The 26th of last January, hackers stole 500M$ from the Japanese exchange Coincheck. A testament to the fact that securely storing cryptos is not the simplest thing in the world. In this article I will list a few tips on how to keep hackers away from your money. I will also share my personal experience on the matter and what I did that worked or didn’t work.
What happened with the 500 million dollars?
58 billion yen woth of XEM represent the biggest theft to date by value in the crypto world.
Coincheck didn’t tell how the system was breached. What we know is that the money was kept in a hot wallet, a wallet always connected to the internet.
The funny aspect is that, since XEM is not a privacy coin, the hackers will probably lose much of their booty. On the other hand investors are probably going to be refundend.
You can actually do better than Coinchek
First of all, a lesson learn is to never hold your asset in an exchange. Even if the site isn’t hacked, there are a miriads of events that could prevent you from actually getting a hold of your money. The exchange might fail, it might be offline; maybe a new law will prevent you from cashing out.
If you instead keep your crypto yourself there is a good chance you can do a better job than Coinchek and most of the exchanges.
What if I actually have to trade?
If you have a good reason to keep the coins on the exchange, at least make sure the company is reaputable and established. After that choose a password with enough entropy. 
Always make sure to activate the 2FA. Two factor authentication will save your life if you ever reuse your password in a site that was hacked.
Guide to securely store your cryptos
Depending on how much money you are managing and your style there are a few options to hold your coins.
Get a hardware wallet
If you have enough money at stake, probably you’re better off with a hardware wallet like the Trezor or the Ledger. Just make sure to buy from the actual producer: I’ve heard some stories of people who bought it from ebay, needless to say the previous owner copied the seed. After he saw the user putting a few bitcoins inside he easily cashed out.
Create a paper wallet
A paper wallet is a kind of cold storage that is very intuitive to manage. You have the actual coins in your hands. Any person who can see that piece of paper will take your money. Still this is much more intuitive to protect than some software on your computer or somone else's. I personally have most of my stakes in this format.
Here is a list of websites for a bunch of cryptos in which you can create your own paper wallet.
| Currency | Website | Notes |
|---|---|---|
| Bitcoin | walletgenerator.net | Will also work for Bitcoin Cash |
| Ethereum | MyEtherWallet | Create a wallet and click Print Paper Wallet |
| Cardano | Not yet available (expected for spring 2018) | |
| NEO | ansy | |
| Litecoin | liteaddress.org | |
| Lumen | stellar.github.io/paper-wallet | |
| EOS | ERC20 token, just use the Ethereum one | |
| NEM | Tutorial | |
| IOTA | Locally or web | |
| Monero | moneroaddress.org | |
| Dash | paper.dash.org | |
| Lisk | liskpaperwallet.com |
If you are putting a small sum in the wallet: just go ahead. If instead you are putting a substantial amount you have to take a few precautions.
- It goes without saying, make sure there is no way to see what you are doing, curtains closed
- Always make sure to be disconnected from the internet when you run the wallet generator
- After the wallet is generated, print it and before re-connecting to the internet restart the computer
- As an extra protection you should do the above steps on a brand new operating system: you can use a Live Linux Usb
- If possible encrypt the private key with a passphrase you learned by heart
- If you are paranoid, make sure you are directly connected to the printer and that all the wi-fi interfaces are off for both the computer and the printer
Make sure the paper wallet will last
Water
Inkjet prints can be destroyed easily with water, if the atmosphere is too moist, or during a flood the print can phade away with all your hopes to buy a Lamborghini. Make sure to use a laser or led printer, laminate them if a flood is a concrete possibility.
Fire
You can keep multiple copies in different locations. If the private keys are encrypted you should be able to spread the wallet to your friends or a safe deposit without worring about somone finding them by accident. If you leave the oven turned on while you’re picking up the grocery and your house catches fire, you will still have enough money to buy a new house.
Multiple wallets
My portfolio is very diverse, while I don’t have everything on a cold wallet, sometimes I lose track of some of them. Make sure to register all the wallets you print and where you stored them. This way in 15 years, when everyone will pay in cryptos, you will be sure not to have lost a single coin in a corner.
Phone wallets
For small sums and everyday expenses there are many apps which can work as a wallet. Beware though that some of them don’t actually store the key on your phone but on an external server. This means that you are no better off than giving your money to a random person on the internet who swear to give it back to you.
On the other hand, if you lose your phone you actually lose your money. This is why it’s always a good habit to backup the seeds.
Backing up the seeds
Some software wallets, like Electrum and MyEtherWallet can be generated from a seed. If you lose the password or the wallet itself but you still have the seed, you can recover all your funds. Many times the seed is in a form of a bunch of words like 'bell casket movie ...'
I’m still not sure what’s the right way to backup, what I personally do is keep them as I keep paper wallet. Effectively the two are have the same power to hold money, so it seems sensible to use the same strategies.
Good post, nice content and some good oppertunities!
my best friend is the :
Thanks.
Yeah, too bad all the Ledger Nano are out of stock till the 28th of March.
I will edit the post nonetheless.