You wouldn’t leave the keys to your house lying around in a public place, complete with a full set of address and directions.
And you wouldn’t leave a purse full of gold sovereigns or box of precious stones knocking around unsecured at the beach, or even at home… You wouldn’t even have to get burgled, they might get lost, swept out with the trash or confused with something less valuable — so you’d never dream of treating such items so casually
But people seem to see data differently, to tangible assets and possessions. Whether you’re swapping your consumer spending patterns for some loyalty points worth a few cents, scribbling a password on a post-it note, or skimming through the small print of a file-sharing service, we don’t appear to pay similar levels of regard to digital assets.
Securing your Crypto assets
And when it comes to cryptocurrency, that’s a huge mistake.
Fortune.com reckon that between 3 and 4 million bitcoins are lost forever already, without including those in the hands of hackers or thieves — literally gone from circulation, due to lost data or devices.
Can lost private keys ever be recovered? There is only one way:
With most digital wallets for storage of cryptocurrency, the vital data to be secured consists of a backup phrase or recovery seed consisting of a series of words, in which both the order and the precise spelling are critical. You need to think about how you’re going to secure this, in addition to the physical wallet. This phrase is the ONLY thing which can be used to regenerate your wallet’s private key, if the wallet itself is lost.
Keeping this recovery phrase appropriately safe is a balance between a number of different factors, including the trade-off between YOUR access to it, vs those of a potential hacker or thief. It’s the basic security vs usability conflict bugging cybersecurity in general, especially because for trading you want your coins to be liquid and accessible in case you want to move fast.
And it’s also affected by the cost implications compared with the value of the asset being secured.
You might decide to leave coins on the exchange, or a cheap digital wallet solution, when you’re just starting out and your investment is small… But the exciting and terrifying thing about crypto is how that value can change. The British guy who tossed out an old hard drive with 7.500 Bitcoins on it did so because he’d seen it as valueless at the time — rather than the millions it’d currently be worth.
So if you’re in crypto for the long haul, here are some things to think about, when it comes to securing that passphrase, which is the key to recovering your wallet:
The medium matters
Firstly, in a world where we increasingly store data in the cloud rather than on physical drives, you need a total rethink when it comes to this key. Hard drives and USB sticks break or corrupt, ANY cloud provider can get hacked. The only safe place for your passphrase is completely offline — in the good old analogue world.
Many physical wallets ship with a piece of card, on which you are advised to write down your backup phrase. But this is something you may not test or review for many years, so give some thought to the pen you use — choose a permanent, archival-quality marker. And how can you protect the paper itself, not the world’s most durable material? At the very least, lamination or a plastic cover comes to mind.
But it’s interesting to reflect that much of what we learn from history of the past thousand years or so has come down to us in written form, paper and ink, one way or another… Whereas I don’t expect the laptop I am currently typing these words on to be much use to anyone within a decade or so.
Paper is vulnerable to various forms of destruction and degradation though, including fire and water, as well as theft, duplication or loss.
An appropriate safe or lockbox in your home is a start, but what if your house burns down? That might well be a circumstance in which you’d want to liquidate your crypto assets, so consider storing a copy of your phrase elsewhere.
Location, location, location…
A bank deposit box is a pretty safe option in most parts of the world, however they do have a cost to rent, and a possible delay in access. But it’s unlikely that both your house and the bank will burn down simultaneously, and as such it’s definitely worth considering.
You can create multiple copies of your passphrase, but be careful. NEVER create a digital image of it, like a screenshot or photo, for obvious reasons. Can you type it? Yes, in an offline word processor, rather than a cloud-based application (securely delete the file, once you have printed it. And remember inkjet printing is easily subject to fading and water damage).
Creating a copy of your phrase and lodging it with a trusted friend or family member is a sensible and cost-free way of keeping the back-up separate from the wallet itself in case of theft or disaster, and it also provides them with access in the event of your death or incapacitation. (Does your Will reference your wishes, in respect of your digital assets? It should). Of course you need to physically give this to them, rather than send it via any electronic form. And it then puts a responsibility on them, to store it safely for you, somewhere you can retrieve it at will.
Some wallets like the Trezor support advanced recovery phrase features, allowing you to add custom passphrases on top of the seed words you are given (which you cannot alter to make more memorable). You could also divide your phrase, storing half the words in one location or medium and the rest elsewhere. There are even mnemonic tricks you can use to memorise the sequence itself…
To my mind however all of these options introduce too much potential for human error, and undo some of the intrinsic safety of the random words themselves. I’d rather put effort and resource into securing the entire recovery phrase, somewhere safe and separate from my wallet, rather than try to get clever with keeping important stuff in my head.
Remember, even if you are HODLing for the long game, to maintain awareness of the value of your portfolio - so that you can review whether or not your current security arrangements are in line with what you could potentially lose.
The cryptocurrency ecosystem puts all the onus on YOU the owner, to store and use it safely… No regulator, insurer or financial institution is going to come to the rescue if you get hacked, robbed, or simply lose your key. So do what you have to do, to secure your assets. There are companies now offering steel engraving services to secure your recovery phrase against anything short of a volcano — which might seem like overkill now, but if your funds go to the moon next year then don’t rule it out.
We are sure to see other solutions emerging on the market as public adoption increases in pace, offering ever greater choices and possibilities for cryptocurrency owners to secure access to what they own. And that is just one aspect of why this world is so exciting and filled with potential.