top of page

6 rules for crypto security

When I first got into crypto in 2017 people used to talk about security way more than they do nowadays. Most people who participated in crypto back in the day were knowledgeable about security because they were so paranoid about having their money stolen. After all, crypto was a relatively new concept and it brings peace of mind knowing your funds are safu.

As time went on people began paying less attention to security because it's not nearly as sexy to talk about as numbers going up. That being said, everybody needs to know the best security practices so you are less susceptible to losing all your funds from a hack or scammers.


Rule #1 - NEVER give anyone your seed phrase

Please, please, please write down your seed phrase as soon as you make a new crypto wallet. I cannot stress this enough.

Seed phrases are a universal password that allow you to access your funds using any wallet platform. It's typically a string of 12-16 random words arranged in a specific order. If you share these words with anyone you can kiss that wallet's funds goodbye.

This isn't meant to scare you... but it kinda is. Most scammers and hackers compromise their victims funds because the victim gives them their seed phrase one way or another - just like a phishing attack.

It's not uncommon for someone to impersonate a project or team-member on Discord/Telegram/Twitter to try and get you to give them your seed phrase. Don't trust anyone. Always double check links and profiles to make sure you're interacting with the person you think you are.

Write your seed phrase down and keep it in a place that only you know.

Rule #2 - Get a hardware wallet

Hardware wallets are the most bulletproof vault you can store your crypto in. These can be bought for $100 or less. If you hold more than $100 in crypto you should use a hardware wallet.

Best hardware wallets:

Rule #2.5 - Keep a cold & hot wallet

This rule piggybacks off the previous one.

Hot wallet: Connects online and is used to interacts with contracts. More susceptible to attacks than cold wallets. (ex: Metamask wallet)

Cold wallet: Completely offline. Requires physical possession in order to access funds. (ex: Hardware wallet)

Using both types of wallets is the maximum security combination to make sure nobody can access your funds. Keeping a hot wallet means that it will be used frequently when you're interacting with different contracts online. A cold wallet should never touch any web-based application and can be used as a vault.

Rule #3 - Don't keep all your eggs in one basket

It's important not to keep all your funds in one wallet. Even after following all the best practices, you can never be too safe. Keeping your crypto assets spread across multiple wallets acts as a safety net in case of a slip up where one of your wallets becomes compromised. This will ensure that everything cannot be stolen in one single hack.

Rule #4 - Don't keep all your money on exchanges

It's not as common for exchange hacks to happen nowadays but a few years ago this was a legit concern and honestly it still should be.

It's impossible to learn about the history of Bitcoin without mentioning the Mt. Gox hack. What happened was that the biggest crypto exchange in 2014 got hacked and had $460 million (750k BTC) stolen from it's customers. People who kept their entire Bitcoin holdings on the exchange lost everything overnight.

Exchange hacks are much less common than in 2014 but as a crypto user you can never be too safe. The only way to ensure this doesn't happen to you is by storing your crypto assets in a secure offline wallet.

Rule #5 - Use two-factor authentication

This rule is especially important on crypto exchanges. It only takes a few minutes to setup 2FA on your account and it can save you TONS of money in case your account email and password get compromised.

Rule #6 - If something sounds too good to be true, it is

Most of the scams in crypto fall under this category. Sometimes scammers ask you to send them a small amount of ETH and in return they'll send you 10x that amount back. Other times you'll be messaged saying you won a giveaway that you didn't enter. Basically any random, unsolicited crypto DM can pretty much be classified as a scam.

This seems obvious but a lot of newer people in crypto are itching for an easy way to multiply their money - only, doing this will multiply it by zero.

bottom of page