Bitcoin security and safety

[Charles-Tim]

Bitcoin, a digital currency which has intrinsic value and also an asset that is becoming more popular in the world, it is the first currency that fulfills the the purpose of money, which is privacy. There are some companies that are providing custodial services to helping holding or managing your bitcoin, but the companies have the full control over your bitcoin, while you terminate this purpose. Bitcoin was originally created in a way bitcoin owners can hold their bitcoin themselves by using noncusdial wallet they use to store the private keys which have access to the bitcoin which they store on the blockchain. Because of this, there are need to take proper care of our bitcoin because we have the full responsibility of managing it ourselves without no need of any third party so we can have full control over it. But, we need to be careful and protect bitcoin and bitcoin wallets from attackers and also we should not lack safe means of good protection.

Ways bitcoin are lost
Although, sending bitcoin to a wrong address, willingly sending bitcoin to scammers until it turned scam, making use of fake custodial exchanges, malware stealing from bitcoin wallet, fake giveaways, cloud mining services and many others are ways someone can become a victim of scammers and thereby losing bitcoin, that is why we need to be careful of scammers and scam sites and always avoid them. In this case bitcoin is not lost in a way it will not permanently become inaccessible, but in a way scammers stole it. There are ways bitcoin can be lost and not accessible again and discussed below.

Inaccessible lost bitcoin
There are some people in the past that might thought bitcoin price was low at the time and not believing in it to rise or due to some other reasons, so they lost access to their private key, and can no more access their bitcoin on blockchain, this can be as a result of encrypting bitcoin wallet file and not able to decrypt it again, damaged or inaccessible bitcoin storage devices, corrupted backup files, forgotten seed phrase or private key. Also forgotten passphrase leading to inability to spend bitcoin can be the result of lost bitcoin. Another reason that can result to inaccessible bitcoin is the inability to pass the bitcoin to hire and no one having access to it.

Security practices
In order to protect your wallet, there are many security practices that must be followed, some people download online/hot wallets for bitcoin use purpose, but the private key of online wallets are connected online, that is why custodial exchanges that make use of online storage are often hacked, this can only be good for saving low amount of bitcoin. Among the online wallets, web wallets are the most vulnerable followed by mobile wallets whiles desktop wallets are good but still remain online wallet and should be used for low amount of bitcoin storage.

Cold wallets are safest, store private key offline. That is why they are the most recommended type of wallet for individuals, examples are airgapped wallet and paper wallets, this can be difficult to use but they are very safe. Because of the difficulty of use of airgapped and paper wallet, especially for everyday bitcoin transaction, some companies have created hardware wallets which are cold wallets but still easy to use for this purpose. Cold wallets are recommended for long-term storage and storage of high amount of bitcoin because they are the safest to use. Another wallet that is worth to be mentioned are multisig wallet which are safe to use also. Lastly are noncustodial two factor authentication (2fa) wallets, but the transaction fee for multisig and 2fa wallets are high which can likely become low in multisig wallet if taproot is implemented in which any wallet that support taproot will be able to carry out transactions with normal fee.

No wallet is 100% safe, you yourself make it 100% safe
Normally, no wallet is 100% safe, for example, some people make use of their device to visit any site they like, they can possibly visit sites that will install malware on their devices, leading to the malware stealing information that can be used to access the wallet on the device on another device that can lead to bitcoin loss or wallet hijack. That is why there are need to visit only URL and the URL should be a link to a safe and legit website rather than using of search engines like google that will bring up phishing ads. Also some people will make use of playstore and download fake wallets thinking it is the right wallet, visiting the official sites for this is the safe way. Also running the latest anti-malware on your device and making use of ads blockers if using search engine, and if necessary to use search engine, making use of privacy ones like duckduckgo will be best, although will not give you best user experience but safe to use it than using search engines of giant companies like Google and Microsoft on your wallet devices. Even, using cold wallets needs users protection and having online privacy.

What to protect
Protecting your seeephrase, private key, seed and passphrase is very important, because if an attacker is able to know these, it can lead to wallet being compromised, they should be protected offline, keeping it on devices will be the stupidest means of backup, and online backup are dangerous. Triplicating your seed phrase and saving it in a place not accessible to attackers and damages is the best way of protecting seedphrase. Do not use complicated or diffcult-to-remember passphrase, and do not backup the passphrase together with the seed phrase and do offline back up too just like seed phrase backup. Lastly, use a backup you can easily retrieve, not the ones that will be difficult to impossible for you to retrieve, some people like to encrypt their seed phrase, it is not bad, but make sure you use encryption that you will be able to easily decrypt.

