When investing in bitcoin or cryptocurrencies in general, wallet security should always be a number one priority to prevent unnecessary losses.
No matter how knowledgeable you are with bitcoin or how good you are at picking coins and tokens to speculate with, none of these things really matter if your funds aren’t secure to start with. Having your funds stored in an unsecure manner is simply a disaster waiting to happen.
Custodial wallets are wallets where you don’t have control and/or access to your wallet’s private keys. Instead, you are entrusting your wallet’s private keys to the service provider, with your private keys stored online on the company’s servers. Custodial wallets are mostly accessed via logging in on a website/app using a username and password.
While some of the more reputable custodial wallets are quite secure and haven’t been hacked as of yet, storing your coins on custodial wallets is still heavily inadvisable. You could potentially lose access to all your coins if ever the custodial service gets hacked, commits fraud, or if they simply decide to run away with your coins.
Such incidents have happened a handful of times already in the past, and unfortunately, it’s safe to assume that they will most likely happen again and again.
Custodial wallets include:
Cryptocurrency exchanges are sometimes the most preferred choice for people who hold a bigger variety of coins, solely due to their convenience.
Unfortunately, exchanges getting hacked are a fairly common occurrence in the cryptocurrency space due to the huge potential reward for the hackers if they manage to crack the exchange’s security.
So far, the Mt.Gox exchange hack of 2014 is the biggest casualty yet with $661,000,000 worth of bitcoin stolen.
Only leave funds on exchanges if you frequently trade your coins. If you do trade a lot, we heavily suggest learning how to properly secure your exchange accounts.
- Support for a bigger variety of coins.
- Being able to buy/sell coins quickly.
- Convenience due to the usage of a username and password.
- Accounts can be locked for various reasons.
- Exchanges are a very hot target for hackers.
- Some exchanges may not be taking security seriously.
- Accounts can be easier to crack depending on password security.
Just like with exchanges, web wallets — which are also sometimes referred to as “online wallets”, are wallets where you access your funds by logging in to a website/app using a username and password; whereas your wallet’s private keys are stored on the wallet company’s servers.
Some web wallets have some great features built-in like being able to buy mobile load and gift cards, pay bills, send funds instantly to people using the same app, and such.
- Instant and free transactions on some web wallets
- Potentially can have great features
- Convenience due to the usage of a username and password
- Accounts can be locked for various reasons
- Web wallets are a very hot target for hackers
- Some web wallet services may not be taking security seriously
- Accounts can be easier to crack depending on password security
With non-custodial wallets, you have true ownership of your coins as your wallet’s private keys are only stored on your device’s local memory, and with only you having access to them; effectively eliminating most of the security disadvantages with custodial wallets.
For safety and security reasons, educating yourself on basic device security is heavily recommended, as certain malware and viruses are designed to hunt for wallet private keys on your phone or computer.
Non-custodial wallets include:
Software wallets are wallets where you download and install a wallet program/app on your computer or mobile device, whereas you mostly use a 12-24 word seed to access your funds.
- Full control over your funds
- Ability to use custom fee amounts
- Most software wallets’ backup scheme requires you to write down your wallet’s 12-24 word seed
- Your funds can be stolen if your device gets infected by malware
Desktop vs Mobile software wallets:
While both mobile phones and desktop/laptop computers can be infected by malware and viruses, computers — especially one’s running a Windows operating system, are mostly more prone to malware and viruses. Chances are, that your mobile phone is more secure than your personal computer.
Software wallet recommendations:
|BlueWallet (bitcoin)||BlueWallet (bitcoin)||BlueWallet (bitcoin)|
|MetaMask (ethereum)||Rainbow Wallet (ethereum)||Rainbow Wallet (ethereum)|
|Guarda Wallet (multi-coin)||Guarda Wallet (multi-coin)||Guarda Wallet (multi-coin)|
Hardware wallets are small devices solely made to secure your wallet’s private keys and allow you to transact without putting your private keys at risk. Even if you’re making transactions on malware-infected devices, hackers would still not be able to gain access to your wallet’s private keys due to the private keys being stored only on the hardware device itself. This makes hardware wallets a really ideal way of storing bitcoin and other cryptocurrencies as it is highly secure.
