Losing your money can be devastating. It is scary how often people lose accumulated coins on security mistakes.
In this article, you will learn all the ways how people lose their crypt on exchange wallets and how you can avoid unnecessary losses.
1. A weak password
A weak password is something that has one or more of these qualities:
- It can be guessed with common words or your special days
- It is short and can be brute-forced easily with password hacking tools
- It is used in many places. If one service has a leak, all your accounts are compromised.
This is why creating a strong unique password for every site you use is important. Using a randomized password with symbols and letters will be your best bet.
These generators can create passwords that take up to 43 QUINTILLION YEARS to brute-force.
2. Phishing attempts and scams
Phishing is a type of scam that tries to get access to your assets by you willingly giving your login details to the scammer.
A typical phishing attempt is receiving an email that is supposedly coming from the exchange. Once you click the login link on the email, you are directed to a website that looks exactly like the exchange.
The only difference is the URL address and once you give your login details, you are not actually logging in. When you log in to your exchange a few minutes later, you realize that you have just willingly given your login details to a scammer and they already withdrew your funds.
3. Email or device got compromised
In 2013, 3.1 million phones were stolen in the USA. It is more common than ever to always be logged in to your email with multiple computers and your mobile devices (and old phones in your house).
Nowadays many exchange withdrawals and password changes require you to accept the withdrawal on your email. This is why email security is more important than password security.
- How many devices are you logged in to your email? Where are the devices?
- How many times have you left your work computer or personal computer or phone on when others could have accessed your devices and your logged in email account?
- How many times have you lost your phone?
- Are your phone and computer storage encrypted so the data cannot be transferred to another device?
- Does your phone have a mere pincode or do you use a strong password?
Remember, it only takes one person with ill-intent to exploit your ignorance.
4. Not using a 2-Factor Authentication (2FA)
If your password does end up being breached 2FA acts as your second password. Most exchanges have an option to enable 2fa, you might see it under ‘Google Authenticator”.
Google Authenticator is an app that you install on your phone. Once you have set up the 2FA, you will see 6 random numbers that reset every 30 seconds. Every time you login to your exchange, you will have to open the app and type the 6 numbers before they change again.
This is a nightmare for people trying to hack into your account. Hackers only have a time frame of 30 seconds to guess 6 numbers in random order. After 30 seconds is up, they will have to guess 6 new random numbers. which makes it virtually impossible to get it right.
Make sure you enable all 2fa features and check emails regularly in case you get an email warning you someone has logged in. You can also check your account activities if you have any assumptions.
5. Phone with 2FA app is broken or stolen
A big problem with 2FA is the fact that people do not save the QR code they initially get from the exchange. It is easy to just add the Authenticator on their phone and click next. This is a major risk.
If something happens to your phone, you are not able to recover the 2FA generator!
You should either take a screenshot of the 2FA QR code and store the screenshot on a secure offline USB stick or print the QR code on a piece of paper and put it somewhere safe.
This way you are able to recover the 2FA generator even if your phone is lost. This is especially important in exchanges that you have not given your identity information.
6. The exchange itself gets compromised
Whenever you are using 3rd party service, you are exposing yourself to a 3rd party risk.
Take the legendary Mt. Gox case for example. It was one of the earlier crypto exchanges and in 2013 processed most of the world’s crypto trades. Many people trusted the website and stored their valuable Bitcoin on the exchange wallets for years.
But one day in February 2014 the site halted withdrawals and a few weeks later the site went down. Approximately 850,000 bitcoins belonging to customers and the company were missing and likely stolen.
7. Forgetting you have funds
It sounds silly but this is a real phenomena.
Imagine you had been a hodler for many years. The brain wants to forget about memories that have little emotional weight and that are not actively remembered.
A transfer of digital numbers years ago is not a highly emotional event which makes it easy to forget. Keeping a diary or a service like Lastpass can help you remember all the different services you have activated over the years.
Another sub-category of forgetting is not preparing for accidents and even death.
Is your husband, wife, and children aware of your holdings or how to access them in case something happens to you?
8. All eggs in one basket
All the reasons mentioned above indicate that it is better to store crypto on multiple exchanges and multiple accounts for trading purposes and store your holding funds on one or more external hardware wallets.
A hardware wallet is a cryptocurrency wallet that stores the user’s private keys (critical piece of information used to authorize outgoing transactions on the blockchain network) in a secure hardware device.
You can easily buy a hardware wallet from Ledger.com they offer the most secure and the best user experience. You can also join our hardware wallet giveaway in the upcoming weeks.
If you want to join our ledger giveaway join Collective telegram group and put your notification on.