Unbank yourself and flourish during retirement. Subscribe Here! >
You have a few options for storing your crypto after you purchase it. They range from completely secure to somewhat secure.
The thing to keep in mind is this phrase: “Not your keys, not your crypto.” If you don’t have complete control of your crypto, it can be at risk.
Of course, if you don’t maintain good security hygiene in your personal life (your computer, your phone, your email accounts, etc.), your crypto could be at risk even if you do control it.
See this article for information about crypto security (and personal digital security).
You receive crypto to a public address, which is usually dozens of characters long. A Bitcoin address looks something like this:
Whenever you want to receive Bitcoin to your wallet, you give the sender your public address. That sender could be another person, a rewards platform, or a crypto exchange.
You never, never give anyone your wallet’s private address. The private address is like the password you use to protect your email from prying eyes.
You don’t create the key though, so there’s no risk of using anything short and non-secure, like “1234” or your birth date.
The private key isn’t your only level of protection in a crypto wallet. Every reputable wallet provider will generate a set of 12 or 24 words, known as a seed phrase. This is the main line of defense that protects your wallet and everything inside it.
Always write down on paper the words in the seed phrase, in the order they’re provided to you. Then store that piece of paper some place safe (from fire, flood, etc.) and secure (so a thief or troublesome neighbor or family member won’t find it).
Why is all this necessary? If you ever forget your username/password combination for that wallet, you can use your seed phrase to restore access.
Many millions of dollars of crypto have been permanently lost because the wallet owners couldn’t remember how to log in to their wallets and didn’t save the seed phrase.
I mentioned that phrase earlier. You can now see why it makes sense. If you give away access to any of your private keys, your crypto essentially belongs to whoever you gave those keys to.
This is so important that I’m going to repeat what I wrote earlier:
There are various levels of security beyond keeping your private key and your seed phrase safe. I discuss them below, from most secure to least secure.
Cold wallets are small hardware (physical) devices that you don’t connect to the internet except to store crypto or to sell or swap some. The earliest types of these devices are basically elaborate USB devices with small displays.
There are some that use encrypted Bluetooth to connect to computers when access is required. Still others have both USB and Bluetooth connection options.
A wallet that’s not connected to the internet (what’s called air-gapped) is the safest from attack. If an online thief can’t even access the wallet, there’s no way he can steal anything. This disconnect from the internet is what makes it “cold.”
One advantage of a cold wallet is that it’s portable. You can take it with you wherever you go, including overseas.
And you can use it on any computer, although you may need to install some software on that computer.
You’ll want to use a VPN (virtual private network) whenever you connect to a public wifi service, even if it requires a password to access. It’s essential that you protect your wallet from those who want what you own.
When do you use a cold wallet? If you have some crypto that you plan to keep for the long term, store it on a cold wallet. If you plan to trade in and out of various crypto assets, you’ll need a hot wallet, which I discuss next.
Which cold wallet should you use? That’s up to you and your preferences. For example, the Ledger Nano X has a tiny screen, so it’s not good for anyone with vision problems.
The Keystone Pro is large enough to have a full-color touchscreen display. It’s less portable though, since you can’t stick it in your pocket and take it with you anywhere.
If you plan to stake some of your crypto to earn more, you’ll want the CoolWallet Pro.
If your vision isn’t what it used to be, or you don’t like fumbling around with small buttons, avoid the Ledger Nano X. Go with one of the larger devices.
This article discusses eight cold wallets. Don’t be intimidated by the technical jargon. Pick the one that will work best for your circumstances.
Hot wallets are software wallets. They reside on your computer, and have all the risks associated with your computer. So they’re a bit less secure than cold wallets.
Hot wallets are typically developed by the team that created the crypto coin or token that’s stored in the wallet. In other words, if you want to hold 10 different coins/tokens, you’ll need 10 different hot wallets.
There are some hot wallets, however, that let you store multiple crypto assets. An example is the Exodus wallet, which lets you store over 100 different coins and tokens and lets you swap between them, for a fee.
If you plan on staking your crypto to earn more, you’ll need to use each coin or token’s hot wallet.
For some, though, you could use the CoolWallet Pro, a cold wallet mentioned above. The Exodus wallet offers a small number of staking opportunities as well.
Or you could earn rewards on your crypto instead, although rewards are sometimes lower than what you’d earn by staking your crypto.
You’ll earn rewards on certain platforms, which I discuss below.
If you don’t have direct control of your crypto in cold or hot wallets, someone else controls it. That means there’s counter-party risk for you
This is the case with centralized exchanges and rewards platforms.
The least secure place to leave your crypto is on a centralized exchange, such as Binance, Bittrex, FTX, Coinbase, or, in Canada, NDAX.
Unfortunately, that’s the only place where you can easily trade in and out of your assets.
If you plan to be a crypto trader rather than a HODLer, you’ll need to keep assets on one or more exchanges. And since many exchanges have been hacked at least once, your crypto could be at risk.
However, most reputable exchanges will make good on any losses you incur if the exchange itself was hacked. They won’t make good on any losses that are a result of your own negligence.
Exchanges hold, receive and send crypto for you. They do this by creating a crypto wallet for each asset you own.
This is a custodial wallet, since the exchange has custody of your crypto.
Rewards platforms, such as BlockFi, also use custodial wallets.
These platforms allow you to earn interest on the crypto you store there. Since the platform controls your crypto, you have to trust that it’s doing everything it can to protect itself and your crypto from theft.
When shopping around for an exchange to use, or a rewards platform to earn interest on your crypto, look for answers to these questions:
At the minimum, it should offer two-factor authentication (2FA). If you’re not familiar with 2FA, read this article about crypto security.
Use this rule of thumb: If you don’t have a good feeling about a rewards platform, such as BlockFi, or an exchange, don’t use it.
Decentralized exchanges (DEXes) don’t take custody of your crypto. They use non-custodial crypto wallets.
So you have complete control over your crypto on DEXes.
Unfortunately, due to lower liquidity levels for various crypto trading pairs (e.g., Bitcoin/Ether), the price you pay for an asset may be higher than you’d pay on a centralized exchange.
So you’ll have to decide whether having complete control over your crypto is worth the additional cost.
The best way to keep your crypto safe is to combine the use of a crypto wallet (or wallets) with silence. If no one knows that you’re investing in crypto, no one can come after your assets.
It’s the same idea that holders of physical gold and silver use. Keep mum about your holdings for maximum security, and hide them in a safe place.
In the online crypto world, that means a cold wallet whenever possible, a hot wallet for certain needs, and either an exchange or a rewards platform if you plan to trade crypto or earn interest on your holdings.