As interest in cryptocurrency continues to grow, so does the importance of knowing how to keep your crypto safe.
Unlike with traditional banking where you can reset your password in just a few clicks or call your credit card company to report a fraudulent charge, the stakes with crypto by design, are a little bit higher.
Whether you’re looking to invest a few extra dollars into crypto or plan to allocate a large portion of your portfolio, taking crypto security seriously is a must.
Here are 5 tips to help keep your crypto safe and secure.
1. Invest in a crypto hardware wallet
If you were to follow just one tip on this list, investing in a crypto hardware wallet is a great place to start. For less than $100 you can dramatically reduce your chances of being hacked or having your funds stolen.
A crypto hardware wallet adds an added layer of security and protection to help use your crypto safely online.
Essentially, a hardware wallet puts your funds into a “cold wallet” or “cold storage” when not in use, where it’s incredibly difficult (if not impossible) to hack. When you use your hardware wallet online, you have the added protection of having to enter your password when interacting with smart contracts and other provided other app permissions needed to navigate the world of decentralized finance and crypto.
While it’s common for many crypto users to hold their crypto in an online wallet only, this puts your funds at serious risk. A hardware wallet is an incredibly effective way to prevent most security threats when using crypto.
The most common hardware wallet brands are Ledger and Trezor. Both are industry leading in terms of UI/UX as well as security. Ledger works with Solana, Ethereum, and hundreds of other cryptocurrencies as does Trezor. As of this writing Trezor does not have Solana compatibility.
If you really want to go for ultimate security, you can purchase a fireproof steel coating where you can safely store your seed phrases offline.
Parcl Protip: Never, ever, purchase a crypto hardware wallet on a 3rd party site such as Ebay, Craiglis etc.. Always order your hardware wallet directly from the manufacturer. Ordering a used hardware wallet could lead to your funds being stolen from malicious actors.
2. Watch out for phishing
Shady links in emails and online have existed since the Internet began, but it’s especially important to be extra vigilant about links, documents, and other downloads when you hold crypto. According to some estimates, one in every 100 emails are designed to steal your data or login information.
Phishing attempts continue to become more sophisticated which makes it essential to only click links you 100% trust. In most cases, going to the homepage of the official website is the best way to go.
Furthermore, if you spend time on Discord, Telegram, or Twitter, always make sure for certain you’re talking to the real person. Avoid entering "too good to be true" contests that promise rags to riches. Scammers know exactly how to get you emotionally invested, so ignore 'urgent' requests for money or assistance.
If something looks fishy, it probably is! Phishing is one of the most common ways for bad actors to get access to your funds, so remain vigilant at all times. Again, never reveal your private key to anyone!
Parcl Protip: Bookmark your go-to crypto sites so that you know for sure you’re going to the right link. Avoid typing urls into your browser and do not click the first search results that are ads if you're not 100% certain it's the correct URL. There have been several cases where scammers will run ads on Google and get you click a malicious link.
3. Not your keys, not your funds
Another important safety tip to remember: your private keys are what determines who owns the contents of a wallet. Never, share your private keys or seed phrase, especially online or via email. If someone has your seed phrase, they have complete and unblocked access to all your funds.
Whether you're setting up your Solana wallet or MetaMask, always be sure to write down your seed phrase and store them in a secure location (a physical safe for example.) And again, never share them with anyone. More importantly, never send them over text message, in email, or even store them on your computer.
Which brings us to exchanges.
Holding cryptocurrency on an exchange technically means they aren't your funds.
While the vast majority of exchanges operate in good faith, it's important to remember you're technically at the mercy of the exchange if something disastrous were to happen to the exchange. Unlike with money in the bank, most exchanges don't ensure your funds.
This isn't to scare you or discourage you from using exchanges, but it's an important reminder that unless you have the private keys yourself they aren't your funds. While many crypto users are comfortable holding small amounts of crypto on an exchange, it's always a good idea to move most of, if not all your funds, offline and to a hardware wallet.
4. Use 2FA and check your permissions often
Although a little more technical than some of the tips shared above, using two-factor authorization is yet another step you can to take to improve the security of your cryptocurrency holdings.
2FA or Two-Factor Authentication, requires multiple touchpoints for any transaction. So for example, to send Solana to another individual, you would need to confirm via email and through a 2FA tool such as Google Authenticator or Authy. These unique codes are updated every 30 seconds, so it's virtually impossible for a hacker to break in.
Though it is an extra step when doing day to day crypto transactions, the peace of mind it brings is well worth the extra couple of minutes. Many of the most popular exchanges today require 2FA to be turned on by default, and for good reason!
In general, it's recommended to not use text message as part of the 2FA process, as bad actors have been able to social engineer phone companies to provide the needed codes.
In addition to turning on 2FA, it's good practice to periodically review connected sites via your wallet of choice.
While interacting with dozens of protocols and smart contracts is common in the world of crypto using an online wallet such as MetaMask, or Phantom, the more sites you connect to the higher the risk. Set a reminder to review permissions on a regular basis.
If you're using MetaMask, click the 3 dots > connected sites.
Here's how it would look using MetaMask.
Here's how it would look on the Phantom, Solana wallet.
It's very important to only connect to sites you trust and periodically disconnect all connections to help reduce the chance of a vulnerability affecting you. If you notice you're connected to a site you don't recall visiting, disconnect and consider moving your funds to a fresh wallet immediately.
5. Use a password manager
While there is some debate as to whether you should store your seed phrase on a password manager, the reality is, having strong passwords is going to significantly reduce the chances of a bad actor logging into your email, computer, and more.
Strong passwords are critical for staying safe online, regardless as to whether you choose to store seed phrase in the password manager. Thanks to the likes of 1Password and LastPass, you can generate incredibly secure passwords and not have to remember a 100 character password.
Even if you're not super invested in crypto, a password manager can be a great way to level up your security. That said, a password manager doesn't mean you should lax on some of the other suggestions above.
Parcl Protip: It goes without saying, never use the same password more than once. You can also use a website such as have i been pwned to determine if your password or email has been involved in a public breach.
While there are many more ways to keep your crypto safe and secure, by taking action on the above suggestions, you'll be in a much better position than you were before.
Editor's Note: Buying, trading, and transferring cryptocurrency is a risky endeavor. Never invest more than you can lose, and always take the proper security measures to keep your crypto safe and secure. This post is for educational purposes only.