Bitcoin makes moving money across the internet incredibly easy, but that ease comes with risks.
There are plenty of ways someone can take your money, track your spending, or violate your privacy.
Fortunately, there are also some straightforward measures you can take to safeguard your digital currency and keep your spending habits private. Here are our top five tips to protect your bitcoins:
1. Keep separate wallets
If the wallet you use for spending bitcoin also contains your entire bitcoin holdings, your savings will be vulnerable to various types of abuse.
There is no limit to the number of bitcoin addresses (or wallets) that one person may have.
Therefore, you could easily have an address for spending money, an address for savings and even an address for receiving payments.
2. Don’t keep your savings in a web wallet
Recently, there have been several cases of web wallets being hacked and subsequently emptied.
While web wallets are convenient, they should only be used like a checking/current account – as a place to store money you will be using in the near future. Thus, if you only keep a small amount of spending money in a wallet that gets hacked, your losses will be limited.
Remember, bitcoin does not work like a credit card. If you lose money fraudulently, that money is gone and there is nobody you can send a refund claim to. You can always contact the police, but it’s unlikely they’ll be able to get your bitcoins back.
3. Protect your privacy
Above anything else, remember – never share your private keys with anyone else. If your wallet address (ie your public key) is the equivalent of your bank account number, then your private wallet key is your PIN.
Thanks to taint analysis, it’s possible to work out which bitcoin wallets are likely to be owned by the same person because of their transaction history.
If you have a ‘spending’ wallet and a ‘savings’ wallet, regular transactions between the two will provide a pretty clear signal to hackers which one is the address of your savings wallet.
Illegal activities aside, there is a legitimate reason to obscure that relationship, as it could allow someone to investigate how many bitcoins you have, which is something that should remain private. Would you reveal all of your financial details to a stranger?
The best way to obscure the relationship between your wallets is to transfer funds between them via a mixing service.
4. Cold Storage
Even if you keep your bitcoins in a wallet stored on your computer, you’re still vulnerable to an attack. Bitcoin wallet applications save their data in a predictable location, thus they are particularly vulnerable to Trojan horse attacks.
Such attacks have been reported by bitcoin users. A common solution is to keep your wallet’s private key stored in an offline medium as an added layer of protection. This offline medium could simply be a QR code printed on a piece of paper or a plain text file stored on a USB key.
If you want to transfer bitcoins from an offline wallet to someone/somewhere else, you would first need to scan the QR code or enter the wallet’s private key manually into an application like Blockchain. Once the application has displayed the balance of your wallet, you will be able to transfer bitcoins to the wallet address of your choice.
As an added measure, you could encrypt your private keys so that if they were discovered, they’d be useless without your encryption password – just don’t forget your password!
While the other tips on this list have been about protecting your bitcoin fortune from other people, this one is all about protecting against yourself.
Assuming you are using a desktop client to store your bitcoin wallets, there should be an option to back up your wallet(s). Again, instructions will vary depending on your client.
By using such features, the public and private key to your wallet will be saved into a file. That’s all any bitcoin wallet needs to retrieve your balance, as the actual value attached to your bitcoin addresses are stored as data on the block chain, not on your wallet application.
Once you have a file containing your wallet keys, you can put this anywhere: flash drive, optical disk, portable hard drive, on paper, etc.
You can even store these files on a cloud-based backup system like Dropbox, which offers robust data reliability. However, given that no cloud system is 100% safe, it would be wise to encrypt such data before uploading, Truecrypt is one such tool that can encrypt your wallet files.
One more thing…
Another example of a secure cold storage wallet is something called a ‘brain wallet’. This is essentially a secret combination of words and numbers you carry around in your head. When you enter your passphrase into a site like brainwallet, it will unscramble it so you can obtain your private key.