DER GOBBLE Good Secure Crypto Wallet Practices When it comes to crypto currencies and securing your money, the absolute best 99% guaranteed security for your wallets is YOU. You are the one that will expose your keys improperly to the world and loose your money. You are the one using that unsecured, infected machine to trust your money to. Therefore you are the one that must know what you are doing to secure yourself. Arrrrrr, I know where the Secret Key is! Follow meeeeeeee. What is your wallet? When we buy a particular crypto coin, that coin is stored in a piece of software. A coin itself is a piece of software, nothing more. To own that coin, it must be linked to you in the coin universe or it is not really yours. Every crypto coin Good Secure Crypto Wallet Practices 1
whether it is XRP, BTC, BCN, DGB or whatever, has. Its own software designed to store your coins. There are also third party programs designed to do the same. That software is called the Wallet. Just because you have the software on your computer still does not mean your coins are yours. There is one single element that makes that wallet yours and that is the SECRET KEY. With that secret key, you control the spending and transfer of your crypto coins. The reason is because it acts like your signature on a check. Coin can not go out of your wallet, without being signed with that key. Coin can come in and you can look into your wallet without the key, in fact anyone can look into your wallet, but it most definitely can not go out without it. If you loose your wallet, by computer crash, fire or water damage, data loss or Global Thermal Nuclear War, you can recover your wallet with only that secret key. So in actuality the key itself is your wallet, not the software. The software only manages your wallet and provides an interface to your wallet. Since the software only provides the interface to your wallet, we are not going to recommend any to you. Rather it would be better to describe your risks so that you can choose wisely. There are many wallets out there that pretty much do the same. The point is to protect yourself. Stealing a Wallet Stealing your wallet is fun! It is a sport. There is nothing better than writing a little bot to go to your computer and get your secret key and send it to me. (Not really) but the bad guys are thinking the same thing. There are three main methods that your key code will be stolen from you. You put pictures of you and Secret Key traveling the world on Facebook. You Tweeted about Secret Key having babies. Good job Virus: A virus designed to search your computer for the pattern in which your key is constructed. It is an easily distinguishable looking line of text. A virus can record that key and send it home. Physical Access: A bad guy that gets physical access to your computer of course has access to everything else. Think of the terror of a bad guy, friend or even Mom, getting your secret key, writing it down and then storing it under their very own pillow so it will whisper sweet nothings to them in their sleep. Oh the horror. USRERROR: this is the most serious and most risk of them ALL. It is impossible to stop. You will loose everything because of this stupid error. You have no chance to survive. This is USER ERROR. It will be all your fault. You are the one that personally gave your key to the world. You are the one that posted your Good Secure Crypto Wallet Practices 2
secret key online. You are the one that talked about your secret key. You are the one that bragged about how secure it is, where it is, and nooooobody can ever get to it. You put pictures of you and Secret Key traveling the world on Facebook. You Tweeted about Secret Key having babies. Good job. With two of these, there is one thing in common and that is your internet connection. The other one can be secured with a good hammer and some leather straps. Building a Wallet (go offline) Creating a wallet is super easy, but the most important feature of all is to remember to be OFFLINE when creating your wallet. Anytime that you expose your Secret Key to your own computer, be sure to be offline. This will severely minimise your risk of exposure. The absolute best method of using your secret key is on a cold computer that never touches the internet, but that is another story entirely. We are going to assume that the user is lazy and does not have a spare computer laying around for such an operation. No matter what software you are using to create a wallet, there will be a secret key involved since that is actually your wallet. There is crappy software out there that does not expose the secret key to you and makes you hunt for it. Then there is software that shows you the key and offers a backup method to help you secure it. Creating a wallet is done one of two ways, either you load the software and it is just there, because it was done automatically for you, or it is a creation process that the software walks you through. A good piece of wallet software will run you through the process but it really does not matter too much. What actually happens is, a wallet.dat file is created in the background. It is stored on your computer somewhere. That file is the software representation of your wallet and MUST be secured. It can be named something else, but most wallets use wallet.dat or at least let you name your wallet what you like. Creating your wallet will have three parts to the process: 1. File creation 2. File Encryption 3. Secret Key Somewhere in the process, you will be asked to create a password for your new wallet. This is very important to understand. All that password is for is to encrypt that wallet.dat file to prevent physical access or access without your permission. IT IS NOT YOUR WALLET. You can send your wallet password to 1000 Facebook friends and it will not matter, unless they get a the most important feature of all is to remember to be OFFLINE copy of your wallet.dat file of course :(. The password only allows the loading of your wallet with your permission. It is very important however that you choose a good quality password. I recommend 12 or more random characters. Then when you want to open your wallet to do a transaction, you will be asked to enter the password every time. This is important, but has nothing to do with the actual coin. Most wallet software will show you the Secret Key as part of the creation process. Here is how you back up your key. You will TAKE A SCREENSHOT of that key and even the password combination and print it out. Do not use any PRINT buttons on the software. Do not use any other method other than a screenshot. The reason is that the screenshot is unidentifiable. But clicking a button on the program could initiate a process which the key is sent to a bad guy automatically. So you can not even trust your own software :(. You print the key Good Secure Crypto Wallet Practices 3
