top of page
Jul 23, 20222 min read

SECURITY 101

This is paramount, in both the age of everything being digital, and of course when you are holding valuable digital assets, everything is increased x 10.


Most "hacks" are actually exploits, and there is usually an element of SOCIAL ENGINEERING/ PHISHING involved. This has happened in every digital space, and still does. This is not to scare you away from crypto, but hopefully you will take this seriously


  1. Web2 security, (2FA on all socials, using an authenticator app or a hardware authenticator)

  2. Wallet Security (both a hard wallet/ cold storage and also having multiple wallets to mitigate risk

  3. Eliminating Risk via the ways you communicate


WEB 2 SECURITY / PW PROTECTION

  • For web2 security, here is an amazing thread by VGFreakXBL that talks about Passwords, connected apps, and was published recently after some twitter exploits

  • Bookmark your frequently visited sites / type them in on your own, after some of the Opensea phishing attacks I published this article that goes into greater detail of things you can do

  • Do not click random links. If you can, use a different device for crypto than you use for everything else.

  • For any site or DAPP that requires a login, please use an email that is new, and that you do not post anywhere publicly.


WALLET SECURITY

  • Get a hardware wallet, here are multiple guides about this process (DO NOT ORDER FROM AMAZON)

  • Understand what a hardware wallet will protect you from. This will not protect you if you signed a malicious transaction, so having multiple wallets to mitigate risk is key!

    • There are methods in the article linked above

    • Another thread from TropoFarmer about his wallet organization

  • Disconnect your wallet from sites is good, but will not to much, revoke permissions via Revoke.Cash

  • KEEP YOUR SEED PHRASE SAFE AND OFFLINE. NO DIGITAL STORAGE AT ALL

  • Make multiple accounts / wallets so that if one

ELIMINATE RISK OPPORTUNITIES

  • Turn Your Discord DMs OFF (server owners need their own whole guide, though I do have a running list of scams in real time in the Hisscord)

  • Do not Download attachments from emails on a computer that has crypto on it

  • Make sure your phone company will not allow a new SIM card to be sent unless you are IRL with proof of ID

  • Do not facilitate private trades via DM, list on trusted platforms.

  • Do not click links from a discord, a twitter, etc. Most legit projects will not do a surprise drop



Comments

bottom of page