[hatshepsut93]

Protecting your seeephrase, private key, seed and passphrase is very important, because if an attacker is able to know these, it can lead to wallet being compromised, they should be protected offline, keeping it on devices will be the stupidest means of backup, and online backup are dangerous. Triplicating your seed phrase and saving it in a place not accessible to attackers and damages is the best way of protecting seedphrase. Do not use complicated or diffcult-to-remember passphrase, and do not backup the passphrase together with the seed phrase and do offline back up too just like seed phrase backup. Lastly, use a backup you can easily retrieve, not the ones that will be difficult to impossible for you to retrieve, some people like to encrypt their seed phrase, it is not bad, but make sure you use encryption that you will be able to easily decrypt.

Unfortunately, there's no silver bullet here, there's always some risk and tradeoffs when it comes to storing bitcoins. If you encrypt your wallet or seed, you risk forgetting or losing your password, and if you don't, it makes the job easier for thieves. A weak password is easy to remember and easy to crack, a hard password is hard to remember and hard to crack. If you store many copies in different places, you increase the chance that someone unwanted party will access them, if you store all backups in one place, you are vulnerable to some disaster.

[testbug]

Protecting your seeephrase, private key, seed and passphrase is very important, because if an attacker is able to know these, it can lead to wallet being compromised, they should be protected offline, keeping it on devices will be the stupidest means of backup, and online backup are dangerous. Triplicating your seed phrase and saving it in a place not accessible to attackers and damages is the best way of protecting seedphrase. Do not use complicated or diffcult-to-remember passphrase, and do not backup the passphrase together with the seed phrase and do offline back up too just like seed phrase backup. Lastly, use a backup you can easily retrieve, not the ones that will be difficult to impossible for you to retrieve, some people like to encrypt their seed phrase, it is not bad, but make sure you use encryption that you will be able to easily decrypt.

Unfortunately, there's no silver bullet here, there's always some risk and tradeoffs when it comes to storing bitcoins. If you encrypt your wallet or seed, you risk forgetting or losing your password, and if you don't, it makes the job easier for thieves. A weak password is easy to remember and easy to crack, a hard password is hard to remember and hard to crack. If you store many copies in different places, you increase the chance that someone unwanted party will access them, if you store all backups in one place, you are vulnerable to some disaster.

There is quite an eays way being able to remember long and complex passwords: Form a very unusual sentence, put  capital letters where they belong and use special characters like ".,!? ...
If you have your sentence or text phrase (more sentences) ready you can try to remember it. You will see that "stupid" but long sencentes are very easy to remember.
I personally think every bitcoin wallet password useing more than 14 characters includeing small/big letters, numbers and special characters is most likely not bruteforcable right now. Sure there are bot networks and someone could indeed try to bruteforce it. But 14+ characters are makeing so many possible passwords but it will most likely not be done in this millennium.

[TheNineClub]

No wallet is 100% safe, you yourself make it 100% safe

Well, I doubt you can really make it 100% safe. There are too many factors that are at stake. The most common factor and security liability is lack of general knowledge and education when it comes to handling online security or money security in general. You can take all the necessary steps to protect yourself and still make a lousy investment and lose it all. I know that is not the topic here, but it would be in the range of sending to the wrong address. And one more thing I would like to add, it would be not to make yourself a target. Do not go flaunting your assets in everybody's face, don't tell everyone that you have something to steal, because not everybody is a target, but anybody can become one if not careful.

[Coyster]

There is quite an eays way being able to remember long and complex passwords: Form a very unusual sentence, put  capital letters where they belong and use special characters like ".,!? ...

There is a thread that explicates that properly: https://bitcointalk.org/index.php?topic=5132378.0, it's somewhat easy to remember a difficult password if you follow the guidelines in this thread.

Having said that, as a crypto user, you're going to have quite a lot of profiles, from emails, to wallets, exchange, btt account, etc, no matter the pattern used in creating the strong password it's going to be almost impossible to remember them all, so it's better to write them down and that's exactly what I do, just as you write down your seed phrase and all, you can do same with passwords of all your accounts and for the accounts you use more often, you could still have their passwords off-hand even after jotting them down, so you could still access them even on the go.

