Author

Topic: [GUIDE] Bitcoin/Cryptocurrency Wallets and it's risks [UPDATED: 10/8/2018] (Read 344 times)

member
Activity: 138
Merit: 74
NotYourKeys.Org
Bump! Cleaned the whole post and polished it a bit. [UPDATED: 10/8/2018]

Thoughts?
member
Activity: 138
Merit: 74
NotYourKeys.Org
But I think ledger nano s and Trezor doesn’t support all the currencies. Am I right? I would be thankful if you could suggest how can I keep them much super  secure using myetherwallet. Regards
True. But you can use Trezor and Ledger Nano S to access your ETH and ERC20 token funds on MyEtherWallet. So I'd still prefer hardware wallets even when just using myetherwallet.

Take a look at this screenshot: https://i.imgur.com/ScBzEhZ.png

Also, you might also want to view the small guide I posted here on bitcointalk recently: Topic: [GUIDE] Keeping your crypto secure: DOs and DON'Ts
newbie
Activity: 49
Merit: 0
But I think ledger nano s and Trezor doesn’t support all the currencies. Am I right? I would be thankful if you could suggest how can I keep them much super  secure using myetherwallet. Regards
member
Activity: 138
Merit: 74
NotYourKeys.Org
Thanks for the information. It's really important to know for beginners like me. May I use various wallets as a way to keep my coin safe?
Can you specify which wallets specifically and why you plan on using "various" wallets?
Hello there, you briefed very nicely about the wallet security. I am a newbie in cryptos and holding some worthy coins at the moment. The only wallet which i hold at the moment is myetherwallet. Can you please tell me how can i make much more secure. I have a plan to hold my coins for at least 3 years. I would appreciate your time to reply me. Many thanks
Use a hardware wallet; preferrably a trezor or a ledger nano s. Especially since you're planning on holding for 3 years. Security should be a priority especially if you're holding huge amounts.
newbie
Activity: 49
Merit: 0
Hello there, you briefed very nicely about the wallet security. I am a newbie in cryptos and holding some worthy coins at the moment. The only wallet which i hold at the moment is myetherwallet. Can you please tell me how can i make much more secure. I have a plan to hold my coins for at least 3 years. I would appreciate your time to reply me. Many thanks
newbie
Activity: 26
Merit: 0
Thanks for the information. It's really important to know for beginners like me. May I use various wallets as a way to keep my coin safe?
member
Activity: 138
Merit: 74
NotYourKeys.Org
Types of bitcoin and cryptocurrency wallets.....
.... Cryptocurrency Exchanges
exchanges are not wallets! they should not be listed where you talk about "wallets".

I get what you mean. Exchanges aren't wallets, but when using your personal account on an exchange you are still given a wallet to use.  And also, I'm pretty sure a good number of people(including people I know) use exchanges as wallets.

that still is not a wallet. it is an account that you have on an exchange and they give you an address that they fully control for you to deposit so that they can hold your funds for you. this is not how a wallet should be and the fact that people use it as a wallet doesn't mean it is a wallet!

So with that logic, you mean any wallet(that doesn't give you control over your private keys) like Coinbase and Xapo got instance, doesn't fall in the "wallets" category?

Also again, the point of this topic isn't to point out which are technically wallets and which are not. It's to educate about the risks they are taking when using these services.

true. these services call themselves "wallets" but they are not a bitcoin wallet. Coinbase,... are more like banks and when you deposit your bitcoins (or any other coin) with them you are opening an account, something like a bank account.
the best term for them in my opinion is "bitcoin accounts" not "bitcoin wallets".

also i am not arguing about the point of this topic. it is a good one. i am just pointing out some stuff for clarification Smiley

Alright fair enough. Cheers.
legendary
Activity: 3472
Merit: 10611
Types of bitcoin and cryptocurrency wallets.....
.... Cryptocurrency Exchanges
exchanges are not wallets! they should not be listed where you talk about "wallets".

I get what you mean. Exchanges aren't wallets, but when using your personal account on an exchange you are still given a wallet to use.  And also, I'm pretty sure a good number of people(including people I know) use exchanges as wallets.

that still is not a wallet. it is an account that you have on an exchange and they give you an address that they fully control for you to deposit so that they can hold your funds for you. this is not how a wallet should be and the fact that people use it as a wallet doesn't mean it is a wallet!

