Bitcoin Forum

One of the most important things I have learnt from this forum is how to secure your digital assets.
Here are a couple  of things you should avoid after setting up your air gapped device or when installing your wallet generally;
1. Avoid visiting sites with low trust score and security warnings. These security warnings are usually displayed in your browser.
2. Use secure browsers like;
    BRAVE which you can get from their official page   
    https://brave.com/
    TOR browser which  you can get from. 
    https://www.torproject.org
    You can even make use of the local browser that comes with your OS as long as  your privacy is safe and your device is protected from malware.
3.And most importantly always get your softwares from their official pages especially when installing a wallet software. This will reduce your chances of installing a malware or getting an altered or monitored version of that software.
 Here are some official pages of some of the most secure and popular wallet softwares
 LEDGER.
 https://www.ledger.com/ledger-live
 TREZOR.
 https://trezor.io/
 MYCELIUM.
 https://wallet.mycelium.com/
 ELECTRUM.
 https://electrum.org/

And most importantly Don't forget to keep your keys safe mate😁

The sign of unsecure website is still use http, the secure website is already use http"s".

Most of browsers are secure, but some of them are spying e.g. chrome. Brave and Tor are very known as private browsers, the bad side of Tor is slow connection.

Don't trust, verify. Don't directly trust the wallet because you download from official website, verify the key.

Avoid use ledger Ledger Recovery - Send your (encrypted) recovery phrase to 3rd parties entities (https://bitcointalk.org/index.php?topic=5452900)

---

I'll add:
1. Don't participate in any giveaway, bounties, airdrop etc.
2. Don't click any random link.
3. Don't install any unnecessary software or apps.

Tip: if using hardware wallets(Ledger/Trezor) it would probably be a better idea if you don't use their official software for making transactions, just to be sure. Quick reminder that you can (and it's recommended) for you to connect your hardware wallets to reputable non-custodial wallets like Electrum instead.

https://chainsec.io/checklist

Brave browser guys ruined the whole project the day they decided to become regulated and started enforcing KYC on their users. This means as long as there are decent open source and very popular browsers such as Firefox, there is no reason to use something like Brave!

Op, I think you should move your post to the beginners and help section. Since it's a guide.

As redards your post, we should remember that when investing in Bitcoin, keeping your funds safe should be your top priority. If you're not sure how to do that, your investment could be in danger or at risk. Some people think that as long as they keep their access keys safe, their funds is secure. But in today's world, scammers have found tricky ways to steal your funds.

To stay safe, you need to be smart and careful while browsing the internet. Don't click on "allow" requests from websites, as they might be trying to spy on your device. don't download software from sketchy or unknown websites because it could harm your device. Be cautious of apps that ask for too many permissions, if it's not from an official store, be extra careful. The world of investment is filled with a lot of potential threats one has to be smart and be vigilant as to what and how you choose to secure your investment.

Avoid visiting any website that you do not trust. Try to reduce the number of websites you visit and always make sure that they are correct and do not give permissions or download programs/applications.


BRAVE browser is spammy browser and donot use associated wallet to store cryptocurrencies.

Always check the signatures associated when downloading the program because sometimes the front end may be hacked.

You can freely use Brave browser without KYC if your only goal is to use it for its privacy features and for it to be slightly-more-debloated compared to Chrome. You only need AML/KYC if you want to claim BAT tokens, which I'm sure most people here aren't interested in anyway.

Securing your asset  should not be a problem for anybody who see it as very important to do. Aside you using secured wallets, there are other minor things that are very important and necessary that one needs to adhere to if you must be free of scammers and hackers because that is the only medium through which most of this hacks and scams occur. In other to be safe, you must avoid clicking links that you have no idea where it is coming from maybe through emails, social media, sms links, failing to make use of your browser in the sense that you do not type complete what you are searching for in your browser but using auto complete to finish it up. This makes your system vulnerable to attacks online. Avoid enabling much cookies and stop granting permissions to some apps and sites you have no idea abut to access your device.

Avoid connecting your wallet to web3 sites and if you must do that, create a new wallet for such purpose and after you must have done that make sure to revoke their access to your wallet and transfer away any coin or token you acquired through that site to another wallet.

Make your wallet security a priority.

