If you spend more on coffee than on IT security, you will be hacked.– Richard Clarke
I
Private key
Always maintain control of your private keys and avoid sharing them. Private keys should always be stored offline.
II
Hush!
Avoid informing an online audience or public forum over any intent or effort to produce cryptocurrencies as this may attract the attention of hackers interested in cryptocurrency asset.
III
Hardware wallets
Hardware wallets are an important backup to your cryptocurrency reserves. Such backups should be created as a default practice so as not to rely on the usage of digital assets that are inherently vulnerable over the net. In addition, it’s best practice to keep an offsite hardware copy outside of your personal or business addresses.
IV
Multiple wallets
Cryptocurrency is best spread among multiple wallets, reducing chances of total loss or theft. Further, a separation between hot and cold wallets should be maintained when operating a cryptocurrency business.
V
Backups
All sensitive data should be encrypted and backed up including wallets, passwords, and personal information.
VI
Two-factor authentication
Two-factor authentication is critical to protecting the transfer of cryptocurrency.
VII
Wallet protection
Wallets and passwords/passes should never be stored in the same virtual file location or store. Wallets should always be password protected and backed up
VIII
Mobiles
Mobile phones should not be used to hold cryptocurrency for the sole fact they can be lost or stolen more easily than hacked.
IX
Antivirus
Free antivirus softwares are not sufficient security.
X
Dedicated machinery
Cryptocurrency activity should be performed on a separate, dedicated machine that is not used for daily browsing, Adobe Flash usage, and or general open internet activities.
XI
Web wallet hosting
Avoid the use of web wallets and those hosted by a third-party.
XII
Multi-signature verification
Use multi-signature verification when available.
XIII
Linux OS
Although not required, it is best practice to use Linux-based operating systems (OS) to transfer cryptocurrency through USB.
XIV
Type 2 Deterministic Wallet
The use of Type 2 Deterministic Wallet can be useful as seed backups can be found on the server in case of loss or corruption. Fragmented backups are perfect for saving seed and dispersing to increase security.
XV
Unique addresses
The same wallet addresses associated with a purchase should not be used twice.
XVI
HSM
Hardware Security Modules (HSM) are a recommended to protecting physical breaches.
XVII
Plan for the unexpected
Always leave a plan for family member or legally authorized person to access your assets in the event of legal incarceration or death.