Skip to main content
All CollectionsSecurity
Secure Your Account
Secure Your Account

sFOX offers users a variety of ways to secure your account

Daniel H avatar
Written by Daniel H
Updated over a week ago

sFOX offers users a variety of ways to secure your account and detailed these methods in a comprehensive blog post on the subject - How to Secure Yourself Against Bitcoin Theft - with relevant excerpts below

Use Strong and Varied Passwords

An uppercase letter isn’t enough to make your cryptocurrency account passwords strong.
​ 
Your passwords should all meet the following criteria:

  • Have lowercase letters, uppercase letters, numbers, and symbols.

  • Be at least 40 characters long. A longer password is better because it’s harder for a hacker to crack using common brute-force methods like dictionary attacks. If this seems like a tall order, you can use a password generator to quickly make a strong password of arbitrary length. You can also think of long but memorable statements, rather than words, to use as passwords — e.g., “IW3nt4AW4lk1nTheW00dsOn@Sund4yAftern00nInJ4nuary!”

  • Are not common words or obvious character replacements (e.g., a password shouldn’t be “G0R3dS0x”).

The stronger a password is, of course, the harder it is to remember. That’s why you need a resource to make sure you don’t forget them and lose access to all your money. Two good options include:

  1. Credible, established password management software, like 1Password.

  2. A secure, offline record of your passwords, like an encrypted USB drive.

Be sure to use a different password for every one of your accounts. Otherwise, a single security breach will give a hacker access to all your information — and you can’t trust every service for which you register to store your password with top-notch security.

Enable 2-Factor Authentication on All Your Accounts

Two locks on your accounts are better than one, especially when hackers everywhere are constantly working on new ways of circumventing locks. Whenever you have the option, you should enable 2-Factor Authentication (2FA). And the chances are good that you have this option in more places than you realize.
​ 
2FA is a way of using a second type of identification, in addition to your password, to authorize access to your account. There are a number of different ways to do this — but not all of them are recommended.
​ 
Never enable 2FA that verifies your identity using a phone call or a text message. Hackers have become very good at calling up phone companies and convincing those companies that they’re you, at which point phone-call or text-message 2FA makes your account less secure, not more secure.
​ 
Enable 2FA using one of these methods instead:

  1. Download an authenticator app, like Google Authenticator, which randomly generates 2FA codes that change every 30 seconds.

  2. Purchase a universal second factor (U2F), like YubiKey, which acts as a kind of encrypted USB key you can insert into your computer as a form of 2FA.

Look in the security sections of all your Bitcoin accounts now and enable 2FA. Also be sure to check your email accounts: many people overlook securing their email accounts, and email gets hacked all the time.

Enable Address Whitelisting

Especially when you’re trading on exchanges, the more layers of security you can get, the better. Beyond 2FA, you should check whether the exchanges you’re using allow for whitelisting: only allowing specific addresses to interact with the funds you have on the exchange.
​ 
In address whitelisting, give the exchange the address of one of your wallets, and then you’ll only be able to withdraw funds from the exchange to that specific address— hackers won’t be able to dump your funds in their own addresses.

Use a Reputable VPN on Public WiFi Networks

Public WiFi connections are easy prey for hackers. If you’re connecting to public WiFi with a computer that stores info on your Bitcoin accounts, you’re playing with fire.
​ 
If you insist on doing this, the best practice is to make sure you’re always using a virtual private network (VPN) when you’re connected to public WiFi. A VPN basically adds a layer of encryption between you and the internet at large, even when you’re on a public WiFi connection. It can make you feel a lot better about using your personal computer in a Starbucks.
​ 
There is a wide range of VPNs on the market and different tech outlets endorse different particular providers, but pretty much everyone agrees that free doesn’t cut it. If you have a decent amount of money in Bitcoin, you should be willing to pay $5-$10/month to keep it safe.
​ 
Some of the most reputable VPNs out there right now are:

  1. ExpressVPN, based in the British Virgin Islands

  2. NordVPN, based in Central America

  3. VyprVPN, based in Switzerland

The added layer of security will make it that much harder for prying eyes to get access to your passwords, private keys, and seed phrases.

Treat Your Savings and Trading Funds Differently

Hopefully, you’ve heard the adage that you shouldn’t be trading with more capital than you’re willing to lose. That extends even further in the world of cryptocurrencies: you shouldn’t store access to any more of your cryptocurrencies on an exchange — or even online — than you’re willing to lose.
​ 
When your Bitcoin is stored with an exchange or in an online wallet, it is susceptible to dangers like trojans and exchanges getting hacked. So, when it comes to all the Bitcoin you’re hodling instead of trading, you need a cold wallet: a private key that you keep securely offline.
​ 
Consider moving your non-trading funds to cold wallets like these:

  1. Hardware wallets, like Trezor. This is a piece of security-audited hardware that keeps your private keys and lets you send and receive Bitcoin.

  2. Paper wallets, like Bitcoin Paper Wallet. This is an offline record (something that can be written down on paper, whence the name) of a public/private key pair, which you can use to send and receive Bitcoin. As long as you don’t share this private key and don’t forget it, it’s hard to get any more secure.

If most of your coins are in cold storage when an exchange you used is hacked, your loss will be mitigated tremendously.

Make a Backup of Your Backup

One of the major value propositions of cryptocurrencies is that the decentralized nature of blockchains makes it harder for systems to have a single point of failure.
​ 
Take a lesson from that: you should have enough backups of your passwords, private keys, and seed phrases that your Bitcoin is safe beyond any single point of failure.
​ 
If you have a flash drive or two lying around, take a minute to encrypt them and add text files containing info on all of your exchange accounts and wallets. These are your last line of defense if you need to recover an account or access a wallet whose details you’ve forgotten. You don’t need any special software to encrypt a flash drive: just right-click on the drive in your “My Computer” window and select the “encrypt” option, following the on-screen instructions to set up a password for it.
​ 
Store these drives in different, secure places. If these backups aren’t 100% secure, they’ll end up being the weakest link in your security: if someone finds one and is able to decrypt it, all your Bitcoin will vanish. Ideally, keep your backups in a safety deposit box — or, even better, split your keys across multiple drives (e.g., half of your paper Bitcoin wallet’s private key on one drive, and the other half on the other). That way, even if someone somehow manages to steal one drive, they still won’t be able to access your funds.
​ 
The more backups you can keep in different places, the better — just don’t forget the passwords to decrypt them!

Did this answer your question?