Topic: Mistakes small or big that will cause us a lot in the future (Read 493 times)

This are the most of things we should avoid if we want to protect our future use, especially allowing friends and family to use your computer and giving them access to your private keys. Even though no one knows my system password, and I occasionally allow people to use my computer with my permission and subject to certain rules, you give them the chance to take what is legally yours without your permission if you divulge your secrets to friends and family.
People are all the same, so it's difficult to put your trust in them, especially when it comes to money or future success. The people closest to you are the ones who hurt you the most frequently.

Committing mistakes either small or big will always have consequences and so, if we have the option/way to avoid it, then we should have to do it. But honestly, not all things went perfectly, sometimes we get mistakes and learn from them. Should we have to worry about it? I guess not, as long as we are able to correct them and never let it happen again (as possible) we are already changing our directions. It is necessary to consider that our mistakes are the results of our wrongdoings and decisions, and so I believe it was not difficult to correct them.

While I believe we should try to live life to the fullest when we are alive, I don't mean we have to go about living life in the wrong way. People often times misinterpret this saying. That is not a license to do whatever you want, whether it's right or wrong but it's saying just try to have a life and don't put too much pressure on yourself.

I agree that the lessons we learn more are from our mistakes, but it would be very wise to also learn so much from others' experiences. As a youth, you can see the mistake an older person made in his youthful years affecting him in old age. You should be able to look at him and say I don't want to end up like that so I won't go through that path.

This particular one is so true,  many people believe the email is the safest place seed phrase or other sensitive password can be saved. It is good to save images and others written document in emails but as for seed phrase and other sensitive information that is concerned with money I don't think the email is the best place for it to be stored. The email can be hacked which all the sensitive information and seed phrase can be claimed by the hackers.

All of these outline points are vital because small things we overlook can be the root of our downfall, especially in cryptocurrency, where any mistake can result in the loss of all your assets.

Kudos, OP, on this excellent reminder; I hope we can all benefit from it.

This is a critical point in this thread; many beginners who don't know enough about keys and addresses may feel safe leaving or giving people who open or guide them to open their wallets access to their private key, which is very wrong because no one can be trusted because we can't trace or reverse any transaction in the event of theft.

I don't even see any of this mistakes as being small.... anything could happen between a space of time. The funniest part about the whole thing is that, when them mistakes are made, it can't be retracted.
We should be careful out there ....and how? Don't nobody said anything about them rules already?? They all did. You're simply gonna be guided by what you've heard or read about already ( that which was true)..no big deals. It's the reason I urge newbies to stay focused and try to understand what's hidden to them, so they won't fall into the wrong hands tomorrow.

Sandra 🧑‍🦰

Indeed, not all things must be shared with family, we have the secret and we can keep the secret. Additionally, if we don't trust them 100% ad doesn't have a similar path of living in the future. This will be so risky to tell it. But, this will be different if someone is considering his wife or her husband about the data, based on their own understanding each other and how their relationship and goal so far. Moreover sharing to friends, never do it!

This is also risky and this really opens the chance for hackers to access it easily. We don't know how long we will own the device, we will not know whether the device will stay with us or not, will be stolen or not. So, keeping data remembered in the browser is completely risky.

Even if we have done it, sometimes, we may still have the risk of losing our assets. But, using similar passwords or data on different platforms is actually very risky. However if they are the same as the email data. Hackers can track it more easily one by one if connected or using the similar data.

Using the same password on different accounts doesn't seem too vulnerable as long as the passwords we use fall into the complicated category as you mentioned, for example using capital letters at the beginning of sentences and ending with certain symbols, my personal experience used to create a different password for each account but in the end I often have to reset the password when I want to access the account because I forgot it and it's a little annoying because after successfully updating the exchange password it limits us to make withdrawals for 72 hours, so after experiencing several similar incidents I decided to create a password that it's the same in every account and so far it's safe for me.

Why would anyone share who is not on their death bed or has a gun pointed at them, share their private keys with a family or friend. Trust and sharing have levels and this is the level where one has to draw the line.


Honestly, I have most of my password on remember on my computer. I find that it is less stressful when I have to log in. However, I am super cautious about the type of websites where I have it on remember.


