Add to Bookmarks
cryptocurrencies Security

Imagine that a friend takes you to a nice bar that is a known hang-out for smart, professional investment managers. You walk into an unfamiliar place filled with well-dressed, successful looking people and strike up a conversation with one of them. They tell you about a great investment, and then offer to “let you in” by taking a picture of your credit card and charging the amount you want to invest.

Does this strike you as a good idea? It describes what is happening in the cryptocurrency markets these days. There are real opportunities and plenty of advice on where to make a nice profit, but the way anyone should go about investing has not changed. The problem is that some of the people in the “nice bar” are not nice at all and are looking for people who are new here so they can take advantage of them.

What is Cryptocurrency?

To understand this you need to understand the people. Cryptocurrencies are based on sophisticated computer codes and networks. The first people to understand and use them were people familiar with computers, computer coding, and computer networks. This is who is in the “nice bar” on our opening analogy. Of course, some of these people are nice, but no one would assume everyone in any crowd is nice.

Cryptocurrencies have become very valuable. That means people who know how to steal things like credit card numbers or other personal information have a great incentive to steal cryptocurrency. Those who are familiar with computer networks and computer coding have a natural advantage because cryptocurrency exists on their “turf”.

Cryptocurrencies are blocks of code stored in a decentralized ledger. A person owns the cryptocurrency by having the address of that block of code. The address is where the code can be found on the ledger. Cryptocurrencies are spent by sending the block of code from one address to another.

Each address has a public access and a private access. Anyone can use the public access – called the public key – to put money into the address. It’s like putting money into a vending machine. Only the person with the private access – the private key – can take money out of the address. It’s like the key that unlocks the vending machine, giving the person with the key access to everything inside.


Safety Measures Start at Home. Secure Your Computer.

Keep in mind that trading cryptocurrencies are done over the Internet, and all the safety precautions that apply to e-commerce apply to cryptocurrencies. In addition, it is always a good idea to keep the Operating System (OS) of your computer up-to-date by installing updates as soon as they are available. Updates often include protection against malware and computer viruses.

There is an additional step some experts advice before investing in cryptocurrencies. In order to be certain your computer is not infected with a virus already, they recommend removing all data files and reinstalling the OS.  This is sometimes referred to as “rebuilding the machine”, and is the ultimate method of ensuring the computer is free of viruses.

There are also a variety of commercial software programs that provide anti-virus protection. These range in price and effectiveness. However, the current trend in cyber attacks is moving away from viruses and toward other strategies. These include phishing attacks which attempt to trick individuals into sharing important information through deception. Because this strategy involves human action, computer software is not an effective defense.

A Word about Passwords

Passwords are important because trading cryptocurrencies at this point in time (Early 2018) require establishing accounts in several places. You need to create a wallet that will hold your cryptocurrencies (more on this later) and accounts at the exchanges where you will do trading. It may be necessary to create separate wallets for different cryptocurrencies as well as accounts at different exchanges.

These accounts will require passwords. Be sure to create strong passwords that include capitalizations, numbers and any other characters allowed by the system. Some systems allow passphrases rather than passwords. In either case, use the strongest possible password you can create. Do not use the same password or passphrase on multiple sites.

Remembering these passwords is absolutely critical. Experts highly recommend a password manager to help maintain the passwords and passphrases. A password manager is an online service that encrypts passwords and unlocks them with a different password. Alternatively, you can write down your passwords on paper. If you take this approach store the paper in a secure location away from your computer.

An increasingly common approach with many cryptocurrency passwords is two-factor authentication (2FA). This turns a password into a process that requires the use of two devices. For example, entering a password or passphrase on a website sends a unique security code to the phone number registered to that account. That code must be entered before access to the account is given.

The development of 2FA and passphrases both indicates both the importance of the information in the cryptocurrency accounts and the technological ability of those designing these systems. It is a feature of the overall environment and should be understood by anyone who wants to own or trade cryptocurrencies.

How do I Store my Cryptocurrencies?

Wallets have already been mentioned. Remember that to own a cryptocurrency means you own the address on the blockchain where that unit of the currency is stored. This address is a bit of computer code that has to be recorded somewhere. The place where it is stored is called a wallet, and like passwords and passphrases, these need to be protected.

However, unlike passwords the computer code addresses for cryptocurrencies cannot be written down on paper. They must be stored electronically, which means they have to be either online or on a removable computer storage device.  In the jargon of cryptocurrencies, this means either “hot” or “cold”.

