There have been many cases over the years where exchanges like Mt. Gox have either run away with their customers' coins, or gotten hacked and had everything stolen. Unlike storing your money in a bank in the US, the coins you hold on an exchange are not federally insured. If a malicious exchange or a hacker takes your coins and disappears without a trace - they are gone. There is nothing you can do to get them back.
I personally use exchanges, and I do think having some coins on them for a short amount of time is relatively safe. I do not recommend leaving your coins on them for extended periods of time though, because you are exposing yourself to a greater risk by having them on the exchange over a prolonged period of time. Even a very short amount of time does still has risk.
A large exchange hack could be a crushing blow to the bull market that we have seen over the past few months. I really hope that we do not see anything like this happen. If we do though - I want everyone in the Steem community to be safe.
Here are some tips:
- If you are not planning on trading, keep your coins in your own personal wallet rather than on an exchange.
- For coins like bitcoin which have offline wallets, consider using an offline wallet for long-term storage.
- If you are planning to use an exchange, only transfer your coins in long enough to make your trades. Once you are done, export them back to an external wallet.
- If you are planning to leave coins in the exchange to have open orders on the books, keep in mind the risk of leaving your coins on the exchange.
- Store your security keys somewhere safe, and make sure they are backed up in the event of a hard drive crash or fire.
- For your STEEM wallet, if you are planning to hold onto your coins for a while, consider powering them up or putting them in your savings account in your wallet, since it would take longer for someone to take your coins in case your account were to be hacked.
Also, there are two alternatives that are much safer than traditional exchanges:
- BitShares - A "decentralized" exchange, where all of your coins are held in a local wallet, rather than on an exchange's servers. You get all the trading features of a 'regular' exchange, minus the risk.
- BlockTrades - Allows you to trade coins your without sending them to an exchange. You pick which two coins you want to trade, and then it will provide you an estimate for the current exchange rate. You send the coins you want to sell to them, and they send the coins you want to buy to the wallet address you provide them with.
If anyone else has any security tips, please share them in the comments below!
The intention of this article is not to scare anyone, but I do want everyone to be safe with their hard-earned STEEM/SBD!
This post is PERFECT and people need to realize this is a problem. I don't any coins on Bittrex or Poloniex because they un secure. I also recommend storing your coins on cold storage. This way your coins can not be hacked or taken off your computer/Phone.
I recommend using Ledger Blue or Ledger Nano S. Both com be considered storing your coins in a vallet, compared to a wallet.
Would you walk down the street with hundreds in your wallet?! NOT AT ALL...SO please don't do it with cryptos.
I have a post talking about storing cryptos offline....I Just UPVOTED and you got a NEW follower.
BitShares! Yes! Amen to that.
Good tips, great write-up! However, I think there are way better alternatives to Blocktrades. I meticulously compared Blocktrades, Changelly, and Shapeshift at the same time, with same amounts, with the same currencies to see where my dollar went the furthest. I did this a few times over the span of a month or so.
Here's some results from some research that I did:
Blocktrades.us consistently gave me the worst deal to a pretty insane degree a lot of times. There were sometimes gaps in actual exchange rates for some currencies at around 20% (handily to the end user's detriment, boo) a few times. Sometimes the rates were not so bad, but never on par with the other services that I compared it with. Losing 20% off of your trade right off the bat is one harsh blow to the end user. I used that service several times and I actually lost a LOT of money. It definitely needs a lot of work. I understand people like Blocktrades because they're pretty involved here, but I don't particularly like to throw cryptocurrency to the wind as I'm sure others don't particularly enjoy that either. I wont be using them again.
Shapeshift came up in second place, but their limits were kind of low a lot of times which can be pretty annoying if you're trying to change a decent chunk, but it works. Their fees are decent though, but not the best. They offered MUCH better exchange rates than Blocktrades, but slightly worse on average rates VS Changelly.
Changelly consistently gave me the best exchange rates as well as the lowest fees (0.5%). They also don't really have caps on how much you can change at a time which is extremely helpful. I haven't had any issues with them either which is always nice, I've used them I'd say roughly 50 or so times trading back and forth.
So yeah, my investigations led me to those conclusions.
TL;DR:
Hope that helps some folks!
Thanks! I have used blocktrades many times now and did not even pay attention to how much I was losing :(
I was doing the exact same thing. I was unaware of alternatives and was using Blocktrades.us exclusively. I started noticing some wild fluctuations in what I would get out at the end and started digging. That's what led me on my quest and I'm glad that I went on it, otherwise I would've just kept getting burned. Hopefully Blocktrades ups their game, competition is always good. But at this point in time, I cannot recommend them, I can only caution against their service.
