We have all heard stories about people losing their tokens to theft, whether it be through impersonation or just a general lack of security. Decentralization is remarkable because you have complete control over your tokens. Decentralization means that there is no intermediary like a bank that you have to go through to send your tokens to another wallet anywhere in the world. With that said, it also means that there are no institutions that can help you if your tokens are stolen. This is important to understand, so we can ensure that we take extra security precautions.
Let me tell you a short story about a coworker of mine who had 6.5BTC stolen from him. While on vacation in Nashville, TN, he was out drinking and had lost his phone at some point through the night. It is important to note that his phone did not have a passcode enabled at the time. Whoever found the phone decided to search his emails and found emails from Coinbase. With access to his emails, the hacker logged in and reset the password. In the blink of an eye, they managed to transfer 6.5BTC to their wallet. Due to the lack of security measures taken, there is nothing my coworker could ever do about this massive loss. This happened during the time when BTC was trading at $3000USD. Some quick math tells us that as of September 19th, 2021, he has lost $308,000USD.
Cold storage is the safest way to secure your tokens. Hardware wallets are physical pieces of hardware (like a Trezor or Ledger, which is a USB-like device). No one can access your tokens since they are offline and a hardware piece is required to access them and transfer your coins. In addition to the hardware piece, you also have a list of words to access your account in case your hardware device isn’t working. You should definitely use a hardware wallet to store your tokens offline if you have a significant value of tokens.
Having a “crypto” email that is not linked to other websites reduces the risk of someone hacking into your email account because that email account is used less often.
Keeping your tokens on an exchange means your tokens are always online, which automatically leaves them susceptible to hacking. Your tokens are not in your control and this is not a strong security measure.
This one is straightforward. It is a simple security measure that keeps hackers guessing.
Your seed words are the holy grail of your passwords. They should, under no circumstances, be kept online, or even on your computer or phone. They should only be physically written down with a pen and then stored in a secure physical location.
Many cell phone providers can add extra security measures to your account to prevent someone from impersonating you and getting access to your authenticator apps or temporary passwords which are texted to you. Call your provider and ask them what security measures they can add to your account to prevent SIM swapping.