How to protect your cryptocurrency like E. Snowden
The best feature of the cryptocurrency trader is not a good sense of investments or a highly analytical mind. It’s not even the access to inside information. Traders with those qualities will still fail unless they develop the actual requirement for the job — good old paranoia.
You see, criminals run rampant on the cryptocurrency market. Fraudsters, hackers, scammers, and old-school racketeers have adopted digital currencies long ago — and then developed the means to extract them from other users. They have more experience, better equipment and let’s be honest — they are often smarter than us. So if you want to win and keep our cryptocurrency safe, you must adapt too. In fact, you’d better go full Snowden.
Know where an attack may come from
A man-in-the-middle attack is the most widespread way to intercept the information. The name captures the essence—the attacker secretly comes between two parties and alters the communication between them. The process can be described as “active eavesdropping”. In case of cryptocurrency, the attacker may interfere between you and cryptocurrency wallet, intercepting the password and private key. For example, in places with a public Wi-Fi spot hacker may turn their laptop into the Wi-Fi spot with the same name. Inattentive users connect to the false spot, while the attacker get all their traffic and passwords.
Always check if the URL, link, and address of the wallet where you send money are correct. Do not use public Wi-Fi network, as it can be hacked. Install strong antivirus on your computer and update it regularly. Such measures help to avoid the risk of the man-in-the-middle attack.
Create strong passwords
The most popular passwords of 2014 were “123456”, “password”, “12345”, “12345678” nad “qwerty”. No, we are not kidding. But even if your password is “Kiteman2018hellyeah!”, you are not safe — HashCat, for example, can take 300 000 guesses at your password per second using the world’s largest thesaurus. So remember: no related to you words and numbers should be used in a password. Especially not your birthday, name or anything else publically available.
What is even worse, 73% of people use the same password in different accounts, making it even easier for hackers to get the information.
Hackers have two main ways to steal someone’s password: trying to guess based on information available on social networks (birthdate, pet’s name etc.) and a brute-force attack. The brute-force attack is a trial-and-error method when the attacker uses an automated software that calculates as many combinations as possible and tests them to find out the correct password. Short passwords are guessed easily with this kind of attack, longer ones become an obstacle for the hackers. Use strong and different for each account passwords.
How to create a strong password that you will be able to recover on your own:
- Write a paragraph down. It can be a quote or a couple of lines from the song. Maybe it can be an opening passage from your Biology 101 textbook. You don’t have to know it by heart, but you have to know where to find it.
- I’ll use a quote from Neil Gaiman’s Sandman: “I doubt I’m any wiser than I was five hundred years back. I’m older. I’ve been up, and been down, and been up again. Have I learned aught? I’ve learned from my mistakes, but I’ve had more time to commit more mistakes.”
- Now pick the first letter of every word and write them down in a sequence. Ignore the punctuation.
- Now shift it one key to the right on your keyboard. You can use any other direction or amount of shifting.
- Finally, shift every third symbol one key to the upper right, to add some numbers to the mix and confuse the algorithms.
You can safely store the list of all instructions necessary to recover your password anywhere, as long as you don’t include the key phrase used to start the sequence. Alternatively, you can use the key phrase as a password reminder and memorise the sequence.
Enable two-factor authentication everywhere it is possible. Seriously, everywhere. You need to install Google app on your smartphone (the app is available for Android and iOS). Then set it up for every account where such option is available. Even if hackers get your password, they wouldn’t be able to access it without one-time code that changes every 30 seconds.
Use cold storage
Cold storages are not connected to the internet. Hardware wallets are considered to be one of the most secure ways of storing coins. Trezor and Ledger are perhaps the most popular examples. But be careful even with them: but still they have vulnerabilities. Never buy a second-hand wallet—device may be cracked and all information stored there including private key will go directly to the thieves.
Cold storages are good for storing crypto, but are not convenient for managing and spending it. Cryptocurrency experts advise to store some of your coins in a hardware wallet, and some in an online wallet, where you can easily send, receive and even convert crypto into fiat. Try storing part of your coins that you don’t plan to spend soon in Trezor, for example, and a spendable part for day-to-day needs in the Bonpay Wallet. Ordering a card for cryptocurrency is also a good idea—it makes spending crypto easy and quick everywhere plus this is perhaps the safest way to convert Bitcoin into fiat. Separating your funds into different wallets also helps minimize risks of losing your funds.
- the address of the wallet—over 12 000 ETH are lost forever because of misprints;
- the URL—aren’t you giving your personal information to the phishing site;
- the amount of money you are sending—haven’t you added an extra zero?
Double-check everything to avoid the simplest mistake that can lead to the loss of your money.
Keep the seed phrase safe
Write the seed phrase on a piece of paper. Cut paper into few pieces and keep them in different places. Also save the phrase on an SD card. Then swallow it. It’s a joke, don’t do that. If you already did, call 911.
Keep your mouth shut
It may seem that as cryptocurrency has no physical form, there is no need to worry about being robbed. But, as we know from some real-life examples, person may be forced to send Bitcoin to the thieves, so the danger is real. For example, Pavel Nyashin, a Russian blogger who told the whole Internet about his crypto wealth (certainly not a good idea), was beaten and robbed at his home. Soon after that he committed suicide, presumably, because of debt.
No one in their right mind will brag about how many money they have. But some people who got dizzying profits on trading Bitcoin suddenly have become so proud of themselves that they just can’t help running along the street shouting “I am rich now! I am rich!” And then they wonder why they get robbed, kidnapped or extorted.
So keep your mouth shut. For example, do you know if Snowden has any crypto? He probably does, but you will never know for sure. So keep it that way too. If someone asks if you have invested in Bitcoin, just run out of the room.
Is it possible to stay safe?
Of course, it’s easier to create one wallet, protect it with a password that includes you mom’s birthday and try to calm yourself that you are the lucky one who won’t get hacked. But when it comes to money and to cryptocurrency in particular, you can’t afford being careless.
Remember that people are the weakest link in security. In most cases hackers get access to victim’s funds not because they use complicated operations and cutting-edge software, but just because they know psychological patterns of people’s behaviour in the Internet. It is your responsibility to make your digital protection stronger. No need to become paranoid and check your wallet every hour—just use all the steps mentioned above and live happily ever after.