Unbank yourself and flourish during retirement. Subscribe Here! >
You have a few options for storing your crypto after you purchase it. They range from completely secure to somewhat secure.
The thing to keep in mind is this phrase: “Not your keys, not your crypto.” If you don’t have complete control of your crypto, it can be at risk.
Of course, if you don’t maintain good security hygiene in your personal life (your computer, your phone, your email accounts, etc.), your crypto could be at risk even if you do control it.
See this article for information about crypto security (and personal digital security).
You receive crypto to a public address, which is usually dozens of characters long. A Bitcoin address looks something like this:
Whenever you want to receive Bitcoin to your wallet, you give the sender your public address. That sender could be another person, a rewards platform, or a crypto exchange.
You never, never give anyone your wallet’s private address. The private address is like the password you use to protect your email from prying eyes.
You don’t create the key though, so there’s no risk of using anything short and non-secure, like “1234” or your birth date.
If anyone or any crypto service or platform asks you for your private key, leave immediately. If you give out your private key, that person, service or platform will have access to every penny of crypto stored behind that private key.
It’s either a scam, or a phishing expedition. Don’t fall for it. No legitimate business or exchange will ever ask you for the private key to any crypto wallet.
The private key isn’t your only level of protection in a crypto wallet. Every reputable wallet provider will generate a set of 12 or 24 words, known as a seed phrase. This is the main line of defense that protects your wallet and everything inside it.
Always write down on paper the words in the seed phrase, in the order they’re provided to you. Then store that piece of paper some place safe (from fire, flood, etc.) and secure (so a thief or troublesome neighbor or family member won’t find it).
Important: Do not store the seed phrase on your computer. If anyone ever gains access to your computer, he’ll have access to all the crypto in your wallet.
And don’t store it in a bank safe deposit box. If there’s ever a “bank holiday” (a euphemism for shutting down temporarily and freezing funds), you may not be able to access your seed phrase when you need it.
Why is all this necessary? If you ever forget your username/password combination for that wallet, you can use your seed phrase to restore access.
Many millions of dollars of crypto have been permanently lost because the wallet owners couldn’t remember how to log in to their wallets and didn’t save the seed phrase.
I mentioned that phrase earlier. You can now see why it makes sense. If you give away access to any of your private keys, your crypto essentially belongs to whoever you gave those keys to.
This is so important that I’m going to repeat what I wrote earlier:
Never, never give anyone your wallet’s private address.
There are various levels of security beyond keeping your private key and your seed phrase safe. I discuss them below, from most secure to least secure.
Cold wallets are small hardware (physical) devices that you don’t connect to the internet except to store crypto or to sell or swap some. The earliest types of these devices are basically elaborate USB devices with small displays.
There are some that use encrypted Bluetooth to connect to computers when access is required. Still others have both USB and Bluetooth connection options.
A wallet that’s not connected to the internet (what’s called air-gapped) is the safest from attack. If an online thief can’t even access the wallet, there’s no way he can steal anything. This disconnect from the internet is what makes it “cold.”
You may also hear or read the term cold storage. It’s synonymous with a cold wallet.
One advantage of a cold wallet is that it’s portable. You can take it with you wherever you go, including overseas.
And you can use it on any computer, although you may need to install some software on that computer.
You’ll want to use a VPN (virtual private network) whenever you connect to a public wifi service, even if it requires a password to access. It’s essential that you protect your wallet from those who want what you own.
Warning: Purchase your cold wallet from the device’s vendor. Never buy one from Amazon or a third-party seller.
It’s possible that the seller has a copy of the 12- or 24-word seed phrase, which means he will have access to the crypto stored on your device whenever you plug it into your computer.
When do you use a cold wallet? If you have some crypto that you plan to keep for the long term, store it on a cold wallet. If you plan to trade in and out of various crypto assets, you’ll need a hot wallet, which I discuss next.
Which cold wallet should you use? That’s up to you and your preferences. For example, the Ledger Nano X has a tiny screen, so it’s not good for anyone with vision problems.
The Keystone Pro is large enough to have a full-color touchscreen display. It’s less portable though, since you can’t stick it in your pocket and take it with you anywhere.
If you plan to stake some of your crypto to earn more, you’ll want the CoolWallet Pro.
If your vision isn’t what it used to be, or you don’t like fumbling around with small buttons, avoid the Ledger Nano X. Go with one of the larger devices.
This article discusses eight cold wallets. Don’t be intimidated by the technical jargon. Pick the one that will work best for your circumstances.
Hot wallets are software wallets. They reside on your computer, and have all the risks associated with your computer. So they’re a bit less secure than cold wallets.
One way to keep hot wallets more secure is by using a second computer. Never connect this second one to the internet except when you want to move crypto into or out of a wallet.
Want to make it even more secure? Never turn on this computer unless you need to move crypto. Then shut it down again.
Hot wallets are typically developed by the team that created the crypto coin or token that’s stored in the wallet. In other words, if you want to hold 10 different coins/tokens, you’ll need 10 different hot wallets.
There are some hot wallets, however, that let you store multiple crypto assets. An example is the Exodus wallet, which lets you store over 100 different coins and tokens and lets you swap between them, for a fee.
If you plan on staking your crypto to earn more, you’ll need to use each coin or token’s hot wallet.
For some, though, you could use the CoolWallet Pro, a cold wallet mentioned above. The Exodus wallet offers a small number of staking opportunities as well.
Or you could earn rewards on your crypto instead, although rewards are sometimes lower than what you’d earn by staking your crypto.
You’ll earn rewards on certain platforms, which I discuss below.
If you don’t have direct control of your crypto in cold or hot wallets, someone else controls it. That means there’s counter-party risk for you
This is the case with centralized exchanges and rewards platforms.
The least secure place to leave your crypto is on a centralized exchange, such as Binance, Bittrex, FTX, Coinbase, or, in Canada, NDAX.
Unfortunately, that’s the only place where you can easily trade in and out of your assets.
If you plan to be a crypto trader rather than a HODLer, you’ll need to keep assets on one or more exchanges. And since many exchanges have been hacked at least once, your crypto could be at risk.
However, most reputable exchanges will make good on any losses you incur if the exchange itself was hacked. They won’t make good on any losses that are a result of your own negligence.
That includes not paying sufficient attention to what you’re doing. For example, if you send Bitcoin to a Litecoin address, your Bitcoin will be lost forever, and that’s on you, not the exchange.
So don’t trade crypto when you’re tired or not feeling 100%. It could end up costing you big time!
Exchanges hold, receive and send crypto for you. They do this by creating a crypto wallet for each asset you own.
This is a custodial wallet, since the exchange has custody of your crypto.
Rewards platforms, such as BlockFi, also use custodial wallets.
These platforms allow you to earn interest on the crypto you store there. Since the platform controls your crypto, you have to trust that it’s doing everything it can to protect itself and your crypto from theft.
When shopping around for an exchange to use, or a rewards platform to earn interest on your crypto, look for answers to these questions:
At the minimum, it should offer two-factor authentication (2FA). If you’re not familiar with 2FA, read this article about crypto security.
The exchange or platform can have top-notch security tools and options. But if the third-party tools it uses don’t have the same level of security, you could be at risk.
Use this rule of thumb: If you don’t have a good feeling about a rewards platform, such as BlockFi, or an exchange, don’t use it.
Decentralized exchanges (DEXes) don’t take custody of your crypto. They use non-custodial crypto wallets.
So you have complete control over your crypto on DEXes.
Unfortunately, due to lower liquidity levels for various crypto trading pairs (e.g., Bitcoin/Ether), the price you pay for an asset may be higher than you’d pay on a centralized exchange.
So you’ll have to decide whether having complete control over your crypto is worth the additional cost.
The best way to keep your crypto safe is to combine the use of a crypto wallet (or wallets) with silence. If no one knows that you’re investing in crypto, no one can come after your assets.
It’s the same idea that holders of physical gold and silver use. Keep mum about your holdings for maximum security, and hide them in a safe place.
In the online crypto world, that means a cold wallet whenever possible, a hot wallet for certain needs, and either an exchange or a rewards platform if you plan to trade crypto or earn interest on your holdings.