfโโโthat should be entry-level stuff. You can find up-to-date guidance on how to create a strong password on the web, and the requirements differ from site to site, but as a minimum you should create a string of alphanumeric characters that does not resemble a word.
But itโs not just the nature of the password: itโs how you use it. Specifically, you should not be reusing passwords. The risk is that if a hacker acquires a password for one service, poor practice on your part could mean that many other doors are open to him. In particular, be careful about using the same password for your email account that you use for the services you sign up to with that email address. Most exchanges will send a notification and approval email on withdrawal, if you donโt have a separate form of 2FA activated (which you should, assuming itโs available). That security mechanism counts for nothing if a hacker gains access to your exchange password, only to find that Christmas has come early and he can use the same password to approve his theft.
Online money
The rise of online banking and electronic transactions has brought with it an appreciation for basic security. Identity theft and fraudulent card transactions are part of this landscape, and banks do everything they can to avoid the associated costs. That means imposing security requirements on customersโโโthe right kind of password, 2FA and so on. But the reality is that, unless the theft of funds is down to absolute negligence or dishonesty on the part of the customer, the bank will pay for it. Where possible they will reverse a transaction, and if this is not possible they will absorb the costs themselves. Commercial bank money (which accounts for the vast majority of money) is centralised, and customers get the advantages of that as well as the downsides.
Electronic money 2.0
Unfortunately, it can be easy to carry that reassurance over to the world of blockchain money. But there is no central authority, and responsibility for your funds rests with you alone. There have been countless occasions on which a crypto wallet has been emptiedโโโsometimes of millions of dollarsโโโbecause a PC has a keylogger installed, or passwords have been saved, unencrypted, in the cloud.
If you own a significant amount of crypto, you must use cold storage, or reliable multi-sig (the recent Parity bug shows how important it is to audit code properly). You can find instructions for how to create really cold storage here. Should you ever access a cold wallet, consider it โwarmโ again, and move funds somewhere colder! It doesnโt matter how low you think the risk of theft is: if it happens to you, itโs 100%, and by then itโs too late. Better safe than sorry.
Key storage
Where you keep your crypto keys is important, too. Your average burglar probably wonโt know what to do with a QR code for a cold wallet, but why take the risk? Besides, you also have to protect against loss or damage. Plus, in the event of your death, you should leave instructions for your loved ones about how to access the crypto funds. A safety deposit box is a good option, or preferably two. You can keep keys in a safe on the premises too, of course. The only problem is that should anyone find out theyโre there, and deem the sums of money involved worth the trouble, youโre at risk of what experts term rubber hose cryptanalysisโฆ
Website https://chronobank.io/
Twitter https://twitter.com/ChronobankNews
Facebook https://www.facebook.com/ChronoBank.io/
Telegram https://telegram.me/chronobank
Slack https://chronobank.herokuapp.com
