Our valued sponsor

How to keep your cryptocurrency safe

Maybe a unpopular opinion but: use a good anti virus. Its funny how often people use those rules but then get their funds stolen by a stealer.
Crypto stealer replace the receiving address. You can also just use a device soley for crypto.
 
You can use a multi-signature solution such as casa.
More funds have been lost because of people who doesn't have the knowledge to properly handle multisig than funds being actually stolen. As a developer I always suggest avoiding multisig unless they really (REALLY) know what they are doing... I always receive questions like: "I lost the second signer, is it possible to remove it so I can make a payment?"

99.99% of the users will be safe if they just use a hardware wallet and don't write their raw mnemonic phrases on software.

Maybe a unpopular opinion but: use a good anti virus. Its funny how often people use those rules but then get their funds stolen by a stealer.
Crypto stealer replace the receiving address. You can also just use a device soley for crypto.
I'll be honest with you: I haven't use an antivirus since ~2015. If you don't download random stuff you see/get and are not in P**N/crap sites, you won't catch a virus
 
  • Like
Reactions: void and jafo
More funds have been lost because of people who doesn't have the knowledge to properly handle multisig than funds being actually stolen. As a developer I always suggest avoiding multisig unless they really (REALLY) know what they are doing... I always receive questions like: "I lost the second signer, is it possible to remove it so I can make a payment?"
That's why I recommended casa as they safeguard one of the multi-signature keys in case you lose it.
 
  • Like
Reactions: jafo
That's why I recommended casa as they safeguard one of the multi-signature keys in case you lose it.
There is merit for such type of service. But if I'm willing to give a signature on my accounts in order to be able to recover it if I lose the private key... I will go with a full custodial solution right away because there is no extra benefit for the absurd price. In my opinion having multi-signature in an account is only worth the hassle for pooled funds/DAO treasuries (for example my company's wallet requires 4 out of 6 signatures from the partners to move funds)
 
  • Like
Reactions: jafo and uranium
I'll be honest with you: I haven't use an antivirus since ~2015. If you don't download random stuff you see/get and are not in P**N/crap sites, you won't catch a virus
I'm a Windows user on desktop, had AVG in 1999 in Win98 (R.I.P.) for the last time and never ever installed an antivirus since - not a single problem whatsoever
antivirus is like most insurance products - powered by fear of practically non-existent threat and FOMO
 
  • Like
Reactions: jafo
I'm a Windows user on desktop, had AVG in 1999 in Win98 (R.I.P.) for the last time and never ever installed an antivirus since - not a single problem whatsoever
antivirus is like most insurance products - powered by fear of practically non-existent threat and FOMO
Totally agreed. I had more of hassle uninstalling McAfee from my recently bought laptop than from any virus I could catch-up by visiting morally questionable sites.
 
I'll be honest with you: I haven't use an antivirus since ~2015. If you don't download random stuff you see/get and are not in P**N/crap sites, you won't catch a virus
Careful eyes can protect you, but in times were its getting more and more easy to launch pretty sophisticated attacks and sideloading some small btc stealer is pretty easy.
There are more than enough ways with spoofed domains, hacked accounts and so on. When billion dollar companies with EDRs and what they all have still manage to get infiltrated, someone in a busy business day can fall vicitim to the same thing.

Example:

And a lot of ways with Word documents with macros etc.

Best bet: Clean/empty device + HW wallet or protected pc would be my go to. Additional protection doesnt hurt and the tracking that happens is negligible to that of what a stock windows system with its tools & browsers does. Im not saying some should use an AV and then be blind, go download cracks or whatever file looks interesting. Just keep those careful eyes and have a backup.

Also Windows own AV is enabled by default on Win10 & 11 unless you disable it in the regedit, group policy or with Defender Control.
 
Careful eyes can protect you, but in times were its getting more and more easy to launch pretty sophisticated attacks and sideloading some small btc stealer is pretty easy.
There are more than enough ways with spoofed domains, hacked accounts and so on. When billion dollar companies with EDRs and what they all have still manage to get infiltrated, someone in a busy business day can fall vicitim to the same thing.

Example:

And a lot of ways with Word documents with macros etc.

Best bet: Clean/empty device + HW wallet or protected pc would be my go to. Additional protection doesnt hurt and the tracking that happens is negligible to that of what a stock windows system with its tools & browsers does. Im not saying some should use an AV and then be blind, go download cracks or whatever file looks interesting. Just keep those careful eyes and have a backup.

Also Windows own AV is enabled by default on Win10 & 11 unless you disable it in the regedit, group policy or with Defender Control.

That's why I said "If you don't download random stuff you see/get" because I'm aware of such types of session tokens stealing methods, I even wrote an article explaining that in order to share it when I see som random crypto "influencer" who always says "use 2fa if you don't want to get hacked" like if that is the only thing that matter basically to tell them "news flag: even with 2fa, if someone gets a session token there is nothing you can do and it's more important what you do after that"...

But if you want to know how "different" I manage my keys against what many people in the crypto space say: I keep all my mnemonic phrases backups in the cloud ;)
 
That's why I said "If you don't download random stuff you see/get" because I'm aware of such types of session tokens stealing methods, I even wrote an article explaining that in order to share it when I see som random crypto "influencer" who always says "use 2fa if you don't want to get hacked" like if that is the only thing that matter basically to tell them "news flag: even with 2fa, if someone gets a session token there is nothing you can do and it's more important what you do after that"...

But if you want to know how "different" I manage my keys against what many people in the crypto space say: I keep all my mnemonic phrases backups in the cloud ;)
Yeah 2FA wont protect you from session/token stealer, which nearly all RATs/Malwares and so on got. 2FA is good just in case the credentials got leaked but for that you could use a PW for each website and then you should be good. There are a lot of ifs and so on. A basic "noob" user is still better of with an AV or the setup I mentioned.

That wont work with me. Not really any advantage compared to having Electrum or so on, on the PC.
There are a lot of places to hide such a paper. For extra security change a few words that you can memorize like the beginning & ending.
 
what? you would save the seed in electronic form or even on a cloud? joking?
No joking, have been doing it for many years without issues and yet I have never lost a single key. I developed my own shamir secret sharing tool and I break my seed phrases into different pieces which they are encrypted and saved on different clouds. Cryptocurrencies were made in order to not trust paper money... Yet I find it hilarious that we still use a piece of paper to back them up (the keys).
 
  • Like
Reactions: jafo
No joking, have been doing it for many years without issues and yet I have never lost a single key. I developed my own shamir secret sharing tool and I break my seed phrases into different pieces which they are encrypted and saved on different clouds.
nice... so if (god forbid) you'll get hit by a bus tomorrow your wife or whoever you care about and who is supposed to inherit your wealth will have an interesting quest ahead... not only gathering the shamir chunks but also looking for your software, source code to compile or documentation to your proprietary algorithm

Cryptocurrencies were made in order to not trust paper money...
who said that?
 
Register now
You must login or register to view hidden content on this page.