The ten commandments safety of cryptocurrency portfolio

Looking at how people hacked one after the other, we cannot remain silent. To lose your cryptocurrency portfolio in this era of the emergence of cryptocurrencies and blockchain — how to buy a pizza for 10 000 bitcoins, eight years ago. Note: we do not in any case are not experts in the field of information security. But fear has big eyes, and Willy-nilly we had to learn caution the hard way. Safety is where it should start the path to the crypt for everyone.

Follow the ten commandments of security in the world of the crypts and the God of security will save you from the dark forces of hackers.

the

#1. Do NOT use two-factor authentication VIA SMS

To make an account on any digital platform, you always need the email address to which you have access. It will be used for password recovery if needed. It's a must. If your email is compromised, you will not recover, and therefore any accounts tied to it will be compromised and stolen.

In most countries, it is very easy to restore the phone, so someone, not you, can usurp your phone number and forwards every call or SMS (text message) to your new device.

As soon As the hack becomes available to your room if he somehow finds out your email address without knowing the password, he can easily request a password reset via SMS 2FA (two-factor authentication via SMS) and steal your mail.

the

#2. Configure or U2F 2FA on their accounts

If you are not following commandment #1, whether you have activated the entrance for the best or U2F 2FA or not, because the entrance via SMS 2FA will destroy any precautions.

Two-Factor authentication (2FA) prevents hacking attempts and phishing scams, because once it has been activated on your email account, anyone who wants to her to break, will have to get physical or remote access to the device on which the application is installed two-factor authentication.

Even more secure than Google Authenticator or Authy 2FA is U2F. Universal two-factor authentication is a standard developed by the FIDO Alliance, which is easy and safe to use. The U2F device is inserted into the USB port and pressing the button sends a signal that confirms your entry.

This method is safer 2FA, because it is a "physical key". If a hacker gets access remote access to the device where you installed your app two-factor authentication, he'll have access to all accounts authentication in your application. If a hacker wants to access your account, and if you have activated U2F, he'll need physical access to your U2F key, the other options will not.

the

#3. Remove the hardware wallet and USE it

The safest way is to store the updates in a hardware wallet. Because if you don't own your private keys, you do not own their crypt.

People say so very often, because it very accurately. If you keep your bitcoin on exchanges, you don't own the private keys to your cryptocurrency, but the exchange's own. And you know what happens with the funds of exchanges that crack: it is enough to remember Mt. Gox, Coinrail, Bithumb, Bitfinex and others.

However, in addition, you need to carefully store your private keys, it is safest to store them in hardware wallets. In any case do not keep your keys in Evernote or Dropbox. The keys will be safer to keep offline, offline, at least on paper wallet (Yes).

Hardware wallets like the Ledger and best wallet support two-factor authentication. To steal your money, the thief would need, first, to find your hardware wallet (and usually it is stored in the safe), get to know the PIN code to use or a secret phrase, and, in some cases, to get your phone for 2FA.

the

#4. Don't act defiant and boastful

From time to Time you will observe how different upstarts of cryptomeria brag about their savings, and then complain that they got hacked. Action and reaction.

To Speak openly about their profits in social media is how to put a big sign on himself:

"I bought please hack me!"

Reaffirming its profit, you only encourage hackers to look for vulnerabilities in your information security, and if they do find them, they will be rewarded. Do not need be.

the

#5. Be anonymous

To Be anonymous in cryptotwit or cryptomelane an extra layer of protection between you and anyone who wants to try to hack you. Why? Because anonymity allows you to hide your true identity, gender, age, race, nationality, past, and so on.

In many countries to openly declare that you are in the crypt with the head, means to give himself away as to hackers and to law enforcement. In some cases it can hurt your family or friends.

Be anonymous then, in principle, can be defiant and boastful. But this is bad advice.

the

#6. Out of sight

Keep you incognito or not, it doesn't matter if you have a tell. Don't share personal information on social media, be it text or images. For example, it is easy to give yourself away, sharing photos of their environment. Gradually folding puzzle from your images, the attacker can calculate.

Every footprint that you leave, can be used by hackers to get a complete picture about your personality orsearch vulnerability. Do not give in and not to impersonate.

the

#7. Use different emails for different accounts

Do Not use one and the same in social media and the stock accounts. Because the social media accounts easier to hack than the accounts of cripture. Twitter, for example, has two-factor authentication and by default does not require you to login every time. Perhaps someone will be able to get your mail, if you do not come out of the account.

We Know that Facebook shares your personal information with third parties. Perhaps your post on Facebook, and also other sensitive information, long been "floated".

Create various email addresses with different levels of importance will help to protect yourself from hackers. For example, use one address for Twitter, Facebook, Instagram, Dropbox, Vkontakte and other; the other for exchanges. If any of the social media accounts is compromised or if the company decides to sell your email and data, these data at least will not be bound to cryptomeria.

For greater security, you can use a different email for each exchange. Paranoia is justified when we are talking about tens or hundreds of thousands of dollars. And most importantly, ALWAYS use different passwords, not to facilitate the work of hackers.

the

#8. Add sites to bookmarks

The easiest way to lose the crypt to get to the phishing site. Just imagine: you bought a brand new laptop, your phone ringing, telling about an important message from John McAfee, you open Internet Explorer to login to Binance and make a quick purchase. You go to Google, write "Binns" and click on the first result in the search. This site is in the "advertising" and gladly eats your email address and password.

And all of your funds on this Binance is no more. As in other exchanges, if you use the same email address and/or password. Forge website — super fast and Superliga, and advertising in Google Ads costs nothing and pays off well.

MyEtherWallet this also happened a few times, so avoid clicking links on the stock exchange from Google. Better bookmark.

the

#9. Use VPN to untrusted Wi-Fi network

To Use Wi-Fi in public unverified networks is like having sex without a condom with a stranger. Use VPN in public Wi-Fi networks and not picked up cybermenaces disease.

the

#10. Use antivirus and firewall

Antivirus protects your computer from viruses, malicious software. So if you set up wallet with coin, which someone suggested, better make sure that your computer is protective security.

A Firewall protects your computer from unwanted connections, that is, from eavesdropping from outside. In the era of information networks security are gradually coming to the fore.

On the Internet you are as vulnerable as on the street, only share your thoughts, images, personality and real data with millions of people, not thousands.

Follow you even if you do not suspect.