Ten Hacker-Proof Steps to Secure Your Crypto AssetssteemCreated with Sketch.

in #security7 years ago (edited)

Source: https://www.flickr.com/photos/159526894@N02/38210269751/ (descryptive.com)

The purpose of this post is to help you understand — in 10 steps — how you can reduce, to the minimum, the chances of an attacker gaining access to your private passwords. Furthermore, you will learn how to store your keys and never lose access to your wallet(s) regardless of situation.

According to a report by CNN, hundreds of millions of dollars (in Bitcoin) have been stolen by hackers from accounts of people from all over the world. Crypto wallets are getting hacked every day and assailants are making away with people’s assets.

Furthermore, another report, this time by The Genesis Block in 2015, claims that almost 35% of the 14 million+ Bitcoin mined at the time had not been spent or accessed since 2011. The assumption is: a large percentage of that figure (4.9 million BTC) had been lost due to carelessness on the part of the owner.

The reasons why the two instances mentioned above are a present danger as regards cryptocurrency is simple. If a hacker gains access to your wallet and sends out your coins, the transaction is non-reversible and the identity of a hacker is hardly traceable. Additionally, crypto assets are secured in wallets whose IDs cannot be recovered from the parent company; once you lose it, it’s lost for life.

As a result, securing your crypto assets in the most extensive way possible is no longer optional, it is compulsory.

Due to the cost of the services listed below, this guide is most suitable for individuals with $2000 or more worth of crypto assets.

The steps are:

1. Purchase two Ledger Nano S.

2. Install 1Password and subscribe to their “For Families” plan to automatically synchronize and store your passwords in the cloud (to remove the chance that you may lose access to the database, at least as long as you remember your master password).

3. Install Authy on 2 devices (preferably a mobile phone and a laptop), and ensure that it synchronizes OTP and 2FA keys across both devices.

4. Create a master password for 1Password; the longer the password, the better. The hardest passwords to crack are long sentences and/or randomly-generated characters e.g.

  • action-and-reaction-are-equal-and-opposite-except-on-Wednesdays
  • AW<VBHF%&(#@)19083T27{+?/[}BDWOKG5.

5. Create another master password for Authy (never use the same passwords for two websites or applications).

6. If you trade cryptos, create a dedicated email to use when trading and secure it with a strong 1Password-generated password. Then secure it with OTP 2FA and store the seed key in Authy.

  • Do not use Google Authenticator (unlike Authy, it will not back up your seeds for you, you have to do it yourself).
  • Never use 2FA recovery codes (you’re vulnerable to social engineering).
  • Disable SMS 2FA (they can be exploited).

7. Register all your exchange accounts with the email address created in 6 above. Protect each account with a strong password and store it in 1Password. Further protect each account with OTP 2FA and store the key in Authy.

8. Set up one of the Ledger Nano S purchased from step 1 and protect your mnemonic as follows:

  • Split your 24-character mnemonic into 2 parts.
  • Encrypt both parts with any tool of your choosing, then store the encryption keys in 1Password.
  • Get 4 storage services that support 2FA. Good options include Google Drive, AWS S3, GitHub (BitBucket) private repo, and Dropbox.
  • Enable 2FA on all four of them and store the OTP 2FA seeds in Authy.
  • Put one part of the encrypted mnemonic in 2 of the storage services, and the other part in the remaining 2.

9. Erase and restore the ledger with your mnemonic before sending any assets there to verify that everything is working.

10. Take your second ledger and restore it with the same mnemonic; it will serve as a mirror image of the first one in case you lose it. Put this ledger into cold storage, somewhere you can access within a day.

And we’re done. Phew! Quite extensive, no? Well, that’s the price you have to pay to keep your cryptocurrency assets away from lurking attackers. If you follow each step precisely as stated, your assets are as safe as they are ever going to be, and except you give someone else access, no one but you will ever be able to reach them.


IMPORTANT DISCLAIMERS

  1. Always store your coins in your ledger, never on exchanges.
  2. Do not use your mnemonic leisurely; access it only when you absolutely need to.
  3. Remove the key man risk: if you get fatally hurt or suffer from amnesia, your assets shouldn’t be lost forever. Choose a person you trust with your money and educate him/her on how to exchange crypto to fiat and withdraw your funds.
  4. You can remove the third-party risk in the step above by putting the private info (e.g. your ledger’s pin code) in the custody of a lawyer/escrow/safety deposit box under orders that the other person can only access it upon your demise.

The cryptocurrency scene is starting to take off considerably, and the focus of the whole world is on it. This means that scammers will be stepping up their game in order to relieve people of their assets, and I’m sure you don’t need to be told that this is the worst possible time to lose your crypto. Therefore, it is important that you also step your game up and shore up your account security extensively.


This article was written and edited by Eugene Tartakovsky and Mark Jedd.

Upvote, resteem and follow to receive more useful crypto tips.


If you found the article helpful and want to express gratitude — use one of the affiliate links in the article or register on one of the exchanges with my referral: Binance, CEX, Cryptopia, HitBTC.

Sort:  

interesting post ...
I got insight and knowledge

Paper is still the safest of all.

The problem with paper is that it can be more or less easily social engineered away from you. It also can be lost, damaged and stolen. And it's content should be entered into a computer from time to time, which is another vulnerability easily exploitable by having a keylogger on your machine. Hardware wallets help to avoid all of the above.

useful information, thank you for sharing your most important information

Resteem done..

Thank you. Glad you liked it :)

Can you explain how to encrypt data such as step 8. part 2

Encrypt both parts with any tool of your choosing, then store the encryption keys in 1Password.

What tools to use?

Also step 10. I was not aware one can rewrite the mnemonic. I do not have a ledger but is this something specific only to the ledger? Or this can be done in any wallet where there is a mnemonic? Thanks.

What tools to use?

Ah, thank you. Forgot to add the link to encryption tools. Here it is: http://lifehacker.com/five-best-file-encryption-tools-5677725/1685273934

You can chose whichever one you like. The most popular one, VeraCrypt, should work just fine.

Also step 10. I was not aware one can rewrite the mnemonic. I do not have a ledger but is this something specific only to the ledger? Or this can be done in any wallet where there is a mnemonic? Thanks.

You can reset your Ledger, wipe out whatever it stores at the moment and initialize it with another mnemonic to get access to your other wallets. The same should be possible for any wallet that can be initialized with a mnemonic, at least within the confines of the same mnemonic standard.

I like the precise steps. Action item. Do it when the sun comes up on your next day

very useful article you, I will follow your notification step, to be safe from hackers, let me share your post to be useful for others.

Thanks for your information...
I am glad to follow you...

your post is very useful for me, thank you for giving me additional science

I as a beginner is still confused using this platform. Interesting post for me