I have two computers. I use one my most of my crypto and bitcoin related business and other for regular stuff. The one used for crypto related matters is kept in my private and I only have access to it. I don't share it with any other person. It is highly restricted. While the other one could be used by every other person.



This was one mistake I made in the beginning with Trust Wallet. Since I didn't know what else to do, I saved the seed phrase on email out of connivence or so I thouhgt. I am glad that my mentor cautioned me out it and I found a secure place to save it to. Even though my account has never been compromised, I still feel it is the safest thing to do.


I do not like authenticators because I am always scared that if I lose my device which has the authentication app, I would have lost all my access to my accounts. And I do not want that to be the case with me. I prefer two-factor authenticator to it.

So....I'll be so fuckin' surprised when someone will say they've been staying in here for a couple of period, then they still end up getting scammed...it's not an excuse since we've had alot of these threads being duplicated by different OPs, in different sections, with different languages...
I'll say, all this have been mentioned as some intermediary rules to be learnt first, in here, before getting involved HODLing. I'll also add these; peeps should rather stoop low, no matter how profitable the FIRST OUTCOME might be... Don't be in a hurry to invest bigger since you earned big, but all these are only applicable to uncertain projects.

Sandra 🧑‍🦰

Thank you for your advice on how to manage our private keys when we were discussing it. As you mentioned, we all know that sharing is part of caring, but we shouldn't assume that all of our family and friends can be trusted. When it comes to money or issues like these, anything is possible. A friend of mine trusted his friend more than his family members. He lived everything in the hands of his friend, but when the man died, the same friend forgot that the man had helped him. He spent the man's money on everything and forgot about the man's family. These things are happening because he trusted his friend and gave him everything he needed to con these men.

Aside from others mistakes, They are other things we do in life that seems right but are extremely detrimental to our future.  Most of this things happen in our youthful age where we think we can enjoy to the fullest. Still in bitcoin discussion, I have heard someone say that life is short and that one should leave it without regrets, which in my own opinion, it's not so.
A good percentage of things we do to our satisfaction tends to affect others around us. For instant,  taking immediate severe action against a good friend who wrongs u today without having a second thought of the importance of that same friend in the future. We learn from all mistakes, but the lessons we learn more are from our own mistakes.

We learn from our mistake and other people mistake too, but is better to learn from others, the first time I wanted to trade Bitcoin I was scam, and from that day I have been very careful. Allowing our friends and family member to get access to our account is not a good idea, but there most be that one person you can trust either from your family or friend. Protecting our privacy and not trusting too much can really make us to avoid danger in the future.

The reason why most people get scammed is not because they fall victim to phishing links, it's because they trust people easily, some people still listen to strangers online and the stranger will deceive them into doing something that's not safe, their eye only opens after they are scammed.

Some people trust their friends more than their lives, that's how their friends will take advantage of them, I don't keep friends that want to get on my computer, my PC is my private place of work, I won't even allow my family to be on my PC by themselves, I don't trust anybody.

You can draw conclusions by choosing and sorting out which ones are really good and make sense. While I'm sure not everyone responded to your topic as some of them also responded to other users' posts.

I also don't think it's obligatory for you to draw conclusions from all the user responses and make one the way you mean it, but if you want - then get for it.

Thank you for all the response for this post, will it be okay to everyone, if I gather all your inputs and make it as one? I'm also glad that I was able to contribute even in small way.

You don't have to make a mistake to learn. Experience is the best teacher but it's not the only teacher. Personally, I prefer to learn from the mistakes of others (cold right?), and the warnings of others too. Most people don't learn till it happens to them and then there are the ones that don't still learn when it happens to them. All through this thread ie been seeing people talk about the disadvantages of having the same password on multiple sites, but still, there are people who have read the post and will refuse to listen. They'll want it to happen t them first before they learn. It doesn't have to be that way.

If we can help ourselves not to be used from that small mistakes, then we can avoid the chance to get hack in the future. Most of the time, the reason we get hack or scam is because we are too confident to trust other family members or close friends to access our own account, without thinking that it could put us in danger in the future. But if we become too cautious and responsible to secure our privacy, I guess that’s really possible by not trusting anyone and by choosing a hardware wallet that makes our coins more safe and secured.

