There are essentially three ways to store your digital assets and cryptocoins - hosted wallets, hardware wallets, and software wallets. Hosted wallets are convenient but sacrifice security for convenience. Conversely, hardware wallets are very secure but not particularly convenient. Software wallets fall between the two - they are more secure than hosted wallets because only you have the private key, and they’re more convenient than hardware wallets because you don’t need a separate device to access your coins. When most people start buying and trading cryptocurrencies, they typically start off with hosted wallets such as Coinbase, but once they get a little more comfortable, software wallets are usually their next step. This guide is for those of you who are ready to move beyond hosted wallets and take full ownership of your cryptocoins.
There are three aspects to storing and protecting your cryptocoins: a computer and operating system, a means to backup your wallet and private keys, and a means to store your backups. I only aim to provide you a high level overview of each of these aspects to get you started. I suggest you follow the the provided links and research each of these topics more thoroughly.
Computer Security
Since a software wallet resides on your computer, your first line of defense in protecting your cryptocoins is your computer. While linux is the most secure of the three main OS’s, it is generally not suitable for most people and they tend to use Microsoft or Apple products instead, and this is OK. With the proper precautions, you can still adequately protect your cryptocoins in Windows and OSX. No matter your platform preference, I strongly suggest using a version that allows you to encrypt your drive. For Windows, this means Windows Pro edition. When you encrypt your computer, I highly recommend that you keep your key and don’t trust Microsoft or whomever to manage them. Also, if you use Windows 10, make sure you turn off the included keylogger; Microsoft ostensibly uses this to improve their text prediction and other such features, but I don’t like having all of my keystrokes recorded for any reason and I certainly don’t trust Microsoft with that information. I don’t use Apple products so you’ll have to do your own research on what versions offer encryption. Regardless of which operating system you use, the most important step you can take in protecting your computer is to password protect your user account. If you find that entering a password to access your computer is too cumbersome, stop reading now and sell your coins; the cryptocurrency world isn’t for you. Lastly, if you share your computer account with other people, create a new account specifically for managing your cryptocoins.
A free and easy step you can take to enhance your online privacy is to change your DNS settings to FreeNom’s anonymous DNS resolver (follow link for instructions). Don’t worry, even if you’re not computer proficient, it’s really easy to do. By changing your DNS settings to FreeNom’s resolver, all of your DNS lookups will be anonymous and some of your activities will be hidden from your ISP and others who have no business knowing your online activities. However changing your DNS on its own does not make you private, it’s just one aspect in the process of securing your computer.
An essential tool in protecting your privacy is a VPN. A Virtual Private Network is service that encrypts all the data coming and going from your computer and routes it through a proxy server, masking your IP address. Using a VPN makes it very difficult for anyone, whether it’s an attacker, your ISP, or the government, to monitor the data you are sending and receiving from your computer. There are a lot of VPN choices, both free and paid. I pay for and use Private Internet Access and have had no complaints. Note that you will take a speed hit using VPN’s, though you likely won’t notice it for general web browsing, and you will come across some websites and services that won’t work correctly when using a VPN and you will have to disable it for these specific instances.
Back Up Your Wallet
Now that you’ve got your computer security taken care of, you need to backup your keys and seeds. For protecting and storing my keys and seeds, I use LastPass. LastPass is a password manager tool that also allows you to store secure notes and is a fully encrypted service where only you have access to the private key. However this security comes with the burden of responsibility - if you lose your master password for LastPass, you will lose access to your passwords, and LastPass won’t be able to recover your account for you. LastPass is available as a free extension for all major browsers. The way I use LastPass for protecting my keys and seeds is that I create a new Secure Note and choose the Membership template (or even better, create your own template!). I then put my wallet password into the ‘password’ field and my seed and private key into the ‘notes’ section. I also set it so that I need to input my master password every time I want to access this entry in case someone gets a hold of my browser while my LastPass session is still active. I have my LastPass session to expire after an hour as well as everytime I close my browser. Now, when you want to access your wallet, simply search for the note you created in LastPass and copy the password and paste it into your wallet. Lastly, you need to backup your LastPass occasionally. To do this, click on the LastPass icon, select More Options/Advanced/Export and then finally select LastPass CSV File and save it to your hard drive. Note that this file you exported is not encrypted so I suggest moving it into an encrypted archive such as a 7-Zip file (see below). If you decide to use LastPass to manage your keys and seeds, let me reiterate: do not forget your master password!
Backing up your wallet and protecting that backup is the next aspect of securing your cryptocoins. All wallets are different so you’ll have to do your own research on how to backup the wallet of your choice, but once you’ve done that, you’ll need to secure the backup. Some wallets simply use a mnemonic phrase, which I save in Lastpass, but some you have to physically backup a wallet file. For the wallets that need to have a file backed up, I use 7-Zip. It’s a free compression program that allows you to create encrypted archives. Once you’ve backed up your wallets, create a new 7-Zip archive. On the setup window, put in a password and select ‘encrypt file names’, and save the archive. Now anything you drop into this file will be protected with 256 bit encryption. Make sure you save your password in LastPass.
Backup Your Backups
The last step you need to take is to backup your 7-Zip archives. You can use a thumb drive, an external hard drive, another computer, or even something like Google Drive. Since your files are encrypted, I don’t see a significant risk in using cloud storage to backup your data, though if you are an individual targeted by someone with major resources like the government, putting even encrypted files into a cloud service may be too risky. Even better than Google Drive, Dropbox, or OneNote though will be one of the new blockchain based cloud storage solutions like Storj or Siacoin. Unlike the centralized cloud storage solutions, these blockchain based services offer vastly improved security because your data is encrypted and broken into smaller pieces that are distributed over multiple computers, and no one, not even the service providers themselves, can see or access your files. Storj and Siacoin use new technology though so it may be prudent to also use a traditional backup until these services have a more established track record. (Edit: since the time of original writing, Storj has developed internal personnel issues. Please keep this in mind when evaluating their service).
What I presented here is the method I use to protect my cryptocoins; there are many other options available and I encourage you to research them, but keep in mind that in regards to security, nothing is 100% fool proof. The goal is to make it difficult enough that an attacker will leave you alone and move on to softer targets. I feel that my method is adequate for most people and is certainly better than doing nothing, but I encourage others to review my method and share any improvements you may have.
Great article! Thanks for info.
Great information! Thank you for this.