Basic Online Security Guide for Cryptocurrency Beginners

A question that I get asked frequently is whether I am at small meet-ups or large gatherings such as weddings – have you invested in Bitcoin?

This conversation does not just stop here. Cryptocurrencies like Ripple, Ethereum, and Litecoin follow up immediately in such conversations.

On one hand, investments can be very lucrative, but on the other hand, you can lose all your funds overnight when the market is at a high. It sounds abrupt, doesn't it?

Security is a growing concern facing the cryptocurrency community today. The new wave of hackers, malware, ransomware, and scams have turned the virtual world into a war zone that is battling with financial threats.

This situation is simple in essence. If you don't know what you are doing, you are leaving your money on the table.

Security Guide for Crypto Baby Boomers:

1. Password Manager

Security begins and ends at passwords. Because there are so many cryptocurrencies you can choose to invest in, you can use multiple wallets at the same time. I use no less than four wallets and exchanges to play in the virtual token market.

Managing multiple accounts means having multiple passwords. You may not have the same password for all accounts. In today's time, even a ten-year-old person would not make this mistake. Also, the need to remember multiple passwords can cause one of them to slip from your mind.

A password manager is needed in these situations. That requires you to remember only one password – which is known as the master password. All other passwords are randomly generated, are strong, and are, therefore, highly secure.

You can also change these passwords if there is a cyber attack on your wallet or exchange. Moreover, your data is encrypted and only you can access it with your master password.

You can go with Dashlane here, as it is a powerful choice for this purpose. It integrates with your browser to enter passwords directly on websites with the click of a button.

They also offer iOS and Android apps and all your passwords are in sync. Of all the password managers I've tried over the years, Dashlane clearly stands out.

After installing Dashlane, you can also import existing passwords into your browser. Another cool feature of Dashlane is secure note storage. Because a lot of crypto websites require us to copy-paste the private key to log in (which is not the best thing to do but we have limited options for now), you can use Evernote or Google Docs.

You can store it on Dashlane instead. There are some other features in this app as well. However, I'll let you figure it out yourself.

2. Two-Factor Authentication

Although it is necessary to have a strong password, but it may not prove to be sufficient in the case of sophisticated cyber attacks like Brute Force.

Two-Factor Authentication (2FA) helps in dealing with such scenarios by adding another layer of security to the login process. The act of entering the password is clubbed with a piece of information that only the user will have.

This can be a token number that they can view on their smartphone or it can be a one-time password (OTP) sent to their email. This makes the task of stealing your data very difficult for potential attackers as they require physical access to the smartphone or log-in details of your email address.

There are 3 types of authentication factors that can be used:
  • Knowledge Factors: Something that only the user knows (assuming that he has not shared it with anyone else). These may include a password, PIN, or the answer to a secret question.
  • Possession Factors: Something that is physically present with the user, such as an ID card, smartphone, or token number.
  • Biometric Factors: Something that is a user. These are also known as inheritance factors, these are personal characteristics that are unique to the user such as a fingerprint, face or voice. It may also include behavioral patterns such as keystroke dynamics.
Here is how you can implement Two-Factor Authentication or 2FA with the help of Google Authenticator. Follow these steps:
  • Log in to your cryptocurrency wallet or exchange account and enable two-factor authentication from the respective options in Settings.
  • Download the 'Google Authenticator app on your smartphone from Google Play or App Store.
  • Launch the app and click on the Red Plus sign in the lower right corner.
  • Choose from the option to scan the barcode or manually enter the key provided. Select the appropriate option that matches with the option you see on the website of the wallet or exchange.
  • Enter the 6 digits token number you see on the exchange/wallet website or app.
  • 2FA Authentication has now been set up for your account. Follow this procedure every time you log in.
If you're looking for an alternative, Authy is another great 2FA app that's available for both the Android and iOS app stores.

3. Cryptonite Google Chrome Extension

If you do not know about phishing websites yet, then it is time to do your homework. A Phishing Website, also known as a Spoofed Website, is a fake website that makes you believe that you are on a legitimate website. It has all the features of the website you wanted to visit, including the design and login facility.

As soon as you attempt to enter such websites, you are handing over sensitive information to cybercriminals. This is what happens when you visit fake social media accounts of reputed wallets, exchanges, or cryptocurrency experts.

Cryptonite is a dedicated Google Chrome extension that can protect you from such fraudulent websites. It comes with a MetaCert icon that is installed on the toolbar of the browser and changes from black to green every time you visit an authentic cryptocurrency website or social media account verified by MetaCert.

It gives you complete peace of mind and saves you the hassle of doing background checks yourself. If the icon does not turn green, it indicates that that particular website or social media account does not exist in Cryptonite's database, and therefore, you should be extremely careful in proceeding.

This extension is highly secure and reliable to use as it is developed by a group of engineers who have developed official Google Chrome extensions for Yahoo, Paypal, eBay, and Google.

One important thing to note here is that this extension only works for cryptocurrency-related websites and social media accounts. No regular website will trigger the icon. On the other hand, it also maintains a database of known phishing websites and automatically blocks them.