This post is relevant not just to newbies but to everyone.

 We often overlook somethings and feel that maybe just one time will not be enough to cause damage, I have heard people say, is it not just one time? but that is not always so, just one time is enough for challenges to follow. In some cases, slight mistakes and things that you over look can really cause you a lot of pain and losses, like letting someone plug a USB device to your PC, or even allowing someone to surf on your Personal computer. While surfing, the person may click some links without caution because it is not their computer, and if someone plugs a USB device to your personal computer even for a minute, you may have no idea the malware or virus that will enter your PC via that means.

I've actually been practicing security measures like this so far. Of course for security reasons, and so far no permission has been given to anyone to access my PC for any reason.

I also don't think it's safe to store a lot of important data on PC even if you have administrator. For security reasons, this important data must be kept away from online devices and secured offline. Then instead of this, I agree with some of the variables in the OP as a security measure that shouldn't be ignored.

Partitioning different OS in one system isn't possible for every computer user; lay man. I've read about it in my school days and it involves processes that should be studied before installing different system in the computer or an expert can handle that as well for the user. Though, it's a valid point, but not everyone can easily achieve that security measure.

Regarding Op's post I'd say that sharing our password sometimes to people we trust doesn't seem wrong. I could remember a morning I woke up and forgot my PC password, I don't know what happened to my memory, I tried multiple times to no avail. Luckily my brother has access to the laptop, I had to inform him about my login troubles and he recalled vividly the right password to access my PC. So, aside the disadvantages, they are benefits involved in sharing sensitive password to others. Even the private key, can be shared with a good spouse for future purposes. Nobody knows what can be occur.

Mistakes are part of life and it’s not a sad thing to make mistakes, but my problem is when you make mistakes and actually don’t learn from that mistakes

I can say I have been having mistake free adventure in the crypto-currrency space and I can attribute it to my lifestyle so far. I put away greed, follow instructions and most importantly I have been able to learn from other people mistakes.

The only danger when a hacker gets your password is when you use same login details to your email while your exchange doesn’t have KYC. Some exchange has a recovery feature through email and KYC to bypass Authenticator since they are assuming an event that user might lose access on the google Authenticator.

I’m doing same thing as yours too to save time on login my account over and over whenever I close my browser or turn-off my computer. I have same reason as yours that I’m not holding huge funds on my exchange since I’m just using it to convert my asset to different currency.

I have no problem trusting family members about anything when it comes to investing. Regarding my investment in bitcoin, I think I should heed the suggestion of inheriting the private key to someone I trust in my family. Of course I would exclude friends in this regard, but not family members.

There is a good way or method to give them the private key, of course it should be considered so as not to set them against us afterwards. Imagine if you don't inherit them the keys, your bitcoin will be lost forever if something happens to you.

Use the full potential for security that's all people are tired and they don't want to use those features as one of the functions that could project with their assets.

As long as you can make a changes with that small mistake habit there's a chance you will make your funds more secure. My suggestion and ideal to use is with the hardware wallet and make a good storage for your seed.

I use the remember or save password for future login on browser almost on every exchanges because I don't allow anyone to access my device which I am using to login exchange or wallet and also with authenticator installed in another device which is not connected with internet all the time make me feel even if someone got my password they can't steal anything since 2FA and also I don't leave much of balance on exchange wallets for long time.

This is important because many people have lost access to their password because of not cross checking or properly checking back to confirm what was given as the password and what they have written down. Most times again because we are in a haste to go out, we just try to memorize the password in our brain thinking to easily reproduce it but right there even before going out you realize you are forgetting it. We should take our password very serious and guide it jealously. Any body that has not lost a password should ask someone who has lost theirs to know the experience. It is worst if you also don't have access to your email to get access to receive either a link to change password.

In short to be safe we need to understand that we need to be safe even your siblings or friends, don't allow them to get access your own privacy which is too risky if you will tell them your Wallet seed phrase or any account that representing your money and identity.  like what they said above trust has a small percentage of legitimate which means some trust are broken if you've been argue with your family or friends.

