Bitcoin Q&A: How do I secure my bitcoin?


Simple rule: if you control the keys, it’s your bitcoin. If you don’t control the keys, it’s not your bitcoin. Your keys? Your bitcoin. Not your keys? Not your bitcoin. Your keys? Your bitcoin. Not your keys? Not your bitcoin. Here’s the problem: a lot of people have no idea how to even start to decide if they actually control the keys. So let me ask you a question… How many of you control your bitcoin with your own control over your keys? I’m counting myself here. Very good… How many people do not control their bitcoin… but have it in an online account? Or somebody else is controlling the bitcoin? Don’t be shy! It’s okay, we all started there. Okay… More importantly, how many people have no idea how to answer that question? You don’t know if you control it, right? Okay, so let me give you some advice. If you are running a wallet where, each time you do a transaction, it generates a new address, … but when you started using that wallet, it told you something like “Write down these twelve words…” or “these twenty-four words, and keep them as a backup.” Those words? They generate all your keys. The reason you have to write them as a backup is because you are controlling those keys. If you lose those words, you lose the keys & the bitcoin. With great power comes great responsibility. If you have a wallet in which you were asked to write down the backup, you control the keys. If you didn’t write down the backup, when you go home tonight would be a good time to open the settings, go to “Backup,” and write down those damn twelve words before you lose your phone… or drop it in the toilet because you were trying to text while in the bathroom. We all do it… You dropped it in the toilet and your bitcoin disappeared because your phone blew up, and then what? You call the “Bitcoin help desk”? There is no “Bitcoin help desk.” You go on Reddit and [say], “I lost my keys! Please, can someone help me?” And what are people going to say? Did you write down the twelve words? You didn’t? Sorry for your loss… All right… How do you know how to do a backup? How to control your own [keys]? A lot of people don’t know how to start, so I’m going to give you a very quick, little tutorial on how to control your own keys. Okay? First of all, what is the most secure device you own? Not your laptop! Definitely not your laptop. How many here have Windows? My sincere condolences… You don’t own your Windows machines. Your Windows machines are owned by a combination of viruses and trojans, that are controlled by Russian and Chinese hackers somewhere else in the world. They’re not really your machines. They just let you use them occasionally. Do not put bitcoin on those devices. That’s like making a donation to hackers. They have software actively looking for Bitcoin software; when they find it, they take it. Or they put a key logger… wait for you to do a transaction, enter your password, and then they take it. The most secure device you own is your smartphone. Android, iOS? It’s the most secure device you own. Operating systems on smartphones are far more secure than laptops and desktops, especially Windows. Your smartphone is probably the best place to run a wallet. if you have a lot of money invested in cryptocurrencies, or own a lot of bitcoin… The word “a lot” means different things to different people, but if you feel like it’s “a lot”… If right now I told you your bitcoin has just been stolen, do you [say], “Eh… I’ll get some more”? Or do you start crying? Or do you have to have a very difficult conversation with your parents and your spouse about why your kids won’t be going to college? Those are the variations in the word “a lot” of [cryptocurrency], right? If you have a lot of [cryptocurrency], more than what you would be upset to lose, you should buy a hardware wallet. A hardware wallet is a USB device. I can recommend a couple of those: Ledger, Trezor. Those are really good. *BitcoinTrezor.com (now Trezor.io), LedgerWallet.com, KeepKey… there’s a bunch of others. They’re a bit difficult to buy right now, because apparently about a million people noticed that the bitcoin price went up, decided to finally join this thing, then went out and tried to buy a hardware wallet, so they’re out of stock. That’s a good problem to have. A hardware wallet is a little USB device which keeps your bitcoin keys on a highly secure, special purpose device. Even if your computer is absolutely full of viruses and hackers, you can use that device securely because everything happens on the device, and the device itself can’t be attacked over USB. Or it’s almost impossible. So, buy a hardware wallet. If you can’t buy a hardware wallet, download software onto your smartphone. If you have iOS, I could recommend Breadwallet, Mycelium, Copay, or Airbitz. If you have an Android [phone]: Mycelium, Copay, or Airbitz. I don’t work for any of these companies, and I haven’t taken money from any of these companies. They are just ones that I’ve used; they’ve been around for a while, I trust them to be much better than whatever else you are doing right now. Download those wallets, install them on your smartphone, and then when it tells you to make a backup of your twelve to twenty-four English words — don’t get smart, don’t get fancy. Don’t say, “Well, I’ll write three of the words here…” “… and then I’ll take the other three words, reverse them, put them in my phone book, hide them in my library….” “…give them to my cousin-” Don’t get fancy! Paper, pencil. Write down the 12-24 words. The chances that someone is going to get hold of that and know what it is? Pretty slim. Put it in a drawer, lock it. Put it in the safe, lock it. Then you can use your phone. If you lose your phone, you have the words. If you lose the words, you have your phone. Both are equivalent. Any time you want, restore from those words. All of your transactions, all of your money, you get back. Now you control your cryptocurrency. These wallets, many of them- Jaxx is another one, if you have multiple currencies and not just bitcoin. If you have ether, Dash, Monero, Zcash, LTC, whatever. Jaxx. J-A-X-X. Exodus? Exodus? Never heard of it. I don’t know if it’s- That doesn’t mean it’s not good. I’m just saying I haven’t personally heard about it. Okay… Download one of those wallets. Write down the phrases, pencil on paper, right? If our civilization ended tomorrow, in one month… two months, all of the CDs, DVDs, hard drives, USB drives, would be dust. Okay, maybe not three months. But three thousand years? Dust. We’re still finding paper from the Egyptians! Paper lasts, yes? Paper. Don’t put it on a USB drive. Paper. Simple, acid-free paper will last for hundreds of years; if you’re extra paranoid, you laminate it so that it cannot get destroyed by water. You buy a very inexpensive, fire-proof safe from your office store. You put it inside so it can’t be burned. Flood, fire, theft… covered! Now on that kind of system — of wallets, hardware wallets with your backup words — you can store… … I know people who store millions of dollars (I’m not joking) on exactly that kind of of system. Once you have control of your bitcoin, it doesn’t matter if there’s a fork, it doesn’t matter if your exchange decides to go one way or another. It doesn’t matter. You should not be keeping your money on that exchange. You should not be keeping your money [by trusting] someone else to keep it safe for you. That’s just a bank. Part of the reason we’re doing this open blockchain is because we don’t trust banks.

