Physical Security is not a single device nor a single app that you load and forget. Security for your Coins is a process and layer upon layer you build roadblocks and walls and hiding places. You don't divulge to the world how much you own nor where your keep your treasure.
Using a Trezor T hardware wallet with Shamir Backup is one way of securing your coin. Shamir Backup is a method of splitting the seed phrase into multiple unique shares. To recover the wallet, a specified number of shares has to be collected and entered to unlock your wallet. The feature got its name from Adi Shamir, the author of Shamir's Secret Sharing algorithm.
Read more technical details in the SLIP-39 specification on GitHub and our blog post on the Shamir Backup.
Metamask is a common wallet used for many Ethereum transactions. If you use this wallet please take time to join discord and learn about many things good and some questionable. Here is the list from Metamask where you start off your Metamask wallet journey.
An article in The Bitcoin Consultancy gives further reasons to use Metamask, as it has an internal Anti-Phishing tool. Add this article to your reading list for security. David Veksler is an expert in crypto security and recovering lost coins.
You can store your private keys on the Trezor T, and other password storage protocols, but I prefer to air gap my seed phrase and keep a stamped metal copy in 2 seperate discrete locations. This is part of the "Shamir" protocol of having parts of the entire seedphase stored at different locations. ) This is just on more layer of security and also part of a heritage or legacy format to pass on your assets to someone as an inheritance, or corporate rules for a business plan.
Earlier, I mentioned Airgap. I mean do not copy, paste, take a picture, nor send a copy of the seed words via any device. Seed phrases need to be kept offline and protected. A physical air gap between any connected device and your seed phrase.
If you lose the seed phrase, you can not rebuild your wallet. If your seed phrase is stolen, you will lose your coins. There are more options, but you may not know your wallet is comprised or defective and if compromised, you can lose all your stored coins in a matter of minutes. As a former technician in a national/military security group; I have used the airgap protocol for over 45 years. I have never had my passwords or secret phrases/code names compromised.
Copy and paste these rules and place them within your computer or mobile device, and/or write these down and place them next to you.
Rule #1: Never share your 12-word Secret Recovery Phrase (SRP) or private keys Rule #2: Beware of impersonators! Make sure to see their trust level 4. Rule #3: Never DM with someone offering to help. Rule #4: Never enter your secret recovery phrase or private keys into any website. Rule #5: Never trust someone asking you to “authenticate your wallet” Rule #6: Never import a private key or a seed phrase to your wallet that someone gave you Rule #7: MetaMask Support will never DM to help you. Rule #8: DO NOT trust Discord servers, WhatsApps groups, WeChat groups, Telegram channels, or Twitter DMs. Most all of these are scams. You are presenting yourself as a target.
I have spent a few years dealing with operational/physical and communications security. This was in the military and government sectors. My Army unit was so good at both, that most of the world did not know we existed until the Congressional Hearings on the Nixon and Watergate Affair. Even afterward we were not compromised as even the NSA , FBI, and CIA have been.
That being said, I recommend you DYOR and decide how much your money/crpto is worth to your. Peole work hard to take your treasure.
If you need to take your crypto security to a very high level, not only do you need the best anti-virus and VPN, but the security keys need to be ultra secure. I follow this author and have found his advice to be best for the current conditions. David Veksler has a very high trust factor and I suggest you check out his advice soon. You don't want to try and find answers after someone has emptied your account. "Not your Keys, Not your Crypto"
Bad actors in this world are willing to spend time, effort, and energy to take it from you. Remember; that the amount of money you consider as small ; may be a fortune to people in parts of the world where food and clean water is scarce; but a smart phone and a data connection is still available. They would consider your assets as treasure hunting and with zeal and abandon they persue this hunt. They seach every nook and cranny looking for a weak link in your defenses.
Many exchanges state they have insurance on the crypto in their exchange. They do, but if your passwords are compromised by an outside source and your account is drained, they can not help you. The insurance as I understand it , is if the exchange or software they use is hacked; then your affected coins are insured. This is another reason to use 2FA as exchanges like Kraken, Coinbase Pro, Bittrex, and some others will require this code before you can move any coins, and CBpro will let you whitelist your outgoing addresses, so that only the pre-approved address can withdraw from your exchange account.
FNL content including, but not limited to, articles, podcasts, videos, live streams, and websites are intended for informational purposes and should NOT be considered financial, investment, tax, legal, nor trading advice. Cryptocurrency, futures, foreign currency and options trading contains substantial risk and is not for every investor. An investor could potentially lose all or more than the initial investment. Risk capital is money that can be lost without jeopardizing one’s financial security or lifestyle. Only risk capital should be used for trading and only those with sufficient risk capital should consider trading. Past performance is not necessarily indicative of future results. https://futuresnetworks.live/risk_disclaimer
Comments