Hardware wallets might be a bit costly for some people who only hold coins worth less than a hundred dollars, but if you’re holding a significant amount of money through bitcoin or other cryptocurrencies, getting a reputable hardware wallet should be a priority.
Note: For security reasons, only store your 12-24 word seed on a piece of paper.
- Full control over your funds
- Ability to use custom fee amounts
- Ability to send funds even on an infected device (though not recommended)
- Most hardware wallets support a wide variety of coins
- Costs money
- Requires you to write down your wallet’s 12-24 word seed
- Slightly less convenient compared to other wallets
Hardware wallet recommendations:
A paper wallet is a wallet where your private keys are printed on a piece of paper.
Paper wallets can be an alternative to hardware wallets as you only need a computer, a reliable printer, and a clean sheet of paper. While a paper wallet is an appealing option for some due to it being non-custodial and virtually free, we heavily suggest against using paper wallets.
Though paper wallets are really easy to make, they are quite difficult to make in a secure manner. Creating a paper wallet securely using a clean, air-gapped device — preferably running open-source Linux software like Tails, and along the way taking a lot of safety precautions, requires a good amount of computer and information security knowledge.
For most people, going the safer route and purchasing a reputable hardware wallet is a far better option.
- Costs virtually nothing
- Full control over your funds
- Can be secure if done correctly
- Requires a good amount of computer and information security knowledge to create one in a secure manner
- Prone to damages
- Holding multiple cryptocurrencies will require multiple paper wallets
Private key/Word seed storage
While it’s technically possible to store your 12-24 word seed safely and securely digitally, this will require a good amount of computer and information security knowledge.
We heavily suggest against saving your word seed on a .txt file, a word document, an email, a phone’s notes app, an SMS message, or anywhere digital. Simply write down the 12-24 word seed on a piece of paper or a metal sheet, and keep them out of reach from anyone.
Usage of Custodial wallets
The usage of custodial wallets like web wallets isn’t necessarily a bad thing, as they also have their specific uses. Just make sure to not leave huge sums of money in your web wallets, due to the risks stated earlier.
Think of custodial wallets as your physical cash wallet, and your hardware wallet as your local bank; whereas it would not be a good idea to leave all or most of your wealth in your physical cash wallet. Instead, you leave just a small amount of money in your physical wallet(custodial wallet) and leave all the rest in your local bank(hardware wallet).
Risks of confiscation
While it might be a bit unlikely, one of the major risks with custodial wallets is that they can revoke access to your wallet by simply disabling your account. Sometimes due to them suddenly requiring the submission of personal documents, sometimes due to questionable reasons like you withdrawing funds from gambling sites, and sometimes even without any provided reason at all.
Always make sure your software is up to date
Regardless if you’re using a web wallet, a software wallet, or a hardware wallet, always make sure your device’s operating system and your device’s wallet apps are always up to date. Operating systems and wallet apps frequently push out new updates to make sure everything is as secure as possible.
Avoid keeping funds on exchanges
Exchanges get hacked all the time. As much as possible, only leave funds on exchanges if you’re actively trading your coins. If not, there’s really no reason to leave coins on exchanges due to the risks.
Also, make sure to activate 2-factor authentication — a feature that’s available on most if not all exchanges. But while having 2-factor authentication makes it significantly harder for hackers to gain access to your account, having 2-factor authentication protecting your account would be pointless if hackers gained access to the exchange’s wallet itself.
Use strong password guidelines
- Use passwords that are long enough to make it difficult for hackers to brute-force your password. Preferably, more than 40 characters in length.
- Use different passwords on all your online accounts.
- Change your passwords once in a while.
- When using a password manager, which is highly recommended to make points 1 and 2 a lot easier, make sure your master password is difficult enough to crack.