88 thoughts on “Bitcoin Q&A: How do I secure my bitcoin?”

  1. I actually wouldn't put a seed phrase in a safe (esp. not a portable one), it makes it a target for any burglar. They might not know what to do with it, but they'll definitely try to figure it out if they find it in a safe. The one argument for a safe to me is fire protection, instead I would use a cryptosteel or store a copy of the seed phrase at a relative's place.

  2. So what if your paper gets lost, stolen, burnt? What if you HAVE TO IMMEDIATELY leave your house and you can never go back? Huh?

  3. I agree with Trezor as my favourite hardware wallet.
    As for the software I'd still recommend Electrum. Open source, gives maximum control to your transaction (fees, the address you spend from, fee increase after a transaction has been broadcasted and more). Also the simple feature of an address book seems to be overlooked by some of the fancier looking alternatives out there.

  4. What about both software and hardware wallets?
    TREZOR and Armory.
    Using Armory on two linux encrypted machines. And one of them is putted offline after configuration. It only sign the transactions.
    And the online machine generate them.
    The files going between the two machines are txt files on vfat usb pen drive.
    Armory also creates a paper wallet. The offline machine should have printer with no wifi connect to print the paper wallets.
    TREZOR is far easy to use.

  5. What wallet would you recommend if you have between 10-15 different coins other than BTC, ETH, LTC and DASH?
    I also hold STRAT, ETC, NEO, LBRY, BAT, STEEM, OMG, PIvX, BQX… any suggestions of a hardware wallet I can keep these as they are currently sat in my exchange account.

