Best practices when handling a cryptocurrency wallet

Set-up

Managing crypto-wealth starts with setting up two wallets:

  • One hot wallet for daily expenses, that should not hold a huge chunk of your capital.
  • One cold wallet to store the rest of your crypto assets.

Hot wallets are the epicentre of wallet management system. They interact with both the outside world and offline storage. On the other hand, cold wallets should exclusively interact with hot wallets.

In personal finance, hot wallets are current accounts and cold wallets are savings accounts.

Cryptocurrency wallets should be utilised the same way than bank accounts:

  • Online wallet: cash purse
  • Hot wallet: current account
  • Cold wallet: savings account

Cryptography

A wallet can generate an unlimited amount of private key and public address combinations. However, a wallet (and its password) does not need to be generated for every pair.

Because the blockchain is transparent, one should avoid re-utilising a public address as its balance is available online.

It is important to generate new public addresses for every transaction; otherwise, the person you transact with will match the public address' balance with your identity.

Encryption

Setting up a wallet password is mandatory if you want to store your crypto safely. Be sure your password follows the undermentioned:

  • Length: minimum of 12 characters.
  • Unique: never been used before.
  • Random: no meaning and with all types of characters.

A good idea for extra security is to use Multiple Factor Authentication, it is an additional layer of protection for your account. There are three different authentication factors:  knowledgepossession and inherence.
With 2-FA you have to present two components of authentication to access your account.

In most cases, 2-FA will work with a smartphone: you can access your wallet (or any encrypted account) only after entering your password (knowledge) successfully and insert a code generated from a mobile app (possession).

WARNING! SMS-based 2-FA is not considered safe, use only certified applications.

Holding

It's best to avoid storing 100% of capital in one bank account, and the same applies with cryptocurrency.

You do not want to keep everything in one wallet or in one place

It’s best to set up several crypto transaction management systems where:

  • Cold wallets only interact with your own hot wallets.
  • Hot wallets are at the centre of your transaction management system.
  • Online wallets hold funds for a minimal amount of time.

Back-up

The security of a wallet is as good as the device that holds it. In other words, if the device is lost, corrupt or broken, there is no way out: funds are lost forever.

Backing up a wallet is a good idea to prevent any unnecessary loss. In many cases, access to private keys can be as easy as holding a pen drive in hand; henceforth threats also exist in the "physical world.

Multi-signature

Multi-sig addresses give the ability to share ownership over a cryptocurrency wallet between several users. Transactions require signatures from multiple private key holders, depending on how it has been set up.

It adds an extra layer of protection for cold storage.

Conclusion

Unsecured wallets are like cash lying in the open in the crypto-economy. To summarise, in order to build a "digital vault", one needs to:

  1. Set up a hot or cold wallet on a device
  2. Generate private and public keys, with or without a multi-signature
  3. Optionally, encrypt access to wallets and back-up private keys