1) Choose a credible trader
Read about the trader before you deposit your money – you do not want your money with a trader like GBL exchange and Bitcoin signals.
See our list of traders that we consider to be safe.
2) Enable 2-step authentication
If your dealer supports two-step authentication, we recommend that you enable it. With 2-step authentication, an attacker who has come across your password cannot enter without access to a secondary device, such as your mobile phone.
3) Store your bitcoins in your own wallet (wallet)
Even if you trust a trader not to take your money and withdraw, you should not trust that your bitcoins are safe with them. When inputs.io was hacked, it was through so-called social engineering that the hacker cheated data from the hosting provider and thus gained access to the server.
Since we cannot know in detail how security is managed on an online wallet, we recommend using your own, local wallet. This in combination with our other safety advice, of course.
4) Choose secure password
You already know this, but it doesn’t hurt to repeat it. Always choose a secure password! At the merchant, on your email and last but not least on your wallet – they should all have strong passwords.
A password that only contains words found in dictionaries is not secure.
spiderpigspiderpigis therefore no further password, sa3F[_1vc+A is better.
We recommend passwords with 15 characters or more.
5) Back up your wallet to a safe place
Your wallet is stored in a file on your hard drive, usually called the file wallet. datbut it differs between software. For example, the wallet Electrum names the file to electrum.dat.
Examples of secure locations where you can store your backup are a bank vault or an encrypted hard drive (which is preferably not connected to the internet).
Do you want to keep your backup online? Then do it on a service that you can protect with 2-step authentication, such as Gmail or Google Drive, and choose a secure password.
Things to know about bitcoin
Transactions and addresses are public
When a transaction occurs, it is posted in a general ledger, the so-called blockchain. The general ledger is public which means that addresses and transactions are also public. That is, anyone can see what transactions have ever taken place, as well as see the balance at all addresses. If you want to be anonymous you should only use one address once.
Keys mean everything
Bitcoin uses so-called public key infrastructure (pki). This is a topic in itself so we won’t go into detail here. In short you can say that in pki you encrypt with a public key (non-secret) and decrypt with a private key (secret). Anyone can encrypt, but only those who know the private key can decrypt.
Each bitcoin address is associated with a private key 1. Your first address and key pairs are automatically generated when you create a new wallet and new pairs are created as addresses are consumed. It is important to understand that anyone who knows the key to an address can spend their money. When we write that you back up your wallet, you actually make a copy of the keys and addresses that one’s wallet has created for one. So it is not bitcoins per se that you back up when you make a copy on wallets.dat, but rather the keys needed to access them. If someone else comes over the keys in your wallet, then they can steal your bitcoins.
You can recreate a wallet from a seed
Some wallets can be recreated from a so-called seed, a text string generated by the wallet. This means, for example, that if your hard drive breaks down and you have your seed left, you can still recreate your entire wallet. You can easily print a seed on a piece of paper or memorize (well, easier to memorize than wallet.dat anyway). This feature is supported by, among others, Electrum. Of course, it is important to keep your seed in a safe place. If someone gets a hold of the seed, they can recreate your wallet without your password.