  6. Three Questions
    1. Are the 12 word phrases specific to a certain wallet or can I use them to regenerate my Bitcoin on any wallet
    2. Based on this, would a Paper Wallet be recommended since you have the actual private key and not a phrase (That may only work with a specific wallet company that may go out of business or whatever. See question 1)
    3. Bread Wallet was skipped and not mentioned for Android. Was there a reason?

    Thanks in advance to anyone that can help.

  7. Use paper WITH BIP38 (password you are the one only know). Make two copies, one in your local bank's safe, one at a remote place. Simple and 100% secure. The only possible downside is if you are in s sudden comma or accident the coins maybe gone with you. So you may want to put the passphase with an attorney together with your will.

  8. What I don't understand is whether classic bitcoin-qt wallet is safer than for example Electrum, could you elaborate on that Andreas?

  9. Are the 12-24 keywords transferable between different wallet types? E.g. if I encrypted my bitcoin core wallet can I use those words to access my bitcoin on breadwallet?

  10. Does anyone else notice how Andreas never reveals a bitcoin donation address like all of these other youtube "Jokesters". ANDREAS PLEASE POST A DONATION ADDRESS! I WANT TO SHOOT YOU SOME CRYPTO FOR A BEER. I've been watching you for years! you have a way to articulate far beyond any human I have ever leant an ear to. Please post an address for Ethereum, Liteocoin or Bitcoin. LET ME BUY YOU A BEER! Even if you do not, I will still listen and watch you… Let us know when you decide to come to Houston!!!

    Thanks Again for all of your analogies and ease of explanation. YOU ARE THE MAN!!!

  11. Memorize Your Seed !… (and obscure your paper backup cut mixing it up with others and breaking into sets of three…

  12. What happens to my bitcoin on August 1st on coinbase? I'm confused. People say that if does split Coinbase won't recognize the new coin; only the old coin. So let's say I have one bitcoin worth $3,000 today, does that mean on August 1st, I have $1,500 in old bitcoin, and $1,500 in new bitcoin; but since Coinbase doesn't "recognize" the new one, that just disappears into a black hole, so I only have $1,500 buck left over?

    Thanks.

  13. I won't recommend anyone to memorize the seed key. Because you will turn yourself in walking non encrypted wallet. It will be dangerous because someone could persuade you to give the key.
    I don't recommend either to store the key in bank vault. bitcoin is being your own bank. So don't trust banks in any way.
    Protect the paper where is the seed key and hide it very well. It's a small paper. So it's easy to hide it. Use also a copy.
    It's possible to hide it inside walls, inside the concrete floor … etc.

  14. And how do you secure your coins from devaluation when an exchange gets hacked or simply exits the game? It doesn't matter if you hold your private keys or not, your coins can lose a huge amount of value overnight whether the keys are in your possession or not. See MtGox, the Bitfinex haircut, and the Chinese government. Holding your own keys provided no protection from the 30-60% loss those things created, market-wide. Holding your own keys through an event like that is like physically possessing Enron stock when that company collapsed. It doesn't protect you from the REAL dangers of this treacherous market.

  15. Mycelium will support bitcoin cash as well? So when the fork happens will I have the same amount in both bitcoin and bitcoin cash?

  16. Coinomi have provided a statement that btc coins are safe on their wallet (you do have the keys agreeable). They have built support for the split into the wallet. Hang tight, it will be OK.

  17. btw in that video Andreas says he isn't sure about exodus… I can answer that. Exodus is a safe option because you can export the private keys in exodus so u can have your keys. Exodus makes things way easier so u only need one master pw for multiple coins so it makes it easier, but you can get the private keys for them all individually.

  18. The advice here conflicts with that coming from McAfee who says that people's smartphones are very insecure. According to research, 50% of all smartphones contain key-logging malware. So, I wouldn't store any bitcoins on a smartphone.