So with that logic, you mean any wallet(that doesn't give you control over your private keys) like Coinbase and Xapo got instance, doesn't fall in the "wallets" category?

Also again, the point of this topic isn't to point out which are technically wallets and which are not. It's to educate about the risks they are taking when using these services.

true. these services call themselves "wallets" but they are not a bitcoin wallet. Coinbase,... are more like banks and when you deposit your bitcoins (or any other coin) with them you are opening an account, something like a bank account.
the best term for them in my opinion is "bitcoin accounts" not "bitcoin wallets".

also i am not arguing about the point of this topic. it is a good one. i am just pointing out some stuff for clarification Smiley
member
Activity: 138
Merit: 74
NotYourKeys.Org
Types of bitcoin and cryptocurrency wallets.....
.... Cryptocurrency Exchanges
exchanges are not wallets! they should not be listed where you talk about "wallets".

I get what you mean. Exchanges aren't wallets, but when using your personal account on an exchange you are still given a wallet to use.  And also, I'm pretty sure a good number of people(including people I know) use exchanges as wallets.

that still is not a wallet. it is an account that you have on an exchange and they give you an address that they fully control for you to deposit so that they can hold your funds for you. this is not how a wallet should be and the fact that people use it as a wallet doesn't mean it is a wallet!

So with that logic, you mean any wallet(that doesn't give you control over your private keys) like Coinbase and Xapo got instance, doesn't fall in the "wallets" category?

Also again, the point of this topic isn't to point out which are technically wallets and which are not. It's to educate about the risks they are taking when using these services.
legendary
Activity: 3472
Merit: 10611
Types of bitcoin and cryptocurrency wallets.....
.... Cryptocurrency Exchanges
exchanges are not wallets! they should not be listed where you talk about "wallets".

I get what you mean. Exchanges aren't wallets, but when using your personal account on an exchange you are still given a wallet to use.  And also, I'm pretty sure a good number of people(including people I know) use exchanges as wallets.

that still is not a wallet. it is an account that you have on an exchange and they give you an address that they fully control for you to deposit so that they can hold your funds for you. this is not how a wallet should be and the fact that people use it as a wallet doesn't mean it is a wallet!
member
Activity: 138
Merit: 74
NotYourKeys.Org
In my opinion, the most secure type of wallets is the hardware. But recently, a weakness was discovered in Ledger, so I'd prefer Tresor, but the choice is yours.
Hi. Can you be specific on what "weakness" that is?

Hardware Wallets (Risk level: Very Low)

Hardware wallets are wallets whereas your private keys are only safely stored on the device itself. Hence, even if transacting on a malware-infected computer, the chances of hackers gaining access to your private keys are pretty much almost next to zero.

Hardware wallets might be a bit expensive for most people(Ledger Nano S is around $95 and Trezor is around $105), but if you're holding at least worth $1000+ in funds, getting a hardware wallet should be one of your priorities. Better to spend a hundred dollars on a hardware wallet than to risk your funds from getting hacked.

Just to add to this, you can create your own de facto hardware wallet by turning Electrum/Bitcoin Core into an air-gapped wallet. All you really need is a "persistent" Linux installer flash drive that will never be connected to the internet again after the wallet installation, or an actual air-gapped PC. It's not as convenient as dedicated hardware wallets are, but not as inconvenient as paper wallets either.

Hi! Thanks for the heads up. I totally understand what you mean, that's why I actually linked a guide on creating an air-gapped device on our site. The guide made by Sowik: https://bitcointalksearch.org/topic/guide-secure-air-gapped-crypto-wallet-storage-method-2828437
hero member
Activity: 1834
Merit: 759
Hardware Wallets (Risk level: Very Low)

Hardware wallets are wallets whereas your private keys are only safely stored on the device itself. Hence, even if transacting on a malware-infected computer, the chances of hackers gaining access to your private keys are pretty much almost next to zero.

Hardware wallets might be a bit expensive for most people(Ledger Nano S is around $95 and Trezor is around $105), but if you're holding at least worth $1000+ in funds, getting a hardware wallet should be one of your priorities. Better to spend a hundred dollars on a hardware wallet than to risk your funds from getting hacked.