[hatshepsut93]

There is quite an eays way being able to remember long and complex passwords: Form a very unusual sentence, put  capital letters where they belong and use special characters like ".,!? ...
If you have your sentence or text phrase (more sentences) ready you can try to remember it. You will see that "stupid" but long sencentes are very easy to remember.
I personally think every bitcoin wallet password useing more than 14 characters includeing small/big letters, numbers and special characters is most likely not bruteforcable right now. Sure there are bot networks and someone could indeed try to bruteforce it. But 14+ characters are makeing so many possible passwords but it will most likely not be done in this millennium.

Using long phrases is a very known trick, I'm sure there's already optimized methods for bruteforcing such passwords, so you shouldn't think that they are unbreakable just because they have a lot of characters.

But that's not the point, the point is, memory is unreliable, I'm sure that guy with thousands of locked bitcoins also thought that his password is easy to remember, but if you don't repeat at least your password at least a few times per weak, you will forget it sooner or later.

[Charles-Tim]

Using long phrases is a very known trick, I'm sure there's already optimized methods for bruteforcing such passwords, so you shouldn't think that they are unbreakable just because they have a lot of characters.

Having long passwords with different characters will be protective than having short paswards, there are cases malware can be used to know such long characters with ease, but to brute-force such passwords will be difficult. But, possibly I might not be right, then, which way a strong password can be created? Like the use of https://keepass.info/? I will like your opinion about this.

But that's not the point, the point is, memory is unreliable, I'm sure that guy with thousands of locked bitcoins also thought that his password is easy to remember, but if you don't repeat at least your password at least a few times per weak, you will forget it sooner or later.

You are very right, even the brain can deceive someone into thinking it has memorize something for long term purpose, but it can be for short term like weeks, it can even be remembered easily for months but later forgotten. We should not have such habit at all, offline backup are good while some people recommend the use of password manager that does not synchronize online but completely offline. Having such two protected with be fine, but the offline one that are on paper is necessary while the always-offline password manager will be a good addition to the first one.

[OcTradism]

Losses can come from your personal mistakes on healthy (clean) devices or from attacks, steals on your unhealthy (infected) devices. They are different sort of losses.

2FA is good, cold wallet is good but I don't consider them as a unique way to store and protect my bitcoin. Personally, spending more fee for 2FA with wallet is unnecessary in my opinion. Especially for small bitcoiner like me.

Below steps are enough for me:
- Use a good non-custodial wallet (Electrum or Bitcoin Core)
- Make usable multiple backups for wallets
- Set up strong passwords for wallet files and back it up too
- Always keep your devices clean from threats: limit the number of times it has connection to the Internet. When you connect it to the Internet, stay being healthy.
- Be careful and do multiple checks when upgrade wallets or broadcast transactions.
- Play innocent and don't let others know that you are bitcoiner, bitcoin investor. 

More advice for security and privacy can be found with many topics in my compilation: Good topics on security and privacy

[Charles-Tim]

2FA is good, cold wallet is good but I don't consider them as a unique way to store and protect my bitcoin. Personally, spending more fee for 2FA with wallet is unnecessary in my opinion. Especially for small bitcoiner like me.

2fa wallet like on electrum do come with high fee, it is not a good option for me as well, but cold wallets should be considered a unique way to store Bitcoin, you can create normal hot wallet on electrum, but this will be recommended if the funds you are having on it is not much. But, supposing you are having high amount of bitcoin, using cold wallet will be the best. Although, they are costly, but not that expensive to store store $1000 or more worth of bitcoin. Hardware wallet is not also only the types of cold wallet that are existing, you can create paper wallet or airgapped wallet like making use of flash drive as wallet or even making use of electrum wallet as cold wallet. There are ways to go to make a cheap cold wallet, but having much knowledge about it is necessary. Cold wallets are strongly recommended for holding because private key are stored offline unlike online wallets.

[Theb]

@OP I guess an important thing suggest here in your guide specifically under the security practices is that they can have multiple wallets for different purposes. What I mean about that is they can have an offline wallet for the purposes of storing large amounts of Bitcoin and they can have a user-friendly and easily accessible wallet for the purposes of paying with the use of their Bitcoin. For me this is a good security practice as the user won't be bringing out their Bitcoin from their cold storage all the time and as well it reduces the risk of losing everything once they got hacked from their wallet. Also since this is a beginner section I think you might wanna explain more about the different kinds of wallet out there for Bitcoin since let us not assume that they know all of this.