  19. Still confused? The keys are not yours and you're wondering whether the bitcoins are yours or not? The following video emphasizes this one's main message, listen to it until you get it. https://youtu.be/dnC5mFaIW3Q

  20. Good morning, Mr. Andreas,
    From Peru. I realize the importance of Bitcoin and crypto-currencies.
    Imagining the worst scenario helps us to ensure the success of this revolution.
    What would happen in the event of a world war ?, many nodes will be shut down, attacks on the network, etc. How could Bitcoin survive a world war (and even a nuclear bomb)?
    The network will not be able to validate transactions normally, it may become impossible to mine. If online payments collapse, the economy collapses.

    regards
    Juan Carlos,

  21. Why is Mycelium, copay, airbitz more secure than bitcoin core wallet? Is Jax (which can hold multiple currencies) as good as those three?

  22. I use Exodus on Winders 10 and after watching this, I don't feel quite as secure as I did prior. However, I have everything written down and backed up to the best of my ability despite now knowing Windows O/S are someone else's and we're being allowed to use for a rather high license fee. But … Winders sho' look purdy with all them HD pictures 'n other bells and whistles 'n stuff….

  23. "The chances of someone knowing what those words are for, are pretty slim."

    What? If bitcoin becomes popular, those words are going to become the 12 most popular words in the history of crime.

  24. I've had bitcoin since 2013 but never felt they were safe until they were on my KeepKey. Fantastic device. Fantastic customer service. And yes the words are written on paper. In a safe. Peace of mind.

  25. 6:47 This is terrible advice in keeping your bitcoins safe. If you write down the 12 words as they are, then you pose a single point of failure. The better way to do this is to use something like CryptoSeed (look for it in Github) and encrypt those 12 words. Then you can save the encryption on paper, and make backups of it. And if someone steals it, he still needs the password, which is kept separately. Wallets should stop advising people to write the 12 words without encrypting them first. This is so incredibly unsafe if someone finds them. And trust me, in a few years from now people will be ACTIVELY LOOKING for pieces of papers with 12 random words on them, because it will be common knowledge that these contain a treasure.

  26. i have 2 questions.

    is Electrum wallet for android phone good? He didnt mention it

    He says that writing the private key on paper for your mobile wallet is the best. But what if Mycelium or Electrum (or any of the mobile wallet he mentioned) disappear or is hacked. Can we still recover our bitcoin?

  27. Does it take too much time when you have to sell your bitcoin and it is stored in a hard wallet? I mean if the price is falling rapidly due to panic, it is very fast to sell if the bitcoin is on an exchange. There are also other advantages of using an exchange suchc as stop loss function.

  28. Can I TAKE A PHOTO OF THE KEYS WITH MY PHONE CAMERA , WILL IT GO IN GOOGLE COLLAGE ,OR WILL SOMEBODY ROB MY BITCOIN FROM GOOGLE OR FACEBOOK .

  29. screw paper…get velum! Think there is an opportunity to bring it back…seriously! I have PhD in Medieval History…..velum!

  30. So you can get a wallet otherwise known as an "address" so people can send you bitcoin and your keys are your password to access the wallet? Both the obtaining of the wallet or "address" along with the keys can be done on one of those 3-4 mobile apps he listed? And you can buy on places like coinbase and just give them your wallet address?

  31. I hate to play devils advocate (and be gentle, were all learning here), but isnt this one of the inherent and severe weaknesses of bitcoin and cryptocurrencies as a whole?

    There are any number of reasons that one could lose a password.

    You cant expect the average person to adopt bitcoin and expect them to take on the responsibility of securing their personal wealth by themselves on a cold paper wallet and storing that wallet somewhere.

    People are inherently lazy and stupid, even when it comes to their own accumulated wealth.

    I think this will be one of the many obstacles for cryptocurrencies to overcome on their way to becoming a stable (usable) currency. There needs to be a way to easily, effortlessly and simply allow users to secure and store their cryptocurrencies in a way that does not negate the security of a decentralized network.

