Author: 0xWendy; Source: Author’s Twitter @0xWendy99
Just now CZ posted a personal experience post about wallet security, and the summary is as follows:
There are three important points to ensure wallet security:
-
Don’t let others steal it.
-
Don’t lose your private key.
-
There are methods for trusted individuals to handle it in uncontrollable situations.
The first point is the most obvious. Depending on the storage device, the computer is often the most commonly used medium for storing cryptocurrencies. There may be vulnerabilities in various parts such as the internet connection, operating system, and software that could be exploited by hackers. How to download a wallet without an internet connection? You can use a clean and secure CD or USB. After downloading, wait for 72 hours, as there have been many cases where even official websites have been hacked. Open-source software is relatively more secure, while closed-source software may have backdoors. At the same time, attention should also be paid to the security of the storage hardware and not losing it.
For mobile or mobile devices, non-rooted/jailbroken phones may be safer than computers. The phone used to store cryptocurrencies should not have other software installed, except for transferring funds, keep it in airplane mode. Never connect this phone to any Wi-Fi, but update the software wallet version in a timely manner.
For hardware wallets, although the private key never leaves the hardware, there may still be risks in the software because the hardware wallet still needs to interact with a computer or mobile terminal. However, hardware wallets are generally highly recommended.
For the second point, it is important to have a backup of your own private key. Private key backups are recommended to be stored in multiple locations, using multiple encryption methods, and making multiple copies. Writing on paper may have drawbacks such as blurred capitalization or difficulty in identification, and taking photos or screenshots poses greater risks. CZ recommends storing the encrypted private key on a USB flash drive. VeraCrypt is a basic encryption tool, and there is also TrueCrypt, but both have been questioned for risks and issues. Therefore, it is still recommended to use your own encryption method.
For the third point, when you are unable to personally handle your cryptocurrency holdings due to restricted circumstances, you can entrust them to trusted individuals. There is a service called Deadman’s switch, which will send you an email every month and require you to click to confirm within a certain period of time. If there is no response, they will assume that you have had an accident and contact the designated person based on your previous settings.
In daily life, you should be careful not to download files on your computer indiscriminately, update software in a timely manner, ensure the security of your email (such as enabling 2FA authentication), and set up U2F, etc. On centralized exchanges, you can also set up withdrawal whitelists, API permissions, etc. You should also be wary of phishing on social media networks such as Youtube, Telegram, Discord, etc.
Like what you're reading? Subscribe to our top stories.
We will continue to update Gambling Chain; if you have any questions or suggestions, please contact us!
