Basics of Securing your Web3/Crypto wallet

Basics of Securing your Web3/Crypto wallet

The security of a Web3/crypto wallet is the top priority, users that lose their private keys or get hacked almost always forfeit their crypto, and due to the nature of the blockchain, it's close to impossible to get it back. One of the first things to do before choosing a crypto wallet is to decide what the wallet is going to be used for. Some users wish to HODL and rarely touch their crypto, some want a safe place to hold it but still want it accessible to trade. There are various options and users should be aware of the solution that best fits them. 

In this lesson you will learn the basics of securing your crypto wallet. By the end of the lesson you should be able to select a crypto wallet and be confident in safely using it.

‍

1. Backup your wallet

The most important step after choosing your wallet is immediately doing a backup. Not a backup as most might know it, but rather writing down the recovery/seed phrase and safely storing it. Some wallets need that recovery phrase if control of a wallet is lost. Some also have a specific file that needs to be used in combination with a password, so be sure to safely store all the ways to get back into an account.

Important practice for storing a recovery phrase: 

Never save a recovery phrase online or in any apps. As well as a photo gallery, various apps have permissions to a phone's gallery i.e Instagram making it insecure. Although saving it in a note app or email might also sound like a good idea if they are compromised, odds are good the crypto will be at risk. It usually goes without saying but also remember to never share a recovery phrase with anyone, not even with the technical team of the wallet provider. 

2. Double Check the application

When using the wallet or its website/Dapp, ensure you are using the official versions, phishing scams and malware can steal wallet info. Cybercriminals have created fake wallet apps to try and catch users' information. These criminals use a wide variety of phishing techniques of which users should be aware. 

3. Only use Trusted Networks

When doing crypto transactions, working in DeFi, or just playing around with your wallet Dapps, make sure your connection is secure. Try to stay away from crypto when connected on public WiFi. If there are no other options users can use VPNs to secure their connection. 

Most users opt for hot wallets (wallets connected to the internet) and these are vulnerable to malware, viruses, keyloggers, and phishing. Users should be wary of using, downloading, clicking links on untrusted sites that could infect their devices and potentially steal all the crypto from their wallets. 

4. Take full ownership of your coins

Not your keys, not your coins. If you don't hold the private keys to the wallet holding your coins then you're trusting it to a third party. If you own your keys you have complete control over the crypto you hold. However, by holding them you are responsible for the security thereof. If funds are held in an exchange and the exchange is compromised the wallet owner's crypto is also at risk.

5. Use additional security measures 2FA

Additional security measures will slow down immediate access to your assets and will ultimately add a layer of security, use whatever is available such as two-factor-Authentication (2FA) on email, SMS, or call; Authenticator apps, log-in notifications and more. You can use one or more of these examples. 

Lesson Recap (TL:DR)

When using Web3/crypto wallets, as with every application we interact with everyday we need to practice the best practices to ensure our personal security.

Here are our top 5 tips for web3/crypto wallet security:

1. Backup your wallet - know your seed/recovery phrase and password and keep it secure
2. Double check the application -  always check that the link is the correct one, and always only download from trusted websites.
3. Use Trusted networks - When doing anything on the blockchain, especially when dealing with web3/crypto wallets only use private secure internet connections, and for added security you may use a VPN.
4. Take full ownership of your coins -  Keeping track of your recovery phrase and securing your wallet may seem like a huge responsibility, but it keeps you safe from potential vulnerabilities when dealing with a third party. 
5. Use additional security measures -  Use the additional safety and security measures provided by wallet apps like two-factor authentication through email, SMS, authenticator apps, or all that are available for maximum security on your end. 

‍

Resources used:

1. Gopalakrishna, R. (2021, 23 October). Security Pitfalls & Best Practices. Secureum.Substack.com. https://secureum.substack.com/p/security-pitfalls-and-best-practices-101 
2. Gopalakrishna, R. (2021, 2 October). Ethereum 101. Secureum.substack.com. https://secureum.substack.com/p/ethereum-101 
3. Bitcoin. (n.d). Securing Your Wallet. Bitcoin.org. https://bitcoin.org/en/secure-your-wallet 
4. Hacken. (2022, 27 May). How to Improve Your Cybersecurity?. Hacken.io. https://hacken.io/researches-and-investigations/how-to-improve-your-cybersecurity/ 

‍

About Hacken

Hacken is a cybersecurity auditor born in 2017 with a vision of transforming Web3 into a more ethical place. With 5+ years of experience, hundreds of blockchain partners, and thousands of secured crypto projects, Hacken protects technological businesses and crypto communities worldwide with the most competitive suite of professional cybersecurity services. 

Hacken in figures:

• 1,070+ clients, including THORSTARTER, ConstitutionDAO, XTblock, Paribus, to name a few
• 180+ partners including Avalanche, Polkastarter, CoinMarketCap, Weld Money, CoinGecko, Solana Foundation, Simplex, to name a few
• 23/50 top crypto exchanges are Hacken clients
• $10B in users’ assets saved from being stolen by hackers

‍

Strategic goal: get a 20% share in the Web 3.0 cybersecurity market by 2024.‍

For more on Hacken follow them on:

Twitter | Discord |Telegram | Hacken.io

‍