  32. Just a small nitpick on archiving paper:

    Laminating is bad for long term preservation of information. The heat damages the paper and the plastic can degrade and damage the paper. IIRC Mylar is the go to material for preserving a record, ideally in a temperature controlled place that won't change much over time. I think caves tend to stay around the same temperature year round and independent of outdoor climate, but then you have to worry about moisture, so who knows? Here's a quote from an archive blog I just found, I encourage those interested in making a long term storage of a wallet seed or private key read into this stuff!

    Lamination is almost impossible to reverse without causing great risk to the document itself.

    The lamination process actually melts into the paper fibers of the document which makes delaminating difficult to almost impossible to accomplish.

    Removing the lamination requires the use of solvents and chemicals that could potentially damage the inks, the paper or the skin of the person performing the remediation process.

    The plastics used in lamination, usually cellulose acetate, are themselves inherently unstable and over time will deteriorate and cause more damage to the documents.

    Delaminating documents can be extremely costly to have done and could potentially damage the documents further. Anyone considering delaminating their documents should consult with a professional conservator.

  33. CAN SOMEONE ANSWER PLEASE.
    I wish to know that how come 12 words can backup 13 crypto currencies private, public, and password.
    There must be a server or a 3rd party. or I miss understood?

  34. Sorry but this advice to just keep your wallet seed in plaintext stored inside a safe is retarded. Anyone who has been burglarized knows exactly what I'm talking about – it can happen at any time, you never expect it, and they always go for safes. Also some of us live in apartments and we can't have gigantic multi-ton weight gun safes cemented into the ground to prevent theft.

  35. And, regrettable late to the crypto revolution, have now just placed an order for a hardware wallet! Really like this guy, and we're currently living in exciting times.

  36. How exactly do we know these software wallets on mobile, or even hardware wallets aren’t connecting to the internet? And don’t they need to be online to generate their seed?

  37. McAfee says our smartphones already have keylogers and screen capture programs from Russia and such how do I know my device is safe? As I see it if it's internet enabled it's not safe am I wrong?

  38. I need to figure out how to get to Andreas' next speaking arrangement. God DAMN this dude is interesting to listen to

  39. "paper pencil" in a safe that someone could get to easily. not reliable or secure enough for my 0.00000001 BTC so i carved my 24 backup words into diamond that is stored off planet.

  40. And never ever buy a used Hardware Wallet because those can be manipulated and all your Bitcoins can go away before you know what is going on!

  41. Hi Andreas, l have a copay wallet on my android, but l dont see a private key but l have the twelves words written down.

  42. Hello @aantonop +aantonop , you mentioned this about a desktop wallet "…“They have software actively looking for bitcoin software; when they find it, they take it. Or they put a keylogger, wait for you to do a transaction, enter your password and then they take it…”. But if a hacker gets your password but not your desktop wallet app, how would they get into your account? Don't they also have to steal your desktop as well?

  43. can someone please tell me
    why finding private key to satoshi's wallet is impossible with enough computing, time and ulimited attempts?
    please guys i wanna know

  44. What happen if the third-party exchange where I stake my crypto, will dissapear ? ( But I have my keys)
    How do I recover my funds on a new exchange or a new wallet using my keys?
    These keys are only usable on this third-party exchange only ?

  45. I bought $4 worth of bitcoin back in 2010 but my parents threw out everything I owned when I came out of the closet… every time I hear some smug millionaire say something like 2:25 I seriously want to kill myself

  46. If you need to recover your stolen Bitcoin and other altcoins, recover your email/wallet passwords, social network anti-hack (Facebook, Twitter, Instagram, snapchat), BlackRock is the go-to cybersecurity group. Visit blackrockconsultpro,com and use the contact form or hire any available expert.. Thank me later 🙂

  47. So what's a person supposed to do whi transfers his or her bitcoin to a hardware wallet that requires you to download software (LedgerLive) to work in unison with the device to manage????? It's unavoidable to not use a computer with a hardware wallet…..phones get hacked too. I have to connect m yhardware wallet to my computer to do my transactions….can't do that with a phone. not easily for the tech challenged.

Leave a Reply

Your email address will not be published. Required fields are marked *