There is an important distinction to be made here. When trading cryptocurrencies it is necessary to transfer them to an exchange. This account at an exchange is password protected, but it is not a wallet. Accounts at exchanges should only be used as a temporary holding place while trading. As soon as the trade is complete transfer the cryptocurrency to a secure hot or cold wallet.

Wallets are sometimes confusing because we are still at the beginning of the cryptocurrency industry, and there are only a few wallets that can hold different cryptocurrencies. This is a byproduct of the coding used to create blockchain.  Rapid developments in this area may soon result in universal wallets that can hold all types of cryptocurrencies.

Hot Wallets

As was mentioned, these are online wallets that are accessed through a website. The information in the wallet is stored on a server that is always connected to the Internet. Hot wallets are password and passphrase protected but are vulnerable to attack by hackers.

Desktop and mobile wallets are a hybrid between hot and cold, and so might be called a lukewarm wallet. These wallets store the cryptocurrency information on a desktop, laptop or mobile device and not on an Internet-connected website. This is potentially safer but is not without risks.

The greatest risk is that the safety protocols of personally owned devices are not enough to stop a determined attacker. This risk is why experts recommend reinstalling an OS prior to trading cryptocurrencies. Another layer of security is available by using a Virtual Private Network (VPN). This will be discussed later.

The benefits of an online hot wallet include professional security management.  However, this is offset by the “larger prize” of successfully breaching the protective protocols, since that could provide the hacker(s) with access to multiple wallets. A downloaded lukewarm wallet represents a “smaller prize” but a potentially easier target.

Cold Wallets

Storing cryptocurrency information on a removable computer storage device is the functional equivalent of disconnecting a laptop or mobile device containing this information from the Internet. When the storage device, such as a USB thumb drive, is removed from the computer it is removed from the Internet.  This is the safest place to prevent this information from being stolen by way of the Internet.

However, the small size and portability of USB thumb drive also mean that they can be easily lost or damaged.  This is an unavoidable trade-off. However, it is easier to protect a USB thumb drive than it is to install and remain current on Internet security protocols.

Some experts would classify paper wallets as another form of cold wallet. The name is misleading since a paper wallet is actually just the public and private addresses of a hot wallet in alphanumeric or QR code printed on a piece of paper. This information does not have to be printed but can be stored in another computer document.

Storing a paper wallet on a personal computer or mobile device, of course, raises many of the same issues as storing a hot wallet on such a device. One difference is that the document storing the public and private keys may not include the website where the wallet actually resides. However, a dedicated hacker seeing a transaction on a cryptocurrency exchange may trace the account back to the electronically stored “paper wallet”.

Suggested Articles

Operate on a Virtual Private Network

“Covering your tracks” against this possibility is the purpose of a Virtual Private Network (VPN). To understand how this works and why it might be beneficial it is necessary to understand an Internet Protocol (IP) address and what it does.  Simply put, it is the location of any Internet-connected device.

It just makes sense that this type of address is necessary. After all, opening a webpage means the webpage that has the graphics and text needs to send that information to your computer. This means it needs an address, just like the webpage itself has an address. Individuals with computer skills can track these addresses.

Preventing this tracking is the role of a VPN. Technically it is a second IP address that operates on your computer and the rest of the Internet. Your computer connects to this IP address, which then passes along all requests for information to the rest of the Internet while protecting your computer’s IP address. Anyone watching Internet traffic at a website only sees the IP address of the VPN.

This procedure prevents anyone from “following” your trail back from a cryptocurrency exchange. They can only get as far as the VPN. Keep in mind that anyone spying on your computer over public Wi-Fi is already behind the VPN address and is watching your activity directly. This strongly suggests not trading cryptocurrencies over this type of Internet connection.


All of these security precautions may make it seem that investing in cryptocurrencies is just too difficult for the average person. This is not correct.  Many of these procedures are recommended for anyone buying anything over the Internet. Information on credit card numbers and other financial information is just as valuable as cryptocurrency assets and deserves the same level of protection.

In addition, the market for cryptocurrencies is developing rapidly. Both large, traditional financial organizations and new start-ups are entering the market, bringing a range of services that may simplify the security processes described here. These organizations may create cryptocurrency brokerage accounts similar to those that exist for stocks and bonds.

This would obviously simplify the processes described here and make investing in cryptocurrency much more accessible for the average person. This, in turn, could bring more buyers to the market and positively impact prices. If this happens, individuals who have gone through the process of creating wallets and exchange accounts could be well rewarded for the time and effort invested in that process.

Don't miss a thing!
Discover what's moving the markets. Sign up for a daily update delivered to your inbox

Trade With A Regulated Broker