You have full custody over your crypto. No one is here to save
you, or revert transactions. You have to take security measures yourself.
When you create crypto wallet you generate 2 things. A public key and a private key. The public key is your adress and can be shared. The private key is the key to what's on the adress and must be protected and hidden from anyone else. Once anyone on this planet has your private key, they can access everything you have stored on the public key associated with it.
A bitcoin private key can look like this:
E9873D79C6D87DC0FB6A5778633389F4453213303DA61F20BD67FC233AA33262
But can also be converted to 24 words (which makes it more accessible.). This is done by most hardware wallets like Ledger and Trezor.
You must NEVER even enter your private key into a computer. Note that if you keep your coins on an exchange you don't hold the private keys.
The goal is to keep your private key(s) as safe as possible.
2 Factor Authentication is one of the best ways to secure any online account. It requires anyone logging in, to input a secondary code that changes every few seconds.
*Caution*
Even if you have every security measure in place to secure your exchange (online) account, the exchange itself can still get hacked and you could lose your coins.
SMS 2FA works by sending a code in an SMS while you are logging in. SMS 2FA is prone to simswapping attacks. In a simswapping attack the attackers use your phone number and name to call up your provider and ask them for a new sim card. Your sim then becomes invalid and all SMS messages (including the verification messages) are sent to the attacker allowing them to access your account.
These are apps that generate 6 digit codes every few seconds these are needed to login on top of your regular password. This adds an additional layer of security as intruders now also need access to your phone even when they obtained your email and password.
2FA with Yubikey requires you to use a physical key when logging in. You insert the Yubikey into your computer while logging in, press the button on the yubikey and you're in. This is way safer than an 2FA app as it requires the physical key when logging in making it impossible for it to be hacked from the outside.
Self custody wallets are wallets that you yourself hold custody over. Sometimes apps on a computer or phone, other times physical devices.
Remember that your coins are not stored in these wallets, only the keys to those coins. (the coins are on the blockchain)
Mobile / desktop wallets are wallets in the form of an app or program. They are really easy to use but should only be used for small transactions as phones and computers are prone to malware.
(!) Mobile / Desktop wallets can be very safe if you never connect them to the internet but you'd have to know what you're doing.
Hardware wallets are little devices that are not connected to the internet and have a very little amount of storage making it almost impossible for them to be infected with malware. You only plug it into your computer when you want to make a transaction. When you do so, you will have to verify the transaction using the buttons on the wallet, requiring a physical push of the button as verification. This makes it impossible for hackers on the outside to verify a transaction.
A paper wallet is just that, a piece of paper with your private key on it. They can be generated using (for example) walletgenerator.net. This then gives you a public address where you can receive bitcoin to, and the private key with which you have access to that wallet. If you then want to send whatever is in that wallet you can use a desktop wallet to input that key and send your funds.
Do not re use a paper wallet. Always generate a new paper wallet once you have sent a transaction from that wallet.
Paper wallets can also be a piece of titanium with your seedphrase indented onto it.
With multisig security you need multiple signatures (private keys) from multiple devices / entities to perform a transaction. For example, you need to confirm the transaction from your hardware wallet and from your phone to approve the transaction. This significantly reduces the chance of your crypto being stolen as the attacker needs access to all devices required to sign the transaction.
Set up a multisignature wallet yourself. Not all cryptos have the capability of creating multisig wallets.
Multi-signature services like Casa.keys make it easy for anyone to create a multi-signature Bitcoin wallet.
With Casa you can set up 2-of-3 or up to 3-of-6 multisig security.
This means that if you have 2-of-3 multisig security, you need 2 of 3 existing private keys to make a transaction. Casa holds 1 key and you hold 2. Lose 1 key? No problem, using your 1 remaining key and casa's backup key you can reinstate the 3rd key.
Storing your private key (or 24 word phrase) in a safe place is really important. You need to remember where you left it and it needs to be safe from intruders who might be looking for it or external factors like a house fire or a flood.
Write down your private key on a piece of paper and store it where no one else can find it. Once anyone has access to your private key they have access to your coins.
Stamp your 24 word private key into metal to make your private key fire, water and shock resistant.
Memorize your 24 word private key.
Usually not recommended you do this.
It is obviously very important that you hide your private key in a place where no one else can find it. Below are some additional safety measures you can take to make it extra hard for anyone to access your coins.
A fireproof safe deters burglars and protects from home fires at the same time.
A disadvantage could be that it's not easy to hide.
This goes against everything crypto as you should be your own bank. But if you fear your coins are not safe with you, you can always get a safety deposit box for about 10$ a month. If you don't trust the bank, just cut the private key in two (or more) pieces and store them at different banks / vaults.
Buying a computer for the sole purpose of making crypto transactions will prevent you from getting your coins stolen by keyloggers or other malware on the computer you use daily.
