Chapter 1: Best Practices for Security

Crypto gives you full control over your money, but that control comes with full responsibility. There’s no bank to call if you get hacked, and no “forgot password” button if you lose your keys. The good news is that keeping your crypto safe doesn’t need to be complicated. With a few smart habits, you can protect yourself from most of the common threats.

Protect Your Accounts with 2FA and Strong Passwords

Think of your exchange or wallet account like the front door to your funds. A strong password is the lock, and Two-Factor Authentication (2FA) is the extra deadbolt that keeps intruders out.

Start with your passwords. Make each one unique and complex. Aim for at least 12 characters with a mix of letters, numbers, and symbols. Avoid anything obvious like names, birthdays, or “crypto123.” If remembering complex passwords sounds like a nightmare, use a password manager to generate and store them safely.

Then turn on 2FA for every exchange or wallet that supports it. This adds a second layer of security so even if someone gets your password, they still can’t access your account. Authenticator apps like Google Authenticator or Authy are safer than SMS, which can be intercepted. If you want to go the extra mile, a hardware security key gives you the strongest protection.

Feel free to check out our video on crypto security where we go into more detail:

Protecting Your Private Keys and Seed Phrase

Your private key is the master key to your crypto. Your seed phrase is the backup that can unlock everything if you lose access. If someone else gets either one, they have complete control over your funds.

The safest way to store them is offline. Instead of saving them as screenshots or uploading them to the cloud, write your seed phrase down on paper or engrave it on a metal plate.

Paper works for most people. Metal is ideal if you want something fireproof and long-lasting.

Relying on just one copy is risky. Fires, theft, or water damage can wipe out a single backup. A better approach is to keep two or three copies stored in different secure locations, such as a home safe, a safety deposit box, or with someone you trust completely.

Not So Fun Fact: Crypto security experts are dead serious when they say NEVER keep your recovery phrase online. There have been multiple cases, such as the password manager LastPass being hacked (where people stored seed phrases) and cases of iCloud accounts being hacked or accessed by government officials in legal cases, resulting in crypto users having 100% of their crypto stolen or seized. Seriously, never ever ever enter your seed phrase online. Password managers and cloud drive solutions like Google Drive or iCloud are vulnerable to hacks.

Finally, test your backup. Restore a wallet using your seed phrase with a small amount of crypto to make sure it actually works. It’s a quick way to confirm that your safety net is solid. You will get to know more about it in our crypto wallet security guide.

Simple, Actionable Tips to Keep Your Crypto Safe

A few extra habits can make a big difference:

Double-check website URLs and wallet addresses before logging in or sending funds. Scammers often create fake sites that look almost identical to the real thing.
Keep your software up to date. Old versions of wallet apps or operating systems can have security holes that hackers target.
Use a VPN if you ever connect to public Wi-Fi to keep your activity private.
Only keep small amounts of crypto in hot wallets. Treat them like the cash in your pocket. Larger amounts should stay in cold storage, like savings in a vault.
Never share your seed phrase or private key. No legitimate company or support agent will ever ask for them.
Test your backups occasionally. Knowing they work gives you peace of mind.
For larger or shared accounts, consider a multi-signature wallet, which requires multiple approvals for any transaction.
If you want an extra layer of protection, use devices that are never connected to the internet (air-gapped) for storing sensitive information like seed phrases.

Crypto security is mostly about forming good habits. A strong password, 2FA, offline backups, and a little caution can protect you from most threats. If you treat your digital assets with the same care you’d give to physical cash or jewelry, you’ll be miles ahead of the average beginner.

Chapter Quiz

Module 5, Chapter 1-Crypto Security Best Practices

1 / 8

Which principle should guide all your decisions about crypto security?

Convenience is more important than safety

Always trust every online message about free giveaways

Take simple, consistent steps to protect access and backups

Store all crypto only in hot wallets for speed

2 / 8

Which of the following is an example of a good security practice for crypto accounts?

Enabling biometric authentication and keeping devices updated

Reusing the same password across all platforms

Sharing your login details with close family members

Turning off 2FA after your first login

3 / 8

What is the main danger if someone gains access to your seed phrase?

They can slow down your internet connection

They can alter your private wallet password

They can only see your balance but not move coins

They can permanently take control of all your crypto funds

4 / 8

Which of the following is the most secure way to store your private keys or seed phrase?

Online cloud storage like Google Drive

Writing it down on paper or storing it in a hardware wallet

Sharing it with a trusted friend

Keeping it in your email inbox for quick access

5 / 8

Why is Two-Factor Authentication (2FA) important for crypto accounts?

It guarantees your crypto will always increase in value

It adds an extra layer of security beyond just a password

It allows you to share accounts safely with friends

It removes the need to remember passwords

6 / 8

How Should You Protect Your Recovery Phrase?

Select All That Apply

Write it down on paper or engrave it on metal, and store it in a secure, offline location like a safe deposit box

Never store a digital copy of it, such as in a photo, a note on your phone, or in a cloud service

Do not share your recovery phrase with anyone, as it is the master key to your funds, and no legitimate company will ever ask for it

It is safest to store your recovery phrase in a password manager or a cloud-based service for easy access

7 / 8

Best Practices for Securing a Crypto Wallet

Select All That Apply

Use a non-custodial wallet so that you, and not a third party, have complete control of your private keys

Always back up your private keys and recovery phrase in a cloud-based service for easy access and security

Use a cold wallet (e.g., a hardware wallet) for long-term storage of large amounts of cryptocurrency to keep private keys offline

Never share your private key or recovery phrase with anyone, as it grants full access to your funds

8 / 8

Best Practices for Securing Crypto Accounts (eg. on a CEX)

Select All That Apply

Always keep your crypto in the exchange's hot wallet to ensure it is protected by the exchange's insurance policy

Use a unique, strong password and enable Two-Factor Authentication (2FA) for all logins and withdrawals

Be cautious of phishing scams by always verifying the website URL and never clicking on suspicious links from emails or text messages

Use a dedicated email address that is not linked to any other personal or professional accounts for your crypto exchange

Your score is

Chapter 1

Chapter 1: Best Practices for Security