Just to add to this, you can create your own de facto hardware wallet by turning Electrum/Bitcoin Core into an air-gapped wallet. All you really need is a "persistent" Linux installer flash drive that will never be connected to the internet again after the wallet installation, or an actual air-gapped PC. It's not as convenient as dedicated hardware wallets are, but not as inconvenient as paper wallets either.
sr. member
Activity: 686
Merit: 250
In my opinion, the most secure type of wallets is the hardware. But recently, a weakness was discovered in Ledger, so I'd prefer Tresor, but the choice is yours.
member
Activity: 138
Merit: 74
NotYourKeys.Org
Types of bitcoin and cryptocurrency wallets.....
.... Cryptocurrency Exchanges
exchanges are not wallets! they should not be listed where you talk about "wallets".

I get what you mean. Exchanges aren't wallets, but when using your personal account on an exchange you are still given a wallet to use.  And also, I'm pretty sure a good number of people(including people I know) use exchanges as wallets.

Anyway, this post isn't to tell the readers which technically are wallets and are not. It's to inform people of the risks they're taking when using these services.
legendary
Activity: 3472
Merit: 10611
Types of bitcoin and cryptocurrency wallets.....
.... Cryptocurrency Exchanges
exchanges are not wallets! they should not be listed where you talk about "wallets".

Quote
Web wallets are wallets whereas you can access your funds by logging in to a website/app using a username and a password; and usually with most wallets, they don't give you access to your recovery seed; instead, they are stored online and is only accessible by them.
very true.
maybe it is best if you put these two in a separate  category at the end because they are not wallets. it is more like looks-like-wallet category where exchanges and web wallets like Coinbase are in it.

Quote
Paper wallets are a good alternative to hardware wallets ...
...if you just want to store your bitcoins. but if you want to spend regularly then paper wallets are a nightmare.
newbie
Activity: 49
Merit: 0
If you're a serious cryptocurrency investor, or if you're simply paranoid about keeping your money in a digital wallet, a hardware wallet is generally viewed as a more secure option. As the name suggests, this is a device that connects to your computer but otherwise remains offline.

One of the better known hardware wallets is the Ledger Nano S. It looks just like a USB stick, except it has a small display for entering your pass codes.
member
Activity: 138
Merit: 74
NotYourKeys.Org
Hardware Wallets (Risk level: Very Low)
Hardware wallets are wallets whereas your private keys are only safely stored on the device itself. Hence, even if transacting on a malware-infected computer, the chances of hackers gaining access to your private keys are pretty much almost next to zero.

Hardware wallets might be a bit expensive for most people(Ledger Nano S is around $95 and Trezor is around $105), but if you're holding at least worth $1000+ in funds, getting a hardware wallet should be one of your priorities. Better to spend a hundred dollars on a hardware wallet than to risk your funds from getting hacked.

very well @cryptosec.info!
here you will find detailed information about the ledger nano s: https://bitcointalksearch.org/topic/ledger-nano-s-information-hardware-wallet-3716414
stay safe and do not let yourself be robbed, like me and many others.


Thanks for the heads up I guess
legendary
Activity: 2310
Merit: 1848
Hardware Wallets (Risk level: Very Low)
Hardware wallets are wallets whereas your private keys are only safely stored on the device itself. Hence, even if transacting on a malware-infected computer, the chances of hackers gaining access to your private keys are pretty much almost next to zero.

Hardware wallets might be a bit expensive for most people(Ledger Nano S is around $95 and Trezor is around $105), but if you're holding at least worth $1000+ in funds, getting a hardware wallet should be one of your priorities. Better to spend a hundred dollars on a hardware wallet than to risk your funds from getting hacked.

very well @cryptosec.info!
here you will find detailed information about the ledger nano s: https://bitcointalksearch.org/topic/ledger-nano-s-information-hardware-wallet-3716414
stay safe and do not let yourself be robbed, like me and many others.
member
Activity: 138
Merit: 74
NotYourKeys.Org
hi. what wallets do you suggest?

Hi. It depends. For what coin/coin(s)? Do you prefer security or ease-of-use? Please be more specific.
newbie
Activity: 60
Merit: 0
hi. what wallets do you suggest?
member
Activity: 138
Merit: 74
NotYourKeys.Org
Great information here, well done!