For instance, using Google as a search engine means that even if we don't type out a complete query, Google automatically suggests searches based on our history or related recommendations. To me, this isn't an issue; the real concern lies in Google's long-standing reliability in terms of security.
https://www.talkimg.com/images/2023/09/21/6biGH.jpeg

The problem arises when you venture into suspicious web pages. Sometimes, clicking on links in search results can automatically trigger malware downloads. Even paid antivirus software may fail to detect these threats at times.

The more you delve into the online world, the better you understand the prevalent methods of internet scams. In essence, steer clear of malware, as it can often go unnoticed by users and even evade detection by any antivirus software.

True but if they've accepted KYC, one should wonder what else they have also accepted and have done to the browser. Besides as I said it's not like there is a lack of good other open source browsers that people can use to improve their privacy.

You must be brave to use Brave browser if you want to find a privacy browser.

Best browsers to use for privacy is Firefox and Tor, Brave browser is not. They advertised their Brave browser as a good one for privacy but do you know they launch $BRAVE token and if their browser user want to claim the token, they must KYC. KYC is a biggest enemy for privacy.

A snapshot in 2020 shows at the landing page of Brave.com, they mentioned privacy 8 times. Months later, they broke it.
https://web.archive.org/web/20200112001628/https://brave.com/

Ledger historically has some data breaches and months ago, they launched Ledger recovery service that raises a question why do we need such service and hardware wallet that can own part of our wallet seed.

Always verify Electrum wallet.
[GUIDE] How to Safely Download and Verify Electrum (https://bitcointalk.org/index.php?topic=5240594.0)
The paranoid user's security guide for using Electrum safely. (https://bitcointalk.org/index.php?topic=5456886.0)

Ledger is not advisable for newbies anymore, they have messed up their own reputation with the recent data breaches that took place months ago, this is why using any crypto wallet that's not open source is wrong, so I advise you remove Ledger from the list of the wallets you have on your post.

I remember perfectly that the few crypto wallets I used in my early crypto days are all closed source and this was why I became a victim to asset loss, it's the first time I've ever lose my crypto assets that if I still had then till today my life will never be the same.

If I am not considered a Bitcoin maxi with my 1.1BTC at least I would be a Dogecoin bull with the millions of Doge coin was gathered in the past.

Closed-source wallets are only good for the owners, not the users, they can do anything criminality in the closed doors without anyone knowing because they aren't transparent going closed source.

Another post for the sake of merit. OP, you are also strongly recommended to read topics on online security, since the advice you offered is stupidly taken from some sources without providing a complete base. Has Brave Browser undergone a security audit? The developers have been repeatedly accused of fraud, and no matter how they claim to be reliable browsers, their reputation is already tarnished forever. OP, read about the benefits of Firefox. All the intricacies of using wallets are also fully described on the forum, but you only provide links, as if you were the only one who discovered them. Not a word about using the right systems, namely Linux, which is also recommended for your information, OP.

@Mia Chloe, There is one important thing that you have failed to include in your security warning details, which is getting OS from a direct dealer or licenced distributor. Reading through numerous threads with regard to security, malware, undetected viruses, and all sorts of malicious attacks from hackers, it's been proven that most of these viruses that target crypto holders and traders are primarily from the wrong OS. With the increase in crypto adoption, hackers have deemed it necessary to always improve their ways of stealing from those who are not security conscious enough.

Most people buy OS from some roadside shop that was either downloaded from a non-trusted site or they just copy and paste it on a new CD without even knowing what it contains. When anyone buys and installs it on their system, they have the malware perfect where they want it to be looking for the best possible way and right time to steal for the users.

Another means is when someone who has an existing airway licence happens to expire. Instead of purchasing a new one, you go ahead and go online in search of free window activators, which will lead you straight to the hands of those thieves. @dkbit98 identified and reported one of the famous window activators with a crypto-stealing tool on it . KMSPico Malicious Windows Activator Stealing Crypto  (https://bitcointalk.org/index.php?topic=5375639.0)

I see your list as incomplete if you don't give users a warning regarding the dangers of using the Windows OS. Even if they follow the right security procedures when running under a pirated window, they are not completely safe.

Good to know you have learned something from the forum. Hope so you do not ever see a day where you are required to recover your bitcoin that was lost by mistake. Whether using a hardware wallet or software wallet things can get as ugly as you can imagine in a nightmare. There are cases like someone losing their hardware wallet while home shifting, some of them lost it because they kept it in a secure location in their own house and now they can't find it. Things can sound stupid but this happens. We have life, we have a routine and we get lost in that routine many times and forget things like that. Many times these wallets are used for cold storage meaning you do not really need them all the time. You have the address, you work your ass off and send all earned Bitcoin to such wallets, and then over time, we tend to forget where we have kept it.