out, label it and then hide that piece of paper. Yes I know that is stupid because we have all of this expensive hardware for security, but this is the ultimate method that guarantees no hacking, virus or USRERROR. Now when your computer crashes, the same one where you stored your secret key in a hidden file that is now inaccessible, you do not loose your money. You still have your secret key printed out on paper, which you can restore anywhere in the world. The ONLY time that you will ever be asked to enter your secret key while in any online mode, would be when restoring a lost wallet. Even then, you need to have a new wallet on standby so that once you restore your dead wallet, you can transfer all of the money out to your new wallet. Once your Secret Key is exposed or ever used from that paper, it is compromised and must be assumed that all the bad guys in the world are racing you to your wallet right that very second. NO other time will you ever use your secret key. You will however often be asked for your password. That is simply to open the wallet.dat file. Give Me Your Credit Cards. I Will Protect Them :) So you don t know me but that is ok. All of you give me your credit cards and cash to hold and I will never spend them, run away or otherwise steal them. Really? Would you really do that? Hopefully the answer is NO. Or we would have another USRERROR. So a little common sense here then. If you use one of these online wallet creators, which also generates your secret keys and sometimes even hosts the wallet.dat for you, can you really trust that your key is not recorded? The answer is no. There is no chance that you can trust me or anyone else. My recommendation is DO NOT use any online wallet creator. If you do, you are lazy and deserve to be compromised. I am sorry if that is too insensitive, but you are failing to do proper research and learn about this subject prior to going on the adventure. The fact is that you can not trust anything that is online. There are hardware wallets, that offer to store your secret keys, wallets and all sorts all for your convenience. Some store them using hardware chips and others just save them. I do not know if they are good or not, but it does not matter. Go ahead and use them. It is ok. As long as you are OFFLINE, when you use them then it does not matter. Securing Your Wallet There are many ways to secure your wallet.dat file which also include your secret key. The password is the last and final level of protection. Once it is compromised, you are done. So we need to add extra security. There is absolutely no better method of securing your wallet then a cold computer. It is a fact. Any computer that has had a brand new operating system installed and never ever touches the internet, can not be infected or compromised other than physical access. It can not send your secret key around the world and you can not accidentally enter the secret instead of your password and compromise your wallet. A cold computer is another story for another day. Otherwise, we need to secure our wallet.dat files on a non thinking or decision making device. We can use any USB stick to do it. You can use the Ledger Nano even. But you can also use a $5 stick. Personally I prefer any Sandisk USB device as it is simply better hardware and their proprietary encryption software is excellent. All we need to do is Encrypt the entire USB stick so that anything that we store on it is encrypted. This will add a second layer of security to your wallet file. Sandisk offers Encrypt Stick software to do this. I can not say that every encryption software is good because it simply is not so. Good Secure Crypto Wallet Practices 4
Trucrypt got compromised a while back. No matter if they fixed it or not, it proves that they have no idea what they are doing and can not be trusted. With your wallet file on a USB stick inside an encrypted section and with its very own password, now you have a good level of protection for your money that is still a little bit convenient to use. But keep in mind that the more convenient it is for you, then the less secure it is for the bad guy. Now all you have to do, is disconnect from the internet anytime you use your USB stick to sign outgoing transactions. The USB can be used as your cold storage meaning that it does not sit on a connected computer all day long. You do not need the stick to read your wallet. You do not need the stick to send money to your wallet. You can lock that stick away, feed it to your dog (twice a week) or whatever you need to hide it and still send money to your wallet. You will only need it to transfer coin out of your wallet because then we will need the secret key to sign that transaction. In closing, securing your secret key form the entire world is easy. Just remember when using anything associate with your secret key, do it offline. Never enter your secret key in any device unless you are recovering a wallet. Once a secret key is used, consider it compromised garbage which must be replaced. This does not mean when you sign a transaction. I mean when you enter it on your computer, in an online form or anywhere else accidentally. Yes there are a bunch of smart guys out there that will tell you otherwise. They will tell you that you are totally secure, that the statistics are with you and that online wallets can be trusted. Go ahead and listen to them bad guys can whisper sweet nothings to you too. How do I secure My Wallet So now I will give you an example as to how I personally store all of my coins. I am not concerned with telling you because my uncles Mr. Smith and Dr Wesson are always around and secure my physical access. When I first create a wallet, I immediately set a password and also get a screenshot of the Secret Key. Then I test my wallet to be sure that all is properly recorded and now mistakes were made. I try logging into the wallet. That will prove that the password is good. Then before I send any money to any address associated with the wallet, I destroy the wallet.dat file. I then use the Secret Key to restore my wallet. This proves that I correctly recored my Secret Key and that the wallet is fully functional. Next, I record the wallet address. I then take that wallet.dat file and back it up on a fully encrypted USB stick. The password is unknown by me. I know the PIN code and that is all. The PIN code is only half of my password and another hardware device supplies the other half. So to even open my USB stick you require the stick, my PIN CODE and the Hardware Token. Next I take that USB and throw it into my 1 ton Safe. With the address I can look at the wallet and watch deposits go in. Then once every few months or with large transactions, if need be, I break out that stick and double check that all is ok. I do not send coin out very often.i primarily build a supply for cashing in, in 5-10 years :). In the event that I need to send coin out, I actually have an extra computer sitting around. That computer has the wallet software on it also. When creating a transaction or order that says to send coin form my wallet to an address, I create a text file which is that transaction but it has not been properly signed with the secret key yet, so it will not function. From my online computer where I created the Send order, I save that txt file on a USB Stick and then take that stick to my offline computer. Using the wallet software I can fully log into that wallet and use the secret key to sign the transaction. This rewrites the data in that text Good Secure Crypto Wallet Practices 5
file which I can now take back to my normal online computer and send to the coin network. That completes the sending transaction and my Secret Keys were never exposed to any network. Good Luck :) Good Secure Crypto Wallet Practices 6