- With the growing popularity and adoption of cryptocurrencies and NFTs, hackers are finding new and improved ways to steal your valuable assets.
- Taking your crypto security seriously is crucial to not getting hacked. All cryptocurrency users should adopt strong security habits to keep their tokens safe.
- Phemex, one of the leading exchanges in the industry, applies a high level of security to protect user assets.
Share this article
Too often we hear stories of people losing their crypto due to hacks, phishing attempts, or simply losing access to their wallets. This article will outline a set of strong security habits to help users keep their tokens safe for life.
Not your keys, not your crypto
Let’s say you plan to keep your newly purchased crypto for many years. Self-custody is crucial as it means that the only person who can access your account and the assets within it is no one but you.
every time you create a walletgenerates a private key, along with a corresponding public key.
Public keys function as the holder’s address, visible to anyone who receives tokens (just like anyone can share their email address to receive messages). At the same time, the private key is needed to access the funds held in the public address and determine the actual ownership of the assets. Think of the private key as the password to access your email account.
Since private keys are usually made up of a long string of characters, seed phrases are used as an easy-to-use substitute for cryptocurrency wallets. Your seed phrase is your private key in a different format and consists of 12 to 24 random words generated by your wallet when you set it up. Seed phrases are also known as mnemonic or recall phrases.
A wallet owner should never share their seed phrase with anyone else. In case they lose it, more often than not, their cryptocurrency is lost forever. Any third party that has access to a wallet’s seed phrase will gain control of the assets.
Get out of the comfort zone
The main threats to crypto users will usually come through their wallets or exchanges. The following is a set of recommended tips and best practices to ensure the safety of your valuable tokens.
Backup of your private keys: Always write down the opening sentence and keep it in a safe place from which you can (only) retrieve it. Do not backup your keys in the cloud or email them to yourself as the servers can be easily hacked.
Use a hardware wallet (cold storage): Cold wallets are air-gapped devices that store your private keys and never connect to the internet. Cold wallets are ideal for long-term storage and nearly impossible to hack.
network security: Don’t be that guy who gets his crypto stolen at Chipotle. Use a VPN when using a public Internet connection. Check your home router often, as you never know if your neighbors are trying to sneak through your connection.
Secure your email: If an attacker compromises your email account, you can quickly recover or change the passwords to access your exchange account. An easy tip is to remove all backup emails and phone numbers used for verification. Instead, enable two-factor authentication (2FA). You can also use a physical hardware device, also called a security key, so hackers must steal the device to compromise an account.
Consider using an encrypted email like Protonmail. Beware of phishing emails and other messages from suspicious sources, especially those that contain links or attachments.
Use unique passwords: This applies to all exchanges you use. An easy solution is to use a password manager like 1Password or LastPass and change your master password frequently. Also, you can use a random password generator to create strong passwords that include combinations of numbers, uppercase and lowercase letters, and special characters.
Browse the web safely: Beware of malicious browser extensions and do not store passwords in your browser. Bookmark crypto sites you use often to avoid fake websites that look like the real thing, and use privacy-focused browsers like Brave.
Be careful with SIM changes: A SIM swap is a malicious action through which the hacker attempts to switch their victim’s cellular service to a SIM card in their possession. The hacker uses Social engineering skills to deceive the cell phone company and pretend to be the victim. The hacker then gains access to any service or account with SMS or email recovery. To prevent SIM changes, set up a 6-8 digit PIN through your service provider that you must enter to do anything with your account.
Exchange Specific Security– Use time-locked vaults with a time limit to process a withdrawal. It is recommended that you make a “safe list” of addresses to ensure that only wallets you control can receive your funds. This way, if your account is compromised, it will give you precious time to regain control of the account.
Minimizing the risks of being hacked will give you peace of mind. You may not care so much now, but significant gains can easily be wiped out if storage security isn’t taken seriously. Self-custody is what crypto was created for.
If you plan to stock up on your favorite tokens for the next bull run, consider giving Phemex a try, one of the leading exchanges in the industry. Phemex has never been pirated. Phemex has implemented a set of robust security practices to guarantee the protection of the digital assets of its users.