This is an interesting topic per-say. I totally agree with you on this because these are little errors or mistakes that most people do not knowing that is going to cause us much pain in time to come.
Saving the passwords of important websites for instance my Bitcoin wallet to my phone is something i use to be afraid of. I use to ask my self " what if the phone got lost or stolen?
Sharing my key with someone else maybe family member or a close friend is another fear in me.
What if the trust is broken? Anything can happen in the future. I have experienced such when a trusted friend of mine that i shared my debit card pin with used it to withdraw the money from my account because we had a fight. Since then, trust is far from me.

Just to add with the list you provided, it really pays if you have a personality which doubts everything in this space. With scams being very prominent, the mindset of being doubtful to every link that you can access is desirable- much in a way that this tends to avoid being scammed in the first place.

If you see an advertisement that is too good to be true (e.g. offering absurdly high interest rates with a payout that is relatively fast, etc.), then doubt it as soon as possible. This gives you a security and a mindset to be careful with everything that you access in this space.

In the cryptocurrency world which exists in the internet, scams are everywhere. Hacking tools can easily be downloaded and transferred and that is why everyone must be vigilant and responsible for their money.

Some of these may be small to others but the possibility of never getting hacked is never zero I hope everyone doesn't pass this lightly as this is all crucial to secure your wallet and coins. Always make sure to secure your coins and clear all that possiblity away from the hackers and you are good. If possible do triple or more to check the keys whenever you have a transaction to avoid the drama of sending your coins to the wrong address since it isn't irreversible, once it's done, it's done.

Obviously, it's a very tempting option not to go through the stress of having to login again and again but, surely not the best move. It's actually lazy and your not being any smart by doing that, even on a private device that you access the Internet with.

Certain benefits comes with certain consequences. The passwords are often saved on your mail address and reproduced when you try to access same site on a browser using a device that has the mail logged on. So, it doesn't really stick go the device but, functions with your mail address which means, it could be reproduced wherever your mail is logged in. That's not a good idea.

There are benefits that comes from having to input your password each time you login and that is, refreshing your momeroy of the codes you've chosen to maintain your privacy and that's a good thing.

This is something I used to do and was familiar with when I was younger and used different browsers. I used to believe that my brain was not retentive enough to store a large number of passwords and usernames, so I would rather save the password of the site I registered for in my browser.

As I grew older and learned more about security, I realized that everything was wrong and that I needed to change my passwords and save them somewhere else so that I could check them when I forgot. However, 90% of the site passwords I use frequently are stored in my brain, and I can recall them without hesitation, demonstrating how vast, accumulative and retentive the brain can be.

Do mean you allowed some else to have access to your wallet and the person is using your wallet till now and you do nothing? Why on earth will someone hack your wallet and keep using it without you taking action.

Maybe you just choose to let go of it because if I were the one I will take an action against the person on why on earth would he have to use my wallet with a permission. Who knows what the person is using your account to do maybe is for fraud that is why I am very surprised of you not doing anything. Things are happening and we'll need to be very careful or else we might for victim of what we don't know about.

You have described the simplest and very first steps that a person should take during normal use of the Internet. Speaking of which, it's very hard to get privacy right now; not following all these steps just opens the door to the user's privacy.
If we talk about the general use of one computer, I would suggest partitioning the disk and installing different systems for different users. If you are familiar with Linux systems, you can set it up so that after the session ends, all the data you entered during the work will be erased, and no one will be able to access it without certain permission.
The same passwords and emails for all accounts—this is so vulnerable that I think it is already known to children who have just come to the Internet. If there are similar cases among "old" users, then you can wish them to prepare for their losses.

Your fist step would have been to remove the compromised email address from any platform it was linked to. If a hacker could access a seedphrase stored in it, they can get into any platform linked to it.

I'd you still have access to the email and log it details why not log the intruder out? That's seems to be the logical approach to prevent any further loss coming to you.

I remember when I was still new to crypto and I foolishly store my seed in my email. I don't know how the predator have access to my email and copy the seed phrases but all I know is that apart from the email, I didn't save the seed else where as at then. But what surprising is that up to this moment the person is using the wallet for transactions. I still have the wallet logged in my device and I do receive notifications whenever he withdraw or deposit. I actually don't know what his/her plan is because I might ruin his/her life if I wish by withdrawing all the funds when he deposits. Isn't that a foolish act? Or there's more to it that I don't know?