I don't trust this wallet after seeing its drawbacks. It has underdeveloped apps. Android has different features and iOS has just a simple "representative" sort of app. You can explore more. Better get Bitcoin Core downloaded. Learn more about loading the blockchain on a hard drive using plenty of threads in the Development and Technical discussion. There are some users posting their own good experiences about it.

Your post was supposed to be on how to secure digital assets, but you did not cover that so well in your post, and you didn't make very good recommendations that'll help people secure their assets.

Your main funds should either be in an airgapped wallet or a hardware wallet, it should not be in a device that you use to access the internet, it does not matter the browser you use on the device, anything that is online is prone to hacking. You also recommended Mycelium and Ledger which are not really recommended wallets right now, there is also no Passport or BlueWallet in your list, which are some of the best BTC wallets one can use.

I think all browsers are the same, they just differ in how they use user data, and Brave or Tor promote privacy more than the rest. Other than that, I don't think it makes any sense or has anything to do with protecting our crypto assets. As long as you don't visit strange links or sites labeled as harmful, you're safe using any browser.

As for storage wallets, as many others have also mentioned, Ledger is no longer trusted and people have stopped using it. You need to learn more about hardware wallets, not all wallets are safe, especially Ledger. Software wallet, Electrum has always been my choice, I have never used any other wallet.

I used to use Mycelium, but I stopped using it a long time ago since, as far as I know, it had a problem issue https://www.reddit.com/r/Bitcoin/comments/13giow9/mycelium_wallet_critical_flaw_concern_due_to/.
Now, I tried out the Brave browser as well. I just realized that if you don't have a lot of storage on your computer, the desktop will operate slower because it takes up a lot of space.

However, I have not tested using the Tor browser to access the wallet because it appears to be easy for hackers or phishing sites to enter because it is a browser. Non-custodial wallets such as Electrum, Unstoppable, and others remain distinct. However, a hardware wallet is still preferable.

Searching from Google would still be dangerous with auto suggest in search bar cause some of the searches contains unverified websites and links that might be a virus, they will suggest you searches that are connected from your history so when you search like Bitcoin it might suggest other websites that are similar so it would be the best to double check first. Google has actually a security feature if you activate it in your settings, when you clicked a suspicious link, it will give you a notification that "you are leaving into an unauthorized website, do you want to continue?" something like this, so you could avoid instant download links when you accidentally clicked it.

Of a truth using such features will help a lot because these days nobody can tell how sophisticated malwares are and if one is not careful enough one can download it into their gadget and the unthinkable would begin manifest itself in one's system. Like when ever I want to type on my search bar, I type complete if what I am to search for would lead me to downloading the link. I do that so as to avoid auto search engines do the bad for me because any chances anything can happen. So one needs be vigilant and careful so as not to make any mistake.

Op I would have been more specific in the domain of digital assets with securing Bitcoins  ;), most likely I had also learned this particular security preventive measure from this forum. Here we support a motto "Not Your Key Not Coins", "Security & Safty is as simple as ABC" Always Be Careful.


Hmm, OP your tips are quite promising as using a secure Browser really matters, as the software installation from the official source as well, but mostly people prefer downloading from the official sources still reminder by OP is appreciated. If you are really covering some of the tips you should also include the cold storage for a large amount, for beginners include the Custodial Wallets recommendation as most newbies get confused in Custodial & non-custodial Wallets (Hot Wallets). In the Hot wallets add a point for the highly recomended (Electrum Wallet).

With KYC to claim the token, it unofficially forces users of Brave browser to KYC. If they use the browser, they will have more reasons to consider KYC to claim rewards. When they claim reward once, they will do it more and the reward in token is like a KYC-honeypot from Brave browser team.

A truly privacy browser should not have that policy to distract their users from privacy protection. If they design a privacy browser but at the same time, design some policies, reward program to break the privacy policy, their browser is no longer private.

AML/KYC sucks for sure, but I think in this case it's simply due to regulators reasons. As far as I know, Brendan Eich and the Brave browser company are based in the United States, so it's just totally expected for them to be making sure that they're not poking the hornet's nest.

One important thing that I think you forgot to mention is the use of 2FA. It keeps them out all the time.