You can't see exchange rate on exchange??? Run, Forest, run!!
Well, they give you an "estimate," and that estimate has changed in a major way on me before, despite the markets not having moved in that direction. I know this realm very well and there's something that just is NOT working, especially for the end user.
Good info, thanks!
You're welcome, glad to supply some helpful info!
We all remember multiple BTC exchanges hacks. I believe that's a thing of a past. But there is another problem. Selective scamming seems to be occuring on some exchanges where people can't withdraw their bitcoins for weeks as they are being held for some "verifications" - as BTC ever needed a centralized verifications.
Yes, in addition to being an inconvenience, it is a little bit of a caution flag.
I lost my BTC online cloud mining eobot while some other can access to my account and withdraw my bitcoin, i asked support and they just say my account was hacked. keep your wallet offline for safety.
Thank you @timcliff, these are great points that likely many newcomers to trading and owning crypto should understand. Absolutely a good idea to keep your investment safe in a personal wallet
Honestly, I got alarmed on this post of yours @timcliff, it only reminds me that theres no one safe online. Isn't it? Btw, poloniex gives me no problem.
There are pretty much always going to be risks. I think the important thing is to be aware of what they are so you can make informed decisions and not have any type of mishap/incident have a devistating impact. I use them too and have never had any real issues, but it doesn't mean that they are immune to getting hacked. There is still risk there, so just be careful.
Correct, anyways thanks for sharing.. You always have my upvote @timcliff
Great post! I have become the crypto guru among my friends and even among most of the people at my school. Almost every week I am telling people STORE YOUR CRYPTO IN A SAFE LOCATION!!!! It is scary that so many people are willing to "invest" money into crypto without taking the time to learn how to keep that money safe.
Thanks for these tips. As someone getting into crypto, they're really useful.
I know it has it's flaws but 2fa is an option that i'd like to have just to make it a little harder to steal.
Thank you @timcliff I just started Steemit almost 14 days ago , and I want to invest for a few years but great to know where to go when I am ready ::)) I upvoted and Re-steemed :)
Thanks for these useful tips - I agree and tried to transfer all away from exchanges :-)
I lost 3 million doge in an exchange called crypsy
Ouch.
Yep, didn't think much of it when doge was 15 satoshis and bitcoin was 700 lol
Interested to know peoples thoughts on Poloniex. What are they like with regards to verification? If scammers wanted to take them down, what are poloniex up against, is it just a matter of time?
Is there any standalone wallet to hold STEEM on my computer?
@jesta is developing a third party wallet called Vessel. It is still technically in beta, but it is available for use.
In the US if I am incorrect please let me know, but I believe Gemini is federally insured is it not?
I believe (after a good amount of research) that Coinbase (and Gemini, but need to check their faq) are insured ONLY if they are hacked. If a personal account is hacked, insurance does not cover that. From the source - https://support.coinbase.com/customer/portal/articles/1662379-how-is-coinbase-insured-
"All digital currency that Coinbase holds online is fully insured. This means that if Coinbase were to suffer a breach of its online storage, the insurance policy would pay out to cover any customer funds lost as a result."
and
"This insurance policy does not cover any losses resulting from the compromise of your individual Coinbase account. It is your responsibility to use a strong password and maintain control of all login credentials you use to access Coinbase and GDAX."
Not sure, I haven't used them before. Maybe someone else will know.
This can never be said enough! So kudos for bringing it up! :)
As much as possible, try to use 2 factor authentication
Yes :)
This was very helpful. I've been using some of the exchanges. The amounts have been so small that I've not worried too much, but I just had a small investment quadruple so it's not so small any more. What kind of external wallet do you use. I just had a laptop crash so I'm concerned about having anything on my computer.
That's the good thing for us little guys. The transactions come faster and are easier to move to offline storage. I wonder what the security plan is for those that need to keep their accounts "filled up" for trading purposes
I've wondered that as well. I would be a nervous wreck!
Yes, exactly! I actually have everything I have (crypto wise) split between my STEEM wallet, and BitShares.
Where do you keep bitshares? I have some in an exchange at the moment. not a large amount, but would like to know for future reference.
The best place is actually in a BitShares wallet. Here is a UI that interfaces with the BitShares blockchain: https://bitshares.openledger.info
Thank you for all of the info!
I had a friend get Goxed, another friend got MintPal'ed, and another friend get Cryptsy'ed It is a very real worry.
what is a short period of time? what is an extended period of time?
It is relative. Just think that any time your money is out of your hands (on the exchange) it is at risk of getting stolen. The shortest amount of time is best.
Just bought me a trezor the other day!
solid advice @timcliff
Good investment :)
I was thinking of selling all my altcoins to buy more steem power and get away from the stress of exchanges, our money is really not safe there
Thanks for the information! I haven't heard of BlockTrades before i'll have to check it out. I normally use Bittrex.
even in third party wallet can be hacked. the good idea is to store your crypto wallet offline on your computer.
I was not familiar with Blocktrades. For the most part, I am in this for the long term, but I like having easy access to trade. Blocktrades sounds like it might be the answer to this. I hope you'll be doing more post on this kind of thing. I am the crypto sponge... trying to learn everything I can about this quite fascinating world.
Yep I have lost unknown amounts in exchanges also in mining as the web sites come and go, like you said here good idea to pull all coins back to your own wallet
thanks for the advice.
I'm keeping some Monero and Ripple in Poloniex because my choosen cryptowallet doesn't have them yet. Should I Try another wallet?
It is up to you. If it is an amount that you would be devastated if you lost, then I would definitely recommend moving it to your own wallet.
thanks. Actually I will not loose my sleep over a potential loss in those two. This type of investment is to be done with the appropriate risk awareness.
Thanks for sharing. I have been debating on if I should move my xrp off poloniex. It worries me, because I have hear dpeople accusing them of there holdings dissapearing. I am folloing u :)
Yeah, that type of thing is why I got a bit worried.
i tried withdrawing from poloniex and they still haven't confirmed my transaction. its been open for 9 days now.
I've never had a problem with my Poloniex withdraws. As far as safety - my concern is expressed already by someone else... the security of ones own computer and the chance of ones personal computer crashing..which seems more likely than keeping value on an exchange. Just my 2 cents.
Good advise, I've been goxed, crypto rushed and cryptyed
I got screwed out of a lot of ETH back when it was 8 bucks. Live and learn.
Great post. Thank you for warning. By the way i also voted you for witness.
Cool, thanks!
Thanks for sharing this information help us to protect our assets
I'm starting at trading, Thanks for the tips!
Good one... I do the same.... And never store my bitcoins in poloniex :)
Also got MtGox'd for 1.5 BTC. Only realised much later that the exchange was no longer around when I saw the bitcoin price was over 1k. Mined them in 2011 when the value was around $3-$9.
ouch :(
Not that much of an ouch as my outlay was only the small amount of electricity I spent on it.
very, Very, VERY GOOD reminder POST @timcliff
I prefer:
1/3rd on an exchange (trading)
1/3rd on an user/mobile account/wallet (investing)
1/3rd on a secure offline cold storage or paper wallet (moon traveling)
Which wallets are out there that are good and can handle many different coins? Right now I am using a jaxx wallet, but have at least 5 different coins that Jaxx cannot handle.
Careful.. You should read this:
https://steemit.com/bitcoin/@kingscrown/psa-freewallet-and-jaxx-getting-robbed-over-10-million-usd-stolen
I don't know much about multi-coin wallets. What I use is BitShares.
I would recommend a hardware wallet like Ledger Nano S for long term security. It is slowly adding new coins to its capacity, currently: BTC, ETH, DASH, ZCASH, XRP, KMD, LTC, STR
how are the transfer rates on each suggested? I find my mycelium wallet rather expensive to send money from
It is a good question, but I'm not really an expert on the fees. Maybe one of the other readers will know the answer.
cool. @steevc what, wallet wouldund you suggest?
Thanks for the advice. Perhaps, keeping them as SP may be safer. Hopefully.
Good info @timcliff. Rule of thumb – never trust any third party that holds your crypto.
Thank you for remind us about this...! Nice ! :)
I totally agree! Very unsafe indeed.
That is never said enough times :)
Exchanges are not for holding (hodling xDD)
Excepting if it is very small amount.
Thank you @timcliff for your interest in warning us! Very good advice.
I agree. I keep nothing on exchanges long term.
I have not used blocktrades before and I plan to check them out. Thanks.
Very good post, upvoted.
I personally use Electrum Wallet, but for some time i thinking about a hardware wallet.
Thank you, good info. For long term savings or safety in general. Can you not store wallet on flash drive or drive(s) ?
Yes, a lot of wallets you can store on a flash drive. I actually recommend burning CDs too (yes, those things still exist) because they are difficult to corrupt.
What wallet is a good wallet?
Im using Litecoin Core version v0.13.2.1 (64-bit) for windows