Previous Story
Bitcoin Security: Keeping Your Coins in Your Wallet
Posted On 13 Oct 2014
Comment: 0
Bitcoin security is something the media loves to bring to everyone’s attention again and again, but not in a good light. There’s a lot of fear-mongering out there about this particular aspect of the currency. But why?
Irreversibility. It would be hard to claim Bitcoin was less secure than other methods of keeping your money – since it’s very clearly much more secure – but the claim that can be made successfully is that when something goes wrong with your Bitcoin security practices, the ramifications are absolutely devastating. When you become the victim of theft in traditional banking and payment methods – through identity theft or physical card theft – the companies you work with in those sectors provide ways for handling the problem. They insure you against fraud, and so you get three results:
1. Consumers less worried about fraud.
2. More fraud.
3. Higher charges for various services to compensate the service companies for fraud.
It’s almost perverse for me to claim that Bitcoin’s fraud being more devastating is an advantage for the ecosystem, but in some ways, it is. This is yet another way that – for the discerning and cautious user – Bitcoin creates financial advantages.
To move on: Various entities love to discuss how Bitcoin fraud is irreversible, and how “easy” it is for hackers to get into your wallet and steal your Bitcoins – after all, it’s just some files on your computer. Well… that’s not really true. Or, at least, if you’re a responsible owner, it isn’t. But let’s talk about how to be a responsible owner.
First, you MUST, absolutely MUST, know your own limits. Are you the tech-savvy member of your family? The one all your friends call for computer problems? The guy (or gal) who might get a programming joke if I tossed one into the column?
If so, you probably already know what to do. Create wallets offline, store them offline, encrypt them, use paper wallets with high entropy, write down your private keys on paper in two locations stored in locked boxes. Or some combination of those options.
This article is not really written for those people. This article is for everyone else. So, if you know your own limits, and you know you don’t want to mess around with something like this without being fully confident you won’t run into very serious problems, read on.
Back in 2009-2012, if you weren’t the tech-savvy person described above, you didn’t have many options for secure Bitcoin storage. Most people in that position would’ve used Blockchain.info, a reputable data and wallet provider. Blockchain.info would’ve been and still certainly is a good choice for the less tech-savvy among us. It has one very distinct advantage over the other options in this article.
Unlike the other options I will cover, they don’t control your private keys. This means that they can’t censor your payments, they can’t control your funds, and they don’t own your money. They just provide a simple and secure platform to allow you access to it. To the old-timers in the Bitcoin community, this is a big sticking point. Bitcoin’s promise was to put the owners of money back in complete control of it, and Blockchain.info fulfills that promise.
For security, Blockchain.info has us covered as well. When you sign up, you’re given strange login information – a cipher of letters and numbers – that Blockchain.info stores for you. You create a strong password, and set up two-factor authentication with your mobile phone. In order to get into your account, you need all three. The first two – the cipher and password – can be retrieved if you write down a word-based cipher that Blockchain provides you with. This is a long string of random words that works similar to security questions provided by other websites, except much more secure – how hard is it to find out the name of your first grade teacher, do you think? Even if this gets compromised, your account is still behind two-factor authentication. If you lose your mobile device, they have a manual process you can use to reset two-factor authentication. Sounds good? I agree. Blockchain is a secure and simple answer for your Bitcoin storage needs.
But it’s not the only option.
For users who aren’t worried about owning their private keys – a dangerous proposition in my view – Coinbase.com is a good recommendation. Each Coinbase account has two separate partitions, that can be thought of as a checking account and a savings account, if you’ll forgive the simplistic analogy. The main wallet is easy to access and use: you just need to login and use your two-factor authentication in order to send funds. The second partition – called the “vault” – is so secure as to be impenetrable. Good naming convention, don’t you think? The vault has a setting that you can configure that locks any funds in it from being sent anywhere without multiple confirmations on your end and a mandatory waiting period before the funds are fully sent. In the insane event that your phone is stolen, that the password on it is cracked (or that it wasn’t password-protected – shame on you!), your vault funds are still completely secure provided you can get in touch with Coinbase in the next few days.
Lastly, while it doesn’t come with additional security beyond two-factor authentication, Circle is another good option for storing funds with peace of mind. Distributing your funds between two or three of these options helps to not create a single point of failure, which is a valuable asset in-and-of-itself. Circle’s main appeals are simplicity and ease of use, so I’d recommend it more as a method for storing your spending cash, rather than your savings. Not to imply anything bad about Circle’s security, of course – it’s just that for right now, Coinbase and Blockchain do it better.
So there you have it: the simple guide to storing your Bitcoins securely. The answer? Use a system someone else built – they’re quite good at what they do.
