Crypto Security Best Practices

An overview of some best practices to keep your funds safe no matter how you store them.

Introduction

Maintaining strong crypto security requires diligence across both custodial and non-custodial wallet storage methods. Below we will cover some good general practices to follow and then dive into aspects unique to both non-custodial and custodial platforms.

Feel free to jump ahead to the sections that are most relevant to you.

General practices like enabling 2FA where applicable, avoiding phishing scams, and securing your devices apply to all wallet types.

Non-custodial wallets require extra care with seed phrase management and backups, while custodial wallets require selecting a trusted provider and limiting risk exposure.

By knowing these general guidelines, you can reduce your risks and maintain better control of your crypto assets.

General Best Practices

Enable Two-Factor Authentication (2FA)

Always activate 2FA (authenticator apps or hardware keys) for added account security when supported. Application or hardware based 2FA is more secure than SMS (text message) 2FA.

Use Strong, Unique Passwords

Create complex passwords that are unique to your wallet or account. Store them securely in a password manager.

Beware of Phishing Scams

Double-check URLs and avoid clicking on suspicious links or downloading unverified software. Only interact with trusted wallet providers.
If in doubt, run a link or file through Virus Total before clicking or opening it.

Secure Your Devices

Keep your smartphone, computer, or hardware wallet updated with the latest security patches and antivirus software.

Avoid Public Wi-Fi Whenever Possible

If you must use public Wi-Fi, ensure you are connected through a reliable VPN to encrypt your connection.

Be Mindful of Social Engineering Attacks

Scammers may impersonate wallet providers or support staff. Never share sensitive details, especially your seed phrase or private keys.
When in doubt, contact the person or company through their official communication channels to verify authenticity.

Verify Transactions Carefully

Double-check wallet addresses and amounts before confirming any transaction, as blockchain transactions are irreversible.

Best Practices for Non-Custodial Wallets

Protect Your Seed Phrase

Write your seed phrase on paper (not stored digitally) and keep copies in separate, secure locations. Avoid taking pictures or saving it online. There are even options to store your seed phrase on steel plates.
- See also: What is a Seed Phrase?

Use Hardware Wallets for Long-Term Storage

For significant holdings, a hardware wallet provides the highest level of security by keeping private keys offline.
Multi-Sig setups are also an option in some cases, however, please contact us if you are using a Multi-Sig solution for your staking needs to ensure compatibility with the intended network.

Backups Are Critical

It is ideal to keep multiple copies of your seed phrase secured physically (i.e. never stored as a screenshot or digital file) and kept in geographically dispersed locations if possible.
If you're new to crypto, try creating a new empty wallet and restoring it to get a sense for how wallet recovery works via the wallet's seed phrase.

Separate Wallets for Different Uses

Depending on your use cases and unique situation, it can sometimes be strategic to use a hot wallet for daily transactions and a cold wallet (offline and/or a hardware wallet) for long-term storage.

Verify Wallet Authenticity

Download wallet software only from official sources to avoid malware or counterfeit apps.
This also applies to buying hardware wallets directly from the manufacturer. It is not advisable to purchase a used hardware wallet.

Best Practices for Custodial Wallets

Choose a Reputable Provider

Use custodial wallets or exchanges with a strong security track record, regulatory compliance, and robust features that fits your needs.

Monitor Account Activity

Regularly review login attempts and transaction history for any suspicious activity.
If applicable, consult with your custodial account manager to set up their own best security practices for your account.

Enable Withdrawal Whitelisting

Some custodial wallets let you whitelist addresses, ensuring funds can only be withdrawn to specific, trusted addresses.

Stay Updated on Platform Changes

Be aware of announcements from your custodial wallet provider about updates, security breaches, or policy changes.

Questions?

Feel free to reach out to our Support Team if you would like any clarification or if you encounter anyone or anything impersonating Chorus One.

Chorus One: Support

For direct support, please create a ticket on our support platform.

A link for a support request can also be found along the top of this webpage as well as many other Chorus One resources including OPUS Pool, The Chorus One SDK, and our Blog.

About Chorus One

Chorus One is one of the largest institutional staking providers globally, operating infrastructure for over 60 Proof-of-Stake (PoS) networks, including Ethereum, Cosmos, Solana, Avalanche, Near, and others.

Since 2018, we have been at the forefront of the PoS industry, offering easy-to-use, enterprise-grade staking solutions, conducting industry-leading research, and investing in innovative protocols through Chorus One Ventures.

As an ISO 27001 certified provider, Chorus One also offers slashing and double-signing insurance to its institutional clients. For more information, visit chorus.one or follow us on LinkedIn, X (formerly Twitter), and Telegram.

PreviousWhat is a Seed Phrase?NextWallets

Last updated 1 month ago

Was this helpful?