posted a few tips here
http://www.ptycoin.com/blog/keep-your-bitcoin-safe/The last several weeks have seen a lot of bad news around Bitcoin. Mt. Gox, the first, and for years the largest, Bitcoin exchange, shuttered its doors recently claiming to have lost in the neighborhood of $500,000,000 worth of bitcoin to theft. Since then it seems a day hasn’t gone by that we haven’t heard some news of another exchange or Bitcoin bank being hacked. It’s enough to make a person think that Bitcoin isn’t a safe place to keep your money.
I’d like to clear things up. Bitcoin hasn’t been hacked. It’s not unsafe. The one thing in common with all of these thefts is that the hackers got access to the wallet, specifically what we in the industry call the “hot wallet”. They didn’t break in through Bitcoin, they broke in through holes in the security these companies built to protect their bitcoins. For every hot wallet that’s been hacked, there are thousands of wallets which have remained safe.
So what’s a “hot wallet”? Essentially, it’s your primary Bitcoin wallet, analogous to the wallet you keep in your pocket or purse filled with dollar bills. This could be the bitcoin you keep on your phone, or on your computer. It’s what you spend on a day to day basis. For the exchanges and services that have been hacked lately, the hot wallet is the wallet that the automated systems have access to. When you withdraw bitcoin from your Mt. Gox or Bitstamp account, their automated system sends it to you from a hot wallet. And that’s where ALL the bitcoin reported stolen to date has been stolen from.
These hot wallets are prime targets, because they’re accessible to a computer program connected to the Internet which can send bitcoin without any human involvement. When one of these computer programs get hacked, the hackers gain access to the wallet it controls, and can steal all of the bitcoin from it, without anyone knowing until it’s too late. It’s a high tech version of pick-pocketing, or a bank heist where only the money in the cash drawers is stolen but the money in the vault stays safe.
This brings us to the concept of the “cold wallet”, and how to keep your bitcoin secure. This is the bank vault. This is where you keep your savings. It’s a version of a bitcoin wallet that you keep OFF the Internet. Some use a dedicated computer which has never been and never will be connected to the Internet. Some use a USB thumbdrive. Others use a piece of paper. The important thing is that the secret key that unlocks the cold wallet isn’t accessible to hackers or thieves. This is where you keep most of your money, so you want to keep it in a safe place.
There are a few things you can do to keep your money safe in Bitcoin. First, don’t trust anyone else to hold your bitcoin for you. That means e-Wallet services like Coinbase, or Exchanges like Mt. Gox or Bitstamp. Just because these services haven’t been hacked doesn’t mean they can’t be hacked. They offer a lot of convenience when you want to trade your bitcoin for dollars, and there’s no reason you shouldn’t use them for that, but don’t leave your money there long term, unless you can afford to lose it. Most of the big players do a good job with security, and most of them use a combination of hot and cold wallets to keep most of the bitcoin on deposit secure, but Mt. Gox is the perfect example of how even the big guys can fail, and there’s no FDIC insurance yet for Bitcoin to protect you if that happens. I wouldn’t be surprised if someone like Lloyds of London comes up with a Bitcoin version of the FDIC in the near future, but it hasn’t happened yet.
Second, don’t keep your life savings in a hot wallet. There are a number of great methods to create a cold wallet. Do some research, and learn about them. Pick the one that works best for you and run with it. Some cold wallets are more convenient than others when it comes to getting access to your money, so find a balance between security and convenience that you can be comfortable with. You could even create multiple cold wallets with different levels of security.
Third, protect your hot wallet. If it’s on your phone, keep your phone safe with a password and don’t install questionable apps that might contain a virus. There are anti-virus programs for Android. Find a good one and use it. If you keep your hot-wallet on your computer, keep it on a computer with good anti-virus protection. Use a firewall to protect your home network. Use Linux or a Mac instead of Windows if you can — there are a few bitcoin stealing viruses out there, but they almost all target un-encrypted wallets on Windows machines. Encrypt your wallet with a strong password that you will not forget and don’t have to write down — I prefer to use a series of 4 or 5 random words. Keep a backup copy in a safe place — I keep copies of all of my various hot wallets both on paper and a thumb drive, which I keep locked up in my safe. Don’t ever share the secret keys to your wallets with anyone you don’t absolutely trust, and don’t store them “in the cloud” unless you’ve encrypted them first.
Finally, consider shuffling your bitcoin around a bit. Create a new wallet occasionally and move your funds from the old wallet to the new one. Just because a cold wallet has never been hacked doesn’t mean someone isn’t working on it, and if you are holding a large fortune in Bitcoin, you can be sure someone is. If you give them a moving target, you reduce the chances of their success. Dividing your Bitcoin up amongst several wallets can also reduce your risk. Diversifying your portfolio out of Bitcoin and into precious metals or real estate can also reduce your risk.
You can keep your money safe in Bitcoin. It’s possible to go your entire life without ever losing a penny. But the way to make sure is to take some precautions. Its just like paper money or metal coins. If you make it easy to steal, someone inevitably will. If you make yourself a hard target, thieves will look for someone else to rob.