Bitcoin Forum

Good day, Bitcointalkers,

Too often I see bounty hunters request to change their Ethereum address even before the start of a campaign, then I began to wonder what the problems are, or is it just a lack of knowledge on how to secure their wallet? Cryptocurrency is still in its infancy and I do think lots of education still need to be done as cryptocurrency gradually moves to the mainstream.

 As a crypto enthusiast, you are responsible for the security of your fund and you need to secure it as much as you can. Here I want to educate you on how well to secure your wallets private key.  If your wallet is not properly secured you stand a chance to lose your funds, hackers are everywhere looking for careless individuals.

  
Method One: Never Submit you Private Key In Any Form.
This is most common among newbie in airdrops falling for fake airdrop forms. I had a situation where an airdrop google form requested me to input my private key, I immediately knew they were fake, I looked for an escape route.

Method Two: Never Store Yor Private Key On Google Drive/Email.
As the name implies private, anything online isn't private. I have been tempted to store my private key in my email draft thinking its secured, but then as someone who understands the value of a private key and the damage it could cause,  I didn't give that a second thought. However, if you must store your private key online you can choose to divide the private keys into parts and store in different storage space online.
like save a part in Dropbox, save another part in Google drive, save a part in your Email, just like that . . .

Method Three: Write Down Your Private Keys:
As someone who loves to think on paper,  my private keys are written down on paper and stored in a location accessible by me alone. You can also adopt this by writing down your private keys eligibly into different Notes and store it safely. probably hand one over to your granny and the other to you mum or so.

Method Four: Always Bookmark Wallet Vendors:
A lot of phishing site for ICOs and wallet providers are moving around on daily basis and for you to stay safer bookmark your wallet provider so you wouldn't have to google their website when you are trying to login to your wallet to participate in an ICO. A lot of phishing sites fly around during the public sale of any huge project.

Method Five: You Don't Need to Login to your wallet every time to check if you received a coin from airdrop or bounty.
This is mostly the reason people log in to their wallet frequently to check if they have received a coin from an airdrop or bounty. There are some third-party explorers that enable you to check coins/Token you received in your wallet, without you needing to log in to your wallet all the time. example of such explorer is etherscan.io ethexplore.io. I personally prefer to use etherscan.io

Method Six: Use Metamask if you can:
Metamask is the most secured ethereum wallet/plugin. Always use metamask, it protects you from phishing websites and blocks unauthorized access.

Method Seven: Use Cold Wallet
Cold wallet are a bit expensive, as your crypto assets grow the need to keep your fund well secure offline becomes necessary. A cold wallet which is also known as a hardware wallet is an offline wallet that is not connected to the internet. it is like a flash drive that you can store your crypto assets on. Popular examples are Ledger Nano and Trezor Wallet

Method Eight:

Yes, I added this as I found myself using one browser for my everyday task and another when I want to sign in to my wallet or any crypto sensitive website. I also, use incognito mode when I access a third party website I don't trust.


Method Nine: Add your own.

Do you find this helpful? Upvote


Update 1 - 24th June : Method 8  

This is good advise. Unless, you need to send your Bitcoin elsewhere there is no reason to open up your wallet for the sake of it. Even if it is on a offline computer, and is generally secure.

I haven't accessed some of my wallets for 2 maybe even 3 years in some cases. Yeah, they are cold storage, but I haven't even accessed them to claim forked coins as that just doesn't interest me. Plus, it would require a lot of work to get my private keys.

Thanks for the acknowledgment. I also don't access my wallet unless I want to send fund for an ICO.

Just to add, paper wallets are cold wallets too, and they cost almost nothing to produce. You can also use software wallets like Electrum or Bitcoin Core as de facto hardware wallets by setting them up on an air gapped computer or a flash drive with a bootable operating system.

but are you using your private key to assign your wallet to Bitcoin Talk profile?

I don't really get your question, could you rephrase?

I think he confused something. People are posting their Bitcoin wallet addresses with signed message to secure their accounts. If your account will be hacked, you will have to send signed message from staked Bitcoin address to admin and then you will have chance to get your account back. But you you should never post your private key in public!

of course you need to use your private key to sign (not assign) staked address
but signing message for staked address will not expose your private key
the signed message cannot be reverse engineered (decrpyted) to figure out your private key

Method number eight :

I would like to suggest if this fits. 

Do not leave your computer without deleting history, cookies,  and the browsing data.

Better use a private window or incognitno mode window tab if opening a third wallet party. 

-
Thanks to @Jetcash, i learn this very important information as a local user. 

I also  when joined the airdrop, I avoided projects requiring KYC by addressing the ETH with a message from a website to protect my wallet. Also I save Keystore file, Private key and password in usb drive, CD when I need to connect to computer to use. Conditional use of cold wallet Leger wallet, TREZOR will be safe.

Do NOT save your private keys on USB drives if you don't know how to do them safely and securely.

[Guide] Secure air-gapped crypto wallet storage method https://bitcointalk.org/index.php?topic=2828437.0

Always use cold wallets for high amounts of coins, if you are a newbie you are at higher risk by using other methods to store your private keys. Storing private keys on computer even in a encrypted form must be the last thing you do.

I think I need to add some tricks in Private Key. We can reverse characters or delete some characters to ensure the safety of our wallets. But make sure you remember the changes otherwise it would be catastrophic.

Thanks, it's always easy to take a easy route on these thing. A friend of mine stores his private keys on a veracrypt volum with a 20+ long passphrase stored on google drive. Is that something you could consider pretty safe?

Useful advice! Crypto is all about self-responsibility and thus one should always take extreme security precautions while dealing with crypto. I am using the paper wallet as my main cold storage wallet and then I am also using Trezor wallet for flexibility purpose as I find it user-friendly in terms of security and flexibility. One should always remember that anyone can spend your coins if he has access to your private keys.

I did a little research on Veracrypt and from my findings i think they are pretty secured and have proven that overtime.

However, no software online is totally safe from attack, if i have a large fund i did rather go with the cold wallet taking my fund offline. we need to take responsibility for our action in a decentralized world.