I like the risk assessments you associate with each wallet type. I think the Paper Wallets risk assessment is too low though, of course only the holder has access to the private keys and such, which is great, but paper is easily lost and destructible. There's a high risk that a paper wallet will end up in a British landfill!

Other than that, the summary here looks good.

I'll check out your website too.

Hi. I'll take what you said accordingly, and will most likely add that disadvantage soon. Also, thanks for the merits!

@OP,you should list information about mobile wallets too. It would make up into a very decent article. I saw your site and well your UI isn't very crypto-friendly or even user-friendly. The layout is way too weird for the content  Undecided

Hi. Thanks for the feedback. I intentionally made the site look sort of "command line-ish". If more people don't like it then I might change the layout to something common and modern.
legendary
Activity: 2383
Merit: 1551
dogs are cute.
@OP,you should list information about mobile wallets too. It would make up into a very decent article. I saw your site and well your UI isn't very crypto-friendly or even user-friendly. The layout is way too weird for the content  Undecided
BQ
member
Activity: 616
Merit: 53
CoinMetro - the future of exchanges
Great information here, well done!

I like the risk assessments you associate with each wallet type. I think the Paper Wallets risk assessment is too low though, of course only the holder has access to the private keys and such, which is great, but paper is easily lost and destructible. There's a high risk that a paper wallet will end up in a British landfill!

Other than that, the summary here looks good.

I'll check out your website too.

On that point about paper wallets, is also where it is printed from!
It's important that one prints it from a safe and clean device, with a computer one could just liveboot Linux Mint,
simply by installing Linux Mint(free OS) on an USB, restart computer, launch from USB, generate paper wallet, done!

There's probably some network risks too, so one could download something like this:
https://www.bitaddress.org
unplug your internet, generate, print, that's safe!

On the thread itself, very good and simple, and that risk-level is a good addition.
I like hardware wallets, especially for the general user, since they protect people from themselves  Grin
hero member
Activity: 1106
Merit: 638
Great information here, well done!

I like the risk assessments you associate with each wallet type. I think the Paper Wallets risk assessment is too low though, of course only the holder has access to the private keys and such, which is great, but paper is easily lost and destructible. There's a high risk that a paper wallet will end up in a British landfill!

Other than that, the summary here looks good.

I'll check out your website too.
member
Activity: 138
Merit: 74
NotYourKeys.Org
Types of bitcoin and cryptocurrency wallets and it's risks
by cryptosec.info

When investing in bitcoin or cryptocurrencies in general, wallet security should always be a number one priority, to prevent unnecessary losses to one’s investments. Having your investments stored on an unsecure manner is simply a disaster waiting to happen.

No matter how good you are at picking great coins and tokens, or on how good you are at timing the markets, none of these matter if your funds aren’t secure to start with.

Listed below are types of bitcoin and cryptocurrency wallets and the risks and advantages of using them.


Cryptocurrency Exchanges (Risk level: high)

Storing bitcoin and cryptocurrencies on exchanges are mostly done by the people that are quite new in the cryptocurrency space. Why not, right? Exchanges like Bittrex and Binance can hold up to more than a hundred different coins and tokens anyway. Great! all my coins on a single account! No. Just, no.

Some people usually think of some of the best exchanges as being sort of “super secure“, “unhackable” or something along those lines. But the fact is, there’s no such thing as an “unhackable” website or system. Some websites like Google and Facebook are just significantly more secure than other sites, but the possibility is still there.

People in the past probably thought the same way with the famous Mt.Gox exchange in 2014. People left their funds on Mt.Gox thinking it was sort of “unhackable“. Guess what happened? Mt.Gox has been hacked for around 100,000 bitcoin; then filed for bankruptcy months later. Wikipedia link for more info

Don’t let history repeat itself. Only use exchanges for what it’s intended for: only as a platform for trading and exchanging cryptocurrencies, and NOT as a long-term storage of your funds.


Online/Web Wallets (Risk level: moderate)

So you’re new to bitcoin. You’re looking for a wallet for your mobile phone, so you open up the AppStore or PlayStore. You type on the search bar: “bitcoin wallet“.

