๐Ÿค“Notes From An Expert

Credit goes to Jason Ansley, Wolf Den Member and form IT professional and cracker. This information was borrowed from the Wolf Den's Whitepaper.

The Rule of 7: General Rules For IT Security

Once a hacker has to go through 7 layers of roadblocks, the risk-reward for time invested significantly diminishes for the hacker.

Doesnโ€™t mean itโ€™s not hackableโ€ฆjust about everything is hackable given enough time/effort. The question is: "But is it worth it?"

The easiest hack is social engineeringโ€ฆ which is most of what you are seeing in crypto with DMs and offers of help but youโ€™ve got to go connect your wallet to a site they give youโ€ฆ easyโ€ฆ 1 road blockโ€ฆgetting you to trust them in a private conversation.

This is why we encourage people to change their Telegram & Discord settings to protect themselves as much as they can from social scams. See the Telegram & Discord channel for an overview of privacy & security settings to protect yourself.

As for keyboard loggers, those are a bit harder to install but can be done. Using a secure auto fill tool such as LastPass password manager, adds an extra barrier here.

Make sure you have 2FA activated everywhere that you can. Yu can and use it via an Authenticator app such as the one by LastPass Authenticator, Authy, or Google Authenticator.

Email and SMS 2FA is false peace of mind. Authenticator Apps that generate new codes every 30 seconds or so are the way to go.

Longer passwords are better than shorter complex ones. Aim to have your alphanumeric passwords be at least 24 characters long.

Complex and long is best.

In the context of a cold wallet, I do use a hardware wallet for my big long term holds. You can see our Wallets channel for more information on hardware or "cold" wallets.

So, back to minimum 7 roadblocks. Here's an articulated summary.

The 7 Roadblocks of Better Security

  1. Own ALL of your private keys

  2. Complex >24 character passwords for wallets/exchanges/dapps

  3. Disconnect wallet (per medium article by doc kev) & revoke token approvals

  4. Lock MetaMask (per medium article)

  5. Copy/paste MM password from a password safe such as LastPass (I like this one as it was developed by a top security guy at the University of Kentucky about 20 years ago and has stood the test of timeโ€ฆLP also has a โ€œno seeโ€ policyโ€ฆthe database is hashed and encrypted so no LP employee can view passwords)

  6. Cold storage wallet as 2FA for every transaction in MM

  7. BITDEFENDER Total Security software for proactive device monitoring

At this point, a hacker would have to be deep in your system for a very long time to have even the slimmest chance of accessing your funds in your wallet(s).

Source Credit: Dicka from WolfDenLabs

PreviousThe "Gold Mine"NextYour Crypto Device(s)

Last updated