These information deals without relationship with our friends and family. Nobody should be trusted because humans are dynamic. You friend today can be your enemy tomorrow. One of my friends will always tell me that he doesn't even trust himself, how them will he trust someone else. Remembering password to browser can lead to loss of privacy or funds if your phone or computer is stolen.


This part deals with how we handle our technological devises. We must ensure we enhance and upgrade our security strategies because scammers and hackers are always seeking for advanced ways of having access to these information.


These above points covers our personal lives. If you are too busy or stressed up don't attempt to engage in any important transaction online. This is because just a single mistake can be disastrous. Laziness to devise different password might be dangerous. If you are not patient enough to get different password, you have to be ready to go through stringent recovery process or sometime loss of funds.


I want to add
- Not paying attention to details and not also reading the terms and conditions of some products or services.

- Entering into a business because of greed and not reputation or genuinety of the business.

Those are really vital points you listed above, and they are sure common mistakes people ignore which cost them a lot in the future, but I will love to add mine that some of the common mistake people do also include;
1. Sending a coin to a online wallet or casino without first taking into consideration what is the least minimum fund deposit is, and as such lose the fund and yet not receiving a deposit.

2. Leaving your crypto funds "investment" on an exchange wallet where you have no control over it for long term, and not using a non-custodial wallet such as "Electrum" that enable you have control over your funds.

Not securing our exchange account with 2fa become problem for the future but today all exchange required it if want to withdraw or trading assets there, but right now the problem faced by all because not have recovery mobile phone how to access back later if main mobile phone loss or broken and 2fa application not possibility for accessing.

I faced this problem right now after my main mobile phone broken but have alternative after recovering and right now success log in back to my exchange wallet. I think for 2fa better check with application allowed register using mobile phone number and recovery or back up possibility with the same number.

This is very dangerous but you have to share it indirectly, get a book-keeping and save your records their, who knows death can over come you and this can help family members recover your asset.

Get yourself a personal computer with a very strong password to the extent that no one can use it without your permission.

It seem that email is not safe again, but you can also secure it that no one can have access it

Authenticator is the best now for me.


Always in a hurry doesn't give accurate answer of anything you want to do. Make sure you do your activities at right time to get a perfect result.


This is very risky because using the same password will allowed people get access to your system or website

Unknowingly we make some mistakes which we have to pay for all our life. I myself made such a mistake. I saved the account password in the browser while creating an account.  The device in which I had saved my password was used by some of my friends and younger brother sometimes, but some of them might enter my account and grab the password of that account from the browser, as a result of which I am in danger. Although it was a lot of trouble, I was able to recover the password of that account, but it may not happen at other times, so we should always be careful about these things.

• Sharing your private key is not a great idea at all, I mean you could just put it on a piece of paper or notebook for your family so that they can access it when the time comes, but sharing it with your friends is I think a big mistake because we're talking about investment and your money.
• I didn't see administrator login as a problem since I'm the only one using my computer and I do not allow anyone to use it. So just don't let them use your computer if you have important accounts or files.
• When you save your password to your browser or your email it wasn't really that bad, but it would be easy for hackers to gain access to your accounts if they infiltrate your computer. The same as saving your files to your email
• Using an Authenticator is an added layer of security to your accounts so it's always recommended especially for your accounts that have balance.
• I was one of the guilty saving the same password to some of my accounts, but I did change it, especially to my important accounts or accounts that have funds on them, I guess if it's just a random account on the internet you could do some random or similar password.

One of the most common hacking techniques is phishing which mostly happened through email messages disguised as an organization, sending malware, fake invoice, or asking a confirmation/personal information, etc. Probably just do not click anything that is suspicious on your messages or anything that is send by just some random guy on the internet.

Sharing in the form of other things may not be a problem, but if it's a private key that concerns our assets then that's not allowed and we ourselves have to keep it secret, at least all relatives or family are in the same line of course from them there is always a different path then this shouldn't happen.
Our own private key that knows not a third party.

Don't save passwords in browser I didn't do that because it's dangerous also if someone hacks in that we don't know then it's a big loss so simply don't save.

