Jason C


Bitcoin

Securing Your Wallet

2017-09-17

Introduction

There are many use cases for wallets and some desire higher levels of security than others. Like many real world scenarios, there is a wide range of security options. For simplicity, I group wallets into three buckets - ranging from low to high security - daily, hot, and cold. These represent standard use cases and doesn't mean there aren't higher security models, e.g. those a company or bank would use.

Daily Wallets

On the low end of the spectrum I group together "daily" wallets. These are wallets which are easily accessible for every day transactions. This might include a wallet on your personal computer, your phone, or even currency on exchanges. These can be thought of similar to cash you carry in your physical wallet.

For Bitcoin Cash the wallet Electron Cash (www.electroncash.org) works well. It was forked from Electrum (electrum.org) which was created for Bitcoin. These can be installed on Windows, Mac, or Linux. There are also many other software wallets.

For mobile devices the best app I've found is the Bitcoin Wallet By Bitcoin.com (iphone, android). There is also a video tutorial.

Hot Wallets

Most of your money you won't move on a daily basis, but you still might want to access some of it regularly in what I group together as "hot" wallets. These are wallets which carry more money than daily wallets but are kept more securely. They are used a couple times a week or less, usually to interact with daily wallets. These should have some form of multi-factor authentication (MFA). These can be thought of similar to a checking account.

There are two methods of security that I would recommend when dealing with hot wallets. The first method is to use a virtual machine (VM). This creates a clean environment that is less likely to be accessed by viruses and is easier to destroy all traces of. To learn about how to setup a virtual machine see Using Virtual Machines.

The second method is to use a multi-signature wallet. This is a wallet which requires multiple keys to spend. If keys are stored in separate locations it is significantly less likely for an attacker to get access to all of them. To learn about how to setup a multi-signature wallet see Using Multi-Signature Wallets.

Cold Wallets

And lastly, there are "cold" wallets. These are wallets which are the most secure and accessed the least, usually with larger amounts of money. These are used a few times a month or less. These can be thought of similar to a savings account. Cold wallets should include MFA like hot wallets, except with more keys for additional security.

A good method to use for further securing cold wallets is to make them offline wallets. This means the wallet is used in an environment that is not connected to the internet and is immediately destroyed. So even if there was an attack, the keys would need to transfer through the device used to save the transactions or your computer's hardware. This would likely require an extremely sophisticated attack. To learn about how to setup an offline wallet see Using Offline Wallets.

Conclusion

There is no such thing as perfect security. Some may think this isn't good enough, and for some use cases that is definitely true. Others may think this is overkill and are happy without jumping through as many security hoops. Ultimately each user needs to decide what is best for their situation. This article tries to give guidance for a reasonable level of security for the average user. I am not a security expert so I suggest doing your research to make sure you get the solution that makes sense for you.

Return to top or back to Bitcoin.