|
August 12, 2017, 09:44:32 PM |
|
I know that Cold storage is the way to go when it comes to securing your BTC. However there are a few reasons why some people choose to keep their BTC on an exchange, for example to withdraw to fiat or they keep it on their Blockchain.info mobile wallet app to make small purchases from time to time.
The issues I am finding with most exchanges like Coinbase, Gemini is that even if you have 2FA enabled most can be easily reset if someone has access to your email and/or phone.
So if you have a unique email password with 2FA enabled, a unique Coinbase password with 2FA, you are still vulernable if your computer gets malware.
Authy for example lets you reset your 2FA with ONLY your email+phone number. They freeze your account for maybe 24 hours and they ask by text to confirm its you. However if your computer gets hacked, someone will have access to your email, in your email they can get your name, address, SSN, which is more than enough to change their SIM swap to theirs.
Hence if you are on vacation or take the weekends away from the computer. Someone during that time can reset your Coinbase password by email, reset your Authy 2FA by email and by phone confirmation.
So to me its seems that the ONLY way to have security ( assuming Coinbase doesn't go MtGox ) is to use a
Dedicated email address only for Coinbase. In this email there should be no traces or mentioning any personal info like Full name, Address, Phone number
Dedicated phone number only for Authy 2FA. This can be a prepaid phone which can only get refill offline by calling 611 or at the Gas station. This phone number can't be anywhere on your computer or inside your email accounts.
Secure OS like Linux or Mac with all security updates. Only use when login into the exchange, don't use it for anything else. This can be done by buying another hard drive.
So I know this is kind of paranoid and some say its far-fetched but with Bitcoin hitting $4000 almost, pretty much any amount of BTC stolen would be upsetting.
I am just wondering what everybody else is doing to keep their BTC secure on an exchange?
|