](https://steemitimages.com/640x0/https://cdn-images-1.medium.com/max/2666/1*a9qowDTyRaaOzILHuXFmUQ.jpeg)
Today we are going to go over the best methods for holding the tightest security with hardware wallets. We will also discuss the wrong ways to interact with cold storage cryptocurrency wallets that have caused people to lose funds. When you own your private keys, you are responsible for keeping personal security over your funds. These steps and precautions should not be overlooked because decreasing security can often lead to lost or stolen funds.
Hardware wallets are great devices because they don’t connect your private keys to the internet, and thus avoiding the possibility of a hacker simply exploiting your private keys directly. Even though these devices hold the private key locally, we still need to ensure some levels of security on our end, which we are going to go over in this guide.
Introduction
Billions of dollars have been stolen from fraudsters since the existence of Bitcoin, and hackers will continue to steal funds for as long as people continue to neglect personal security. Hardware wallets were created for the sole purpose of giving investors and cryptocurrency enthusiasts a better outlet to store their funds without trusting a third-party exchange to keep heightened security, which we have seen fail many times.
Don’ts
❗️ ❗️ Make sure your Ledger Live is up to date ❗️ ❗️
Using your private key or recovery phrase
Taking your private key or recovery phrase off your hardware device is not recommended because it can expose your device to hackers who may be able to steal the information over a compromised computer.
Store cryptocurrency on exchanges
Exchanges have been hacked in the past resulting in billions of user funds stolen or lost forever. When you have money on an exchange, you don’t own the private keys, so if their central security system is breached, you are not able to remove the coins. It is best to keep money safe on a hardware device like Ledger and use an application like Ledger Live to interact with your cryptocurrency.
Use 2FA as a main security feature
2FA is often used to secure applications in which the software will verify your authenticity by requesting to send a code to the phone number on file, then when you enter in the code that you received you can interact with the application without any interruption. This process is susceptible to sim swapping, so it should be avoided.
What is a Sim Swap?
A Sim Swap exploit is when a hacker calls into your phone carrier and impersonates you to get the customer support agent to reset the phone sim. The hacker convinces the support agent that the phone is lost or stolen with allows them to get their sim card activated. The sim card tells the phone what carrier to go through and gives the phone its phone number. So, when the sim is “swapped,” it provides the phone number to another phone. (The hacker’s phone) This process is possible if the hacker can pull personal information from the victim’s social media accounts or talk with them at an event and learn personal information. Hackers use this method because it allows them access to online accounts that use phone verification. The hacker can access cryptocurrency exchanges like Coinbase and request a password change since they now have access to the victim’s phone number. Since cryptocurrency has unchargebackable features, it makes sim swapping that much more intriguing to scammers and fraudsters.
The customer support agent could be bribed to reset the phone sim card or could be social engineered into switching the sim as 99% of the callers are dealing with a sim problem. Customer Support agents are not always trained in identifying these scams, and so millions of people are at risk of this exploit.
To protect yourself from sim swaps you should:
· Call your mobile carrier and ask that you restrict your account to in-person verification only. In-person verification requires governmental ID and would require that the hacker also visit the location nearest to you.
· Stay away from 2FA authentications.
· Use Google Authentication when you are able too, and if possible, use it on a device that you are not currently using. (Spare phone)
· Use a cold storage option like Ledger.
Do’s
Secure your private information
When setting up a hardware device, you should always be securing the private information that includes the private key and recovery phrase along with any passwords or pins. This information should be written down on a few pieces of paper and kept in a fireproof lockbox. Some investors even go as far as to open a bank deposit box and put the secured paper in that.
Regularly Update firmware
Make sure your Ledger Live is up to date
**Get Ledger Live here**
Even if you are a HODL’er it is crucial to continuously stay up to date on the latest update that your cold storage has. Updating your firmware will allow you to stay secure and fix any bugs that could have led to exploits.
Only connect to trust wallets to send coins
When you are looking to send cryptocurrency from your hardware, you must use wallets that interact with your wallet. Don’t use your recovery phrase or a private key to recover coins on a wallet if you can avoid it, instead use a platform that can interact with your device and not expose the private information over the internet.
An example of this would be with the Ledger device and Ledger Live.
Conclusion
Hardware wallets are great tools to secure cryptocurrency; however, with this great hardware comes great responsibility. Even though it is very secure, you still should hold some necessary security measures as nothing is completely safe. If you break your hardware wallet and don’t have the proper backups, your coins could be lost forever, and if you hold your coins on an exchange and they are hacked, the same fate could occur.
Setting up different security measures for hardware wallets doesn’t take a lot of time and might be one of the best investments you have ever made if you do happen to forget your private information or have your computer compromised. Having a backup plan is essential in the cryptocurrency industry.