It's not permissible for someone to use your computer because that would be a big problem too, it's better if there is a prohibition for anyone including family not to be allowed to use their own computer, as much as possible we have to be able to delete and reinstall what is needed and we have to understand about the computer then there is no need for the help of others.

Some people may use the same password to not easily forget so old passwords are easy to remember, but need to know this way is easy for hackers to guess we should be able to upgrade different passwords on different platforms and if necessary write down on paper or memorize it, I don't want to make the same mistake with the same password all so I've upgraded to a more difficult one.

Ad-blocker runs some kind of script in the background and some are so buggy as hell, they work at first and after a while you will start noticing some transgression in your PC, I don't like using them, my also confirm that Ad-blockers eat up more data because they work by running scripts and it's like opening a link in two places at the same time.

This is a serious subject that people should pay attention to. Many people disregard these small security precautions. It's not a good idea to give someone administrator access to your computer because it will give them full access to everything, believing the owner to be the operator. Some users may delete files unknowingly or with malicious intent, so it's best to only give them guest access for security reasons.



We should all refrain from keeping sensitive information like passwords, private keys, or seed phrases in our emails because storing sensitive information online is extremely unsafe and emails are also risky. In addition to them being hacked, saving them on email is like giving them to someone else to keep for you. What if an employee finds them and decides to use them to steal your assets? The ideal option to save any sensitive information is offline, in a location that only you can access.

I agree at the same time I have use one of adblocker and its a bit annoying maybe I'm not to familiar with it, besides some have that and yet they allow something to run, without knowing it, next thing they know they are infected.
if you don't want to see logs of what you did in the computer like browsing to  site or anything use incognito, since there is no history to be log there or what so ever, in that computer.

How safe is ad blocker? Not all adblockers are safe because there are few that are closed source, even the ones that are open source are not entirely safe like we thought, the ad lock developer might decide to push malicious code one day, or imagine if the developer Chrome store account get hacked, there is the possibility that the attacker can inject a malicious update.

I feel like the best solution to this is to use incognito mode to access sensitive websites like Bank account and others, most browsers comes with incognito mode, you only need to activate them because they are always deactivated by default. 

This one risky that goes two ways; if one shares the seed phrase with just any family or friend it has huge risk. But there’s definitely someone in the family one needs to trust maybe next of kin to share seed phrase with or even a clue about it’s stored location in case of emergency like death.


It is easy once you’re someone that hunts down all this airdrop and bounties then you definitely need to have a separate wallet than your main wallet your store your valuable funds or investments. As this will limit the risk of phishing. It is even advisable not import the two seed phrases on the same wallet.

Talking about the desired password combination to use as recommended, it is very important to always use bith the alphabets and numbers while choosing a password while addition of capital letters to one or two letters used is also a good advantage, a good password should have nothing less than 12 to 15 characters in combination for more strength against any third party guess, we should avoid using common words like our name and surname as password, birthday date, or cell number as these could be easily guessed by anyone.

In short don't store anything in any device where it's used to connect internet and try to be different on one site to another.

Another thing to reduce online attack are:

• Don't click random link
• Install adblocker and always check the domain name to prevent from phishing attack
• Avoid any altcoins e.g. airdrop, bounty, because it might compromised your privacy and security.

Using the same passwords for all the websites we registered on can cause a big problem and loss, I did this with the majority of the websites I visited and bookmarked, later google security is now alerting me to change the passwords because a breach took place on one of the websites and have exposed my password, meaning that my accounts on other websites are not safe either, they have been compromised.

I got lucky with my cryptocurrency exchange accounts because I set up 2FA authentication, is not the hacker might have found his way into my crypto exchange profile and done their evil deeds

Make sure you use different sets of passwords per website if one gets breached it won't affect the others.

This is a great list and very reminder not just to newbies but to everyone. I'd like to add about panicking. Like when something goes wrong and there's an investor who's panicking because he wants to transfer his assets quickly and exchange it on swap websites just like this guy[1].
The importance of having a 2FA is making your accounts and funds secure and making sure that you know where you're registering your information because there have been cases about sim swap[2] that has been a popular case since a few years ago.

[1] USDC Holder Forks Over $2 Million For $0.05 USDT In Desperate Move To Evade Crypto Crash
[2] Man's $1M Life Savings Stolen as Cell Number Is Hijacked

On Google phones now, I can borrow a friend phone, check his chrome browser, all saved passwords can be found under settings, but it needs password or fingerprint if enabled, but do you know that it is possible for anyone around you to know your phone password if they are smart enough? It is possible, but I can't do that.

But almost all noncustodial wallets do not support 2FA, the reason it is best to setup a cold wallet for maximum security.

Have no choice but to merit this post, well done OP, this is a well-crafted post that talks about what we think its fine but on the long run it can be unsafe and could cost us a lot.

Saving recovery seeds and private keys in email addresses is something people still do today, I talked to a brother to ask if he has gotten his hardware wallet since he has been talking about buying one for a long time, he said he hasn't, I asked why and he said he didn't need to anymore, so I asked him what could be better than a hardware wallet and he said he opened an email address for the recovery seed and private keys keeping only.

I was shocked, because this is someone who understands how secured hardware wallets are, he really believes that what he did is safer.

He said hackers can't know the email address because he never uses the email for anything else, that's when I burst his brain with many possible ways hackers can still get his email address.

There are many email tools out there, both free and premium ones, and they have this greatly disastrous way of finding and generating email addresses that are already in use. I am glad he listened and believe me, imagine what would have happened if we never discussed it.

Great list, especially the part of not getting complacent and trying to do everything in a hurry. If I can add something I will include;

• Not backing up your seedphrase,
• Attempting to remember passwords or seedphrase by heart,
• Not using an airgapped device or a hardware wallet,
• Not triple checking everything.

You share your keys, you lose your coins.

Don't prioritize convenience and comfortableness over your security. I don't want to sync my passwords, account information to Google, browsers just for convenience. I store those things on my own device and if I need to use them, I will retrieve it from my own devices, not from Google or browsers.

Use your personal devices for your works, cryptocurrency stuffs.

Remember to set up strong password for your computers or laptops.

Don't store sensitive data on Google Drive, Dropbox, Azzure, Telegram or social media accounts.
[Guide] How to know if your email address was part of any data breach.

Don't install your 2FA application on a same device you use to login your email, your exchange account ...
Use Aegis Authenticator, a decent alternative to Google Authenticator and Authy

Are your passwords in the green
Check if passwords are compromised
[GUIDE] How to Create a Strong/Secure Password

Security checklist

Have you made something that you think, will not be a problem in the future? here are things that might cause you problem that others ignore

Share private keys with a friend or family - sharing is caring as we all know, but these are the things that we should not share to anyone even close friend and family, since they might turn their back against us, when it comes to money, I have read a story of a person who trusted he's friend and family and he though he was hack by some hackers turns-out he's friend did it. it will also cause you friends and family when this things happen.

Remember password to your browser - This might be look alright since you are using the computer but what if a family use your computer, and browse then suddenly your computer , gets compromise, the data that  are stored there might be at risk, specially if there is like keys, or phrase for a wallet.

Allow others to use your computer as an administrator and not a guest user - Since we are close to someone we allow them to use our computer as a administrator user who can install delete on our computer, this is not safe, they might accidentally delete files or application in your computer, for security, give them a guest user for your safety, this is not a bad things since you don't want anything scary happen when you came back and login, and all your applications and data are gone, because they accidentally delete or remove it.

Storing sensitive data in your Email account - We have sometimes store data in emails, but what if the account were hack, all the data there will be leak and use, like wallet keys and seed phrase, some store it locally or in an external drive just to be safe , some write it on the peace of paper and keep it in a safe place.

Not using Authenticator or Security Verification for online transactions - although this are now required on exchange or some site, emails , some people forget to enable it on some sites that are not required to do so, like on emails you have a choice to enable it, because some are lazy to do extra step for security that is why sometimes they are the victims.

Always in a hurry - since we are always on the go, we tend to be working fast sometimes, since we are being complacent on what we do, always be cautious when it comes to things we do online.

Using same password on registration/ easy password to guess Some are guilty doing this using same password for registration is a very big mistake, also password that are easily be discover like birthdays etc., this are the problems i have read before and still they are making same mistake.

This are things that cause others big time, if you can add or correct me on this post please do so, more than willing to learn more,  I hope other newbies like me can learn something on this and don't make mistake.