All these features make it a one-of-a-kind and dedicated browser extension, which is a must-have for both newbies and seasoned cryptocurrency enthusiasts.

4. Adblocker chrome extensions

The Internet is completely full of fishy advertisements and to avoid this, it becomes mandatory for you to install Adblocker on the browser. If your browsing history includes widgets from authentic online cryptocurrency resources, you are bound to see unending ads related to bitcoin investments and wallet sign-ups.

Adguard Adblocker is one of the most highly rated Google Chrome extensions that can be used for this purpose. It not only works with search engines but also blocks ads on social media platforms and YouTube.

Thus, it provides you with a better user experience along with higher security. If you want to level up your security, you can switch your browser from Brave browser.

Brave is one of the most reputed browsers that respect your privacy. It comes with an in-built ad blocker, HTTPS Everywhere, and other features that are best suited for cryptocurrency-related activities.

5. VPN or Tor Browser for staying anonymous

By now you have learned about password management, and how to protect yourself from trackers, ads, and phishing sites. Now, the next and most important thing is to secure your IP. Even the smartest people don't really focus on it and fall prey to smart hackers.

Your IP address is one of the first things a hacker will need when trying to hack your system. Using a tool to hide or randomize your IP is one of the best things you can do, especially for people like us who travel a lot and use public Wi-Fi to connect to the Internet.

Using a VPN or Tor browser will help you hide the websites you are browsing. This way, you are protected from the prying eyes of a hacker, who keeps an eye out permanently for unknown crypto users.

Tor is the best browser/network in the world when it comes to maintaining anonymity on the Internet. While a Virtual Private Network also does a satisfactory job of hiding your IP address, the VPN provider knows your IP address and can point your Internet traffic to the VPN server.

However, Tor takes the game to a different level entirely. It routes your signal through multiple nodes. Each node only knows the IP address of the adjacent node. Therefore, at no point can anyone know the details of the entire chain and access your IP address.

Let's have a look at the complete comparison between TOR and VPN in the table below to help you make the right choice as per your needs:

Although transactions on the blockchain are anonymous, the IP address of the computer through which the transaction is done can leak your details. VPN or Tor helps to deal with this by masking your IP address and making you completely anonymous on the Internet.

You can visit Tor's official website here to download the browser package. If you are looking for a reliable VPN, then IPVanish, ExpressVPN, and NordVPN are great options.

6. Hardware Wallet for storing cryptos

If you are using the built-in wallet provided by cryptocurrency trading platforms and exchanges, you are making a serious mistake. Such wallets are always susceptible to cyber attacks.

Recently there was a breach of the popular cryptocurrency wallet NiceHash, where cyber thieves stole $63 million dollars worth of Bitcoins in a robbery! And there was nothing their users could do except watch their investments disappear within seconds.

The solution, First things first – let's look at the basics.

There are mainly two types of Crypto wallets:
  • Hot Wallets
  • Cold Wallets
There are hot wallets on crypto exchanges and trading platforms. Although they are easy to transact with, they are also highly insecure and you do not have access to your private keys. If that exchange gets hacked or they decide to close, you lose all your crypto assets stored on that particular exchange.

What drives me to say so? Statistics! The total value of cryptocurrency hacks and fails is $1 billion as of January 1st, 2018. I am sure you do not want to add to your cryptocurrency portfolio this mayhem.

Cold wallets come to your rescue as they are not connected to the Internet. And something that cannot be marked on the map cannot be stolen.

Although there are different types of cold wallets, hardware wallets are the most popular. A hardware wallet is a tangible physical device that is kept offline but can be connected to the Internet and used whenever needed.

They are completely hack-proof as each transaction requires you to press a button on the device. I have never heard of a hardware wallet being hacked.

If you are looking for the best hardware wallet, then Ledger Nano S is the most popular choice in the market. It supports Bitcoin, Ethereum, Dogecoin, Ripple, Litecoin, Dash, Neo, Ethereum Classic, Zcash, and some other currencies. You can view the complete list here.

This device is known to be completely tamper-free and water-proof, and it comes with a sturdy design. It uses some powerful cryptography standards to provide you with round-the-clock security.

7. Anti Virus

Let's wrap up the post with the basics – using an antivirus! You will be surprised to know how undervalued this move is among traders.

As discussed earlier, the virtual world is plagued with powerful malware and ransomware that can steal your coins before you know it. Even a basic key logger can track your keystrokes and steal the password of your email or cryptocurrency wallets.

Thus, having a proven antivirus to back you up can do more than just protect your portfolio. It can protect you from identity theft.

Kaspersky and BitDefender are the main options when it comes to paid antiviruses. Their database is constantly updated to provide cover against all the latest vulnerabilities.

Conclusion

When it comes to the volatile market of cryptocurrencies, mere investments are not enough, however simple they appear to be. You have to be smart. There is no point in making this pile of fortune if it can be carried away in a second, literally.

The future of cryptocurrencies is brighter than the sun and the story is just beginning. This is a perfect time to hit the market and an opportunity that, if missed, can leave you feeling remorseful for the rest of your life. After all, in the words of Bill Gates, "The future of money is a digital currency."