Posts

Stay frosty on security

avatar of @tarazkp
25
@tarazkp
·
·
0 views
·
3 min read

Tonight I saw that one account that I have followed for years recently lost control of their keys and have lost everything they have accumulated on Hive, which was a substantial amount. This started off a discussion in a chat about security and reminded me that I need to up my game in some areas also and get some of my assets off of exchanges, because "not your keys, not your crypto".

While I little bit less convenient, I have it set up to my MetaMask wallet for transaction confirmation, which means I use it every time I harvest DeFi. This gives me another layer of security on top of what is already in place. It is really easy to do in MetaMask, by just clicking on the profile, selecting "Connect hardware wallet" and choosing which address it will be bound to.

I will get onto moving assets over in the next days as it is getting late and tired people shouldn't move crypto. But in the meantime, I ordered another Trezor One. as I have been really happy with the one I got last year, even though I only started using it a couple months ago. Actually, I ordered three - it is weird that they come in packs of three also, but I am guessing that they are also becoming more necessary as prices rise and people are looking to decentralize their decentralized assets a little further. For me, since I use mine daily and it has buttons, I also want a clean backup, just in case the one I have fails, as it takes time for delivery.

I have Ledger Nano S as well, but it is quite unwieldy in the way that it handles storage, though some people prefer it. It is good to of course have different kinds of storage media, and I also use Exodus a little as well, but that has ERC 20 tokens on there, so to move them costs an arm and a leg - so they can wait there for a while. Using the BSC chain so much of late has made me realize how crappy Eth is at the moment for daily use.

The other thing I did tonight was revoke access to any apps I don't use. I went through https://peakd.com/ for this - account actions/ authorities.

You can also set up a recovery account in there, something that everyone should do, especially if their current recovery account is "Steem" - because that ain't gonna happen.

It takes 30 days to set a recovery account and you want to make sure it is one that you trust. I trust my own, so I created a cold account that will never have its keys online and I have a couple people I trust who have the keys to it, in the case of my own demise.

The reason I am writing this short post tonight is a reminder that key security is not to be taken lightly - It sucks to see people's financial hope pulled out from under them because of mistakes they made. A lot of people complain about the personal responsibility of storing keys - but it really is the only way to keep them safe currently that can be trusted - Though I think there will be better options available with added security later.

When transacting, be mindful, check addresses before connecting, don't click on random links and in Discord, no one offering you quick money or ROI in a random Discord is your friend. Whenever you need to use your keys, be very fucking careful. Use Keychain or Peakd Lock rather than constantly cutting and pasting keys in, because as soon as your key accidentally goes into a comment or a post, there are bots on the lookout for it, that will take it and immediately change your master keys. Often, like the account lost I mentioned, there is nothing that can be done.

A lot of people end up getting caught up in the moment of it all and in such a rush to earn, they fail to secure their wallet, fail to protect their keys, their home. Even after years of doing this, it is easy to become complacent and let security slide, but use the times that others get caught out as warnings - it really can happen to anyone, so learn about security and stay frosty.

Taraz [ Gen1: Hive ]

Posted Using LeoFinance Beta