It is crucial that you keep every bit of information about your cryptocurrency investment safe and private/confidential. This means you need to keep secret all usernames, email addresses, passwords and wallet addresses/keys (we’ll talk about wallets later). The cryptocurrency markets are not as regulated and protected like the sharemarket, so we as individuals must take more responsibility for our investment. For starters, hackers can access your computer to get your logins and passwords. So you need make sure your cryptocurrency info is stored as tight as possible. Here are a few recommendations before getting started:
1) Create a completely new email account which is completely unrelated to your personal one and is dedicated solely to crypto investing. Gmail is probably best as it allows 2-Factor Authentication (see point 4).
2) When making passwords, they need to be intense. ‘Chris 1234’ isn’t going to cut it. I would suggest using a password manager such as Keepass. There you can create a database, with a super strong easy to remember password for yourself. When thinking of a password, try make 10 random words that you will remember with 1 or more non-letter characters and 1 or more numbers. For example:
You need to create a password like this, then practice remembering it over and over again until you can remember it as easy as your first name. This password will unlock your password manager database. Inside your database you can create passwords for all your crypto accounts. There is a random password generator. Ideally set the password length to a minimum of 30 when creating the random generated password, with random characters and numbers as well.
3) You will need a different password for each different website (eg. email, exchange, wallet), so store your password manager database somewhere secure with a backup. As long as no-one can crack your first password your database file remains secure. The reason we make different passes for each, is so that if someone compromises your password they can only access one site.If you have significant holdings of crypto, you may wish to discuss with a significant trusted other how they can access your account, because if you become incapacitated, your passwords are lost forever and are completely unrecoverable. This is why you must absolutely memorise your database password like your life depends on it, before adding any passwords inside of it.
4) Where available, always use Google 2-Factor Authentication (2FA). This is an app on your phone which provides you with a random code which changes all the time and is individual to your device, so when you go to log in to one of the websites you have to enter the code also. You can turn this on when registering for the websites. When you turn on 2FA the site will give you a backup phrase for if you lose your phone. Ensure you copy this into your password manager database in case you do lose your device. Furthermore, if you upgrade or change phones, make sure you deactivate 2FA on every account, then reactivate on new device, or your 2FA wont come across. I see a lot of people make this mistake. Some exchanges can help you out here, but it’s slow and not guaranteed you will get access back.
All of this might sound like complete paranoia, but if your portfolio one day ends up being worth a million dollars you’ll want that money to be on lockdown.