What comes up? Coinbase. You say, “sure, why not?“, since you commonly see people talking about Coinbase on social media anyway, or probably FreeWallet because it has a good number of downloads and it looks fine.

So this means that these wallets are good choices, right? Not necessarily.

Online/Web wallets are wallets whereas you can access your funds by logging in to a website/app using a username/email address and a password; and usually with most web wallets, they don’t give you access to your private key(s). Instead, they are stored somewhere online and is only accessible by them. If you haven’t realized by now, your private keys stored online on a company’s servers is a huge security risk as it can potentially be accessed by hackers.

Another risk with most online/web wallets is that they can revoke your access to your wallet. How? They simply disable your account, and there’s nothing you could do about it. While they most likely won’t randomly lock up your account, the risk is always there.

    Not your keys, Not your bitcoin” – Andreas Antonopoulos

Some of these online/web wallets like Coinbase definitely provide very good service by allowing us to easily exchange our crypto for fiat or other cryptocurrencies and vice versa, or by giving us fee-less transfers from Coinbase <-> Coinbase wallets, but it isn’t really advisable to hold big amounts on these wallets. Just as you wouldn’t carry probably more than $500 on your physical pocket wallet on a normal day. Instead, you leave majority of your money on a fire-proof safe or in your local bank. Same thing should be the same with your cryptocurrency funds.


Software Wallets (Risk level: Low-moderate)

Software wallets are wallets whereas you download and install a certain program/app to your computer or mobile device.

So, pretty much the same with Coinbase right? Nope.The main difference people might notice straight-off with software wallets like Electrum and Exodus is that most software wallets doesn’t require a user login. Why? Because with software wallets, your private keys are not stored on the wallet’s servers. Instead, your private keys are only stored locally, on your device alone. Granting you complete and total control over your funds.

There are still risks with software wallets though, as certain computer malware/viruses might be able to access your wallet’s private key(s), hence potentially stealing your cryptocurrency investments. It’s the responsibility of the wallet owner to make completely sure that the device being used is free from malware and viruses.


Hardware Wallets (Risk level: Very Low)

Hardware wallets are wallets whereas your private key(s) are only safely stored on the hardware device itself, and never leaves the device even if you make a transaction. Hence, even if transacting on a malware-infected computer, the chances of hackers gaining access to your private keys are pretty much almost next to zero. Making a hardware wallet a really ideal way of storing bitcoin or other cryptocurrencies, having a good balance between security and convenience.

The problem here is that hardware wallets aren’t that cheap. Hardware wallets can be a bit expensive for most people, but if you’re holding at least worth $1000+, getting a safe and reputable hardware wallet should be one of your main priorities. Better to spend a hundred dollars on a hardware wallet than to risk your funds from getting locked or stolen.

Planning on grabbing a hardware wallet? What hardware wallet should you get? As of now, the two most reputable hardware wallets are still the Ledger Nano S and the Trezor, both small end compact enough to fit in your pocket.


Paper Wallets (Risk level: Very Low)

A paper wallet is a wallets that, you guessed it: private key(s) that are printed on a piece of paper.
Paper wallets are a good alternative to hardware wallets as you only need computer device(s), a reliable printer, and some paper.

Paper wallets are really easy to make, but are quite difficult to make in a secure manner. Take note that it’s really not advisable to use paper wallets if you don’t have the knowledge to create one securely, in a way whereas hackers have no way on stealing your private keys(s) due to removing all access to the internet and to any other device. Simply right-off printing a paper wallet from your personal computer without taking huge amounts of safety precautions may end you up having a very unsecure paper wallet, potentially even more unsecure than a web wallet. If you’re not sure how to make one securely, don’t risk it. Go the safe and easy route and purchase a hardware wallet instead.

Also take note that paper itself is very prone to damages. Simply just soaking your paper wallet with water may make your cryptocurrency funds inaccessible; so always make sure to store your paper wallets on somewhere safe and dry.




Disclaimer: CryptoSec.info is a simple website made to help beginners in the cryptocurrency-space by giving them sufficient knowledge on protecting their crypto investments, and learn about the risks they're taking when using certain wallets and or services.

Guides by cryptosec.info:
Jump to: