Proudly sponsored by

Why leaving your bitcoin on an exchange is like leaving cash under your mattress

If you’re starting your journey into cryptos, take some time to understand the security options.
The seed phrase is the most important element in bitcoin security. Image: Akos Stiller, Bloomberg

Leaving your bitcoin on an exchange is like placing cash under your mattress.

With traditional finance, the bank secures your cash balance and you have recourse to the bank if something goes missing. When it comes to stock or bond portfolios, your investment broker takes care of the custody issues.

Bitcoin has none of these regulated role-players with their respective oversight bodies. In finance, these custodians are established to keep our money safe – and mostly do just that.

Custody is one of the topics we often neglect when starting on our crypto journeys.

Bad habits creep in by increments …

What starts out as an investment of a few hundred or a few thousand rand does not warrant paying undue attention to security. Then the crypto portfolio grows, and grows a bit more, and too often we become aware of security issues far too late.

The risks of poor security only become apparent after disaster strikes.

It is estimated that up to 3.7 million bitcoin (around R3.4 trillion) are already lost due to poor knowledge (or implementation) of security issues.

Read:

There are different levels of security and increasing costs involved as you dig deeper. Feasible options to cover the needs of most use cases are presented below.

Getting started: custodial wallets

A bitcoin exchange account, or bitcoin held by a broker, is one solution. This is called a custodial wallet. This leaves our bitcoin in the complete control of the trusted person or company.

The greatest risk here is that you have very little recourse should the exchange close down or the executives simply disappear.

Each year there are multiple exchanges around the world that close, leaving their clients nursing painful losses. And that’s not counting the multiple scams feasting off what is an unregulated market.

With the current lack of regulations, this is the worst form of custody, since you have forfeited control of your bitcoin.

Entry-level self-custody

Self-custody is where you take full custody of your bitcoin using one of the commonly-used and freely available digital wallets, such as BlueWallet, MetaMask or Exodus.

This is where you need to understand a few crucial security points. These wallets require a 12- to 24-word ‘seed phrase’ that allows you to unlock the private security key to the wallet.

This is the equivalent of your password to a bank account.

The seed phrase allows you to restore your wallet should you lose your login details or cell phone. It is the most important element in bitcoin security and anyone with access to this seed phrase can empty your wallet at any time.

Without a seed phrase, you don’t have custody of your bitcoin.

The seed phrase should be securely stored offline where nobody can access it. Best practice is to write it down and store it somewhere safe. Never store it digitally or enter it into a computer, file or phone. Taking a photo of it puts the whole wallet at risk and transferring it to a printer could allow a hacker to recover the phrase and steal the balance. Many users of software wallets have been tricked into giving up their seed phrases by people ‘helping’ them to perform simple functions in their accounts or sending the seed phrase away in a screenshot or email.

Once you download and set up the self-custody wallet (like BlueWallet, MetaMask, Exodus and many others), an address is generated for receiving bitcoin and you are now able to move your bitcoin off the exchange you bought it on to your very own wallet.

Hardware wallets

If you’re storing a larger amount of crypto – say a month or two worth of income – then a hardware wallet is the next step to take for secure self-custody. The hardware wallet locked in a safe is a good system to build a long-term investment portfolio with limited risk.

Hardware wallets also require a seed phrase which, as explained above, is best written down on paper and safely stored somewhere, not on a computer or electronic file of any kind that can be hacked and also not with your hardware wallet.

Most hardware wallets are not connected to the internet and in some cases operate with a battery pack, mitigating the ‘online’ risks of a software wallet.

The downside of hardware wallets is the initial cost of the device and the need to save a seed phrase entirely removed from any form of electronic device. If a wallet is stolen without its access password, or lost, your bitcoin is safe.

As long as you retain the seed phrase you can always recover your bitcoin balance, with or without the physical wallet.

Hardware wallet 2.0

A more recent development that is available on most hardware wallets is the ability to create a 25th word ‘passphrase’. This gives you an additional layer of security on top of the 24-word seed phrase, but allows you to create hidden additional wallets secured by a specific (strong) password.

The challenge is to ensure that you secure the seed phrase and the passphrase separately.

However, be warned: if the passphrase is lost, the additional wallet will not be recoverable.

This level of security must be implemented with care and with some planning to ensure your estate can find these in the event of you passing away. An advantage of the passphrase option is that the single-word passphrase can be stored online as it is completely useless without the 24-word seed phrase or hardware wallet.

Multi-signature hardware wallets

The ultimate long-term bitcoin security setup is fairly technical, but is well suited to corporate structures and legacy planning or shared and managed custody. This is the multi-signature (multisig) hardware wallet and is accomplished by combining multiple hardware wallets using specialist software. When using wallets from different manufacturers, this method eliminates the ‘single point of failure’ risk. Even if one wallet seed phrase is compromised, the new ‘multisig wallet’ will not be at risk.

Don’t split up your seed phrase words

Whatever option you select to keep your bitcoin safe, it is never advisable to transmit or pass on your seed phrase.

Splitting up seed phrases into multiple locations actually creates additional risk should multiple parts go missing – and reduces the security of the phrase exponentially if even one third is lost. Which means it is also important to ensure that you check at regular intervals that these parts have not been compromised.

A hardware wallet with a passphrase or a multisig solution is a better way to reduce single points of failure in your bitcoin wallet backups. Such solutions also allow you to plan an effective way to pass your bitcoin on to your estate.

James Caw is a director at Simple Bitcoin.

CRYPTO VIDEOS

COMMENTS   7

Sort by:
  • Oldest first
  • Newest first
  • Top voted

You must be signed in and an Insider Gold subscriber to comment.

SUBSCRIBE NOW SIGN IN

My money is safer under my mattress than in a SA bank or an investment firm. The way this govt is hellbent on destroying everything keeping my money offshore by ANY means is the smart thing to do.

“As long as you retain the seed phrase you can always recover your bitcoin balance, with or without the physical wallet.”
Can someone explain this to me? I am not very literate when it comes to these things

Hi Joely, great question.

So the seed phrase represents the “private key” which is what really secures your bitocin.
The hardware wallet holds the private key on a physical device so they the computer can’t see the private key.

The seed phrase allows you to restore the private key onto a new hardware wallet or into a software wallet to recover your Bitocin if you lose the original hardware wallet

Still laughing!

And they said Bitcoin is better than cash, hahaha, no

It’s Absolutely true that CYBER CRIMINALS went on an INTERNET CRIME SPREE just like the FBI said, I happened to be a victim of one of these INTERNET CRIME, I lost approximately 625,THOUSAND USD worth of BITCOIN to a BÍŤČÕÍÑ INVESTMENT SCAM, luckily for me i was able to ŘËĆÖVËŘ my lost BÍŤČÕÍÑ thanks to the professional i hired.
If you ever happen to fall victim of any crypto scam, you can ŘËĆÖVËŘ your ŠŤÕĹËÑ, LOST, HACKED OR ŠČÄMMËD BÍŤČÕÍÑ by visiting FÅSTŘËČÕVËŘÝ02 HÃŤ (G), (M), ail ČÕMË.. . As a GUARANTY THAT HE GETS THE JOB DONE, HE DOES NOT CHARGE A PENNY UNTIL AFTER THE JOB IS DONE.

Please this is a notice to all traders to be careful while trading and investing, thankfully i got my money back but before i completely lost thanks to diligent help from secure2invest. com, they really did a great deal to help out, i cannot be more grateful for their work , their WhatsApp: +14253121045

End of comments.

LATEST CURRENCIES  

USD / ZAR
GBP / ZAR
EUR / ZAR
BTC / USD

Podcasts

INSIDER SUBSCRIPTION APP VIDEOS RADIO / LISTEN LIVE SHOP OFFERS WEBINARS NEWSLETTERS TRENDING

Follow us:

Search Articles:
Click a Company: