Security. How Hack Proof Are You?
Security is critical in all aspects of life. Think about how many data hacks have hit the news in the past year or two. Huge corporations losing sensitive consumer data far too regularly. Chances are that your details are out there somewhere for the unscrupulous to take advantage of, should they choose.
Security is particularly important in the crypto world due to its anonymity but also due to the inability to reverse transactions. If someone steals your bitcoin, the only way to get it back is for them to send it back to you. That's pretty unlikely under most circumstances. Think about that one more time... if someone takes your money, you cannot get it back.
The solution? Make yourself as hack proof as possible.
The Biggest Crypto Hack of all Time
Lets start with the biggest loser. The most famous crypto hack of all time was an exchange called Mt. Gox. This was a Japanese exchange which back in 2014 handled almost 70% of bitcoin transactions globally. Hackers found a way to breach its (pretty lax) security methodology and stole a total 650,000 bitcoins. That's HUGE.
At the time the stolen stash was worth around $450m, though at today's rate it would be closer to $8bn. Mt Gox had to file for bankruptcy, investors lost their money and no refunds were made. It almost killed the crypto market.
Modern Day Crypto Security
Quick lesson here. Cryptocurrencies can be stored in two ways. Online ("hot storage") or offline ("cold storage"). Online means your computer is connected to the internet and you can send coins back and forward. Offline means its disconnected / unplugged. The benefit of offline storage is that you can't be hacked remotely. Someone would have to physically steal your computer and hard drive in order to get your coins, they can't remotely hack in. They would also of course need your private keys.
Mt Gox did use cold storage, the problem is that they didn't do it very well.
Coinbase on the other hand do things very differently ( I always recommend Coinbase to newcomers to the space). They recently bought a custody company called Xapo. They store Bitcoin in vaults under Swiss mountains. These are old swiss military bunkers in undisclosed locations. Not only do they protect from theft, they also protect from nuclear explosions and electromagnetic attacks.
Things have clearly moved on from the Mt Gox days. Hopefully you feel a little more confident in the ability for exchanges to maintain security now?
In fact this confidence is critical for the future viability of the cryptocurrency space. Institutional investors, who are the potential big players, have a hard time trusting the custody and storage aspects of cryptocurrencies. You can't blame them given the Mt Gox incident. Hopefully however, these James Bond style Swiss vaults are a step closer to giving the confidence they need.
Back to You and Me...
We obviously won't be storing our coins in underground Swiss bunkers. We won't get that access. We can live safe in the knowledge that the Billionaires are safe, but what about us normal folk who use our phones and computers?
There's a couple of things we should all be doing, and this applies to all aspects of financially security, i.e. any account that gives access to financial information.
With so many data hacks globally, the chances are that your usual password, or some variation of it, is out there. If you use a similar password for everything, it won't be too hard for the wrong person to crack it. The solution is simple, use a password manager. These are systems that generate strong and unique passwords for every service you use.
I use Apple products (iPhone, iPad etc) and there is a password manager inbuilt. I use it. You likely have one inbuilt too. As always, do some research and find a product that suits your needs. Maybe its the one built in, maybe it's something else. However, I can't stress enough given the continuous global data hacks, that you use one of these tools.
Two Factor Authentication
You likely use this already on systems such as your banking app or for password recovery. It's a secondary method of authentication. You either receive a text message with a code or you use an app which generates a unique code. The idea is that as well entering a password, you also use the"code" to verify your identity and access the system, usually from your phone. This proves, to a higher level at least, that it's you. Many systems use this already and rightly so. If you are ever given the option of adding this security method, then do so. It might be a pain in the ass, but ultimately it's there to protect you. In the crypto space, it's essential.
So are we Hack Proof Now?
Sadly not. I don't want to end on a low but these tools are not rock solid. If someone really wants to hack your life, they can find a way. They can "sim swap" your phone and gain access to your credentials that way. They can threaten you or do multiple other things to gain access to your information. I guess that's why underground bunkers exist for the billionaires. However, these are unlikely scenarios for you and me.
Lets just start with the simple methods. Use a password manager, use two factor authentication, be sensible. Those few things will put you in the top 1% of the population in terms of security.