How to Properly Secure your Crypto Wealth

By: David Marc
Updated: May 20, 2018

Bitcoin security, internet security

While bitcoin security breaches have dominated many headlines there is a larger dynamic in play which is our ability, or inability, to protect against digital theft. This is something that plagues the internet. Seven percent of US residents 16 years or older were victims of identity theft in 2012, with 85% of cases involving credit card or banking information. We assume those numbers continue to grow. In February of 2015, a hacking network was discovered that had stolen over one billion dollars from banks over the course of the previous two years. In October 2014, 40 million credit and debit card numbers were stolen from Target’s point of sale systems. Bitcoin, while not immune, is also not alone.

Bitcoin does stand alone in the realm of digital security innovation, which is pulling the entire internet security market forward. Many of the best developers in the world, dedicated to this amazing technology, have been working on enhancing wallet security to ensure a safe environment for bitcoin users.

This guide is meant to provide a general overview of bitcoin wallet technology and equip readers with the knowledge needed to make an informed decision on the appropriate wallet.


Understanding Private Key Security

There are two main aspects to consider when determining the security of your private key: how the key was generated, and how the key is stored.  

Private Key Generation

Have you heard of the disease severe combined immunodeficiency, which afflicted the protagonist in the movie “Bubble Boy”?  An underdeveloped immune system required the poor child to be housed at all times in a large sterilized bubble, protecting him from all sorts of nasty bugs existing outside his cauterized space.  

Such is the goal when generating a private key, to create a bubble which protects the key from ever coming into contact with all the nasty bugs that exist in that jungle known as the internet.  It seems drastic – and in most cases it is – but one touch, one moment in which that key comes into contact with the internet represents a moment it can be stolen by hackers. And there are definitely hackers looking out for such opportunities.

How to generate private keys for your savings

The most secure private keys are generated entirely offline, and if you have significant bitcoin or crypto holdings you should invest time or money in using this method of storage.  There are a few ways you can set up “cold storage”, i.e. completely offline storage. The first, and most complex, is to run a this type of wallet yourself. This requires taking a wallet’s executable file and saving it onto a usb cable, running the program on an entirely offline – never to be online ever – computer, and generating there the private key.  You can then import the public addresses onto your internet-connected computer wallet.  Bitcoin Armory is the best example of such a wallet system.

Such a do-it-yourself cold wallet method is difficult to set up, and takes a lot of effort when you actually want to transfer your bitcoin.  A much better alternative, albeit with a modest price tag, is to buy a good hardware wallet with an air-gap between the internet and the private key.  The best of these is, and really has always been, Trezor. It is worth buying at $80, and you can read more about it here.

How to generate private keys for your spending accounts

Your mobile (or web if need be) wallet might be likened to a checking account, containing only the bitcoin required for short-term use.  A proper mobile wallet will generate the private key on the client side – on your phone (or computer, or browser) – and will never themselves see it.  The private key will not sit in some wallet database ripe for hacking; hackers will only be able to get at your private key if they somehow have access to your device.  Some wallets might have additional security measures, like multisig. Regardless, none of these solutions is failsafe like a properly established cold storage solution, and thus they should not be used to hold substantial savings.  Check out our picks for the best iphone and Android wallets.

How to store your private key

Ok, so this is quite a difficult one to answer.  The Trezor wallet for instance comes with a little booklet in which to write the private key, after which the booklet is meant to be stored somewhere safe.  Some might consider safe in an inauspicious spot in their house. Others might be concerned about fire and print the mnemonic on a metal plate. Others might not rest easy knowing that the private key is just sitting inside their house, and prefer to stick it in a safety deposit box.  Still others do not trust banks at all, and prefer to split their private key into a few sections and disperse them amongst trusted family members in different location, according to some method providing both security and redundancy if part of the key is lost.

This is very much up to the individual.  Just keep in mind. These keys should be kept safely offline, hopefully somewhere fire retardant.  If you are able to memorize the mnemonic that is always a great backup. And perhaps the most important – and for some the most difficult – preventative step to take – never talk about how much bitcoin you have.  Doing so is basically sticking a target on your back that says “rob me”.

Of course, we live in a world where speaking is not necessarily a verbal action.  As a wise man once said, a computer says a thousand words. Read up on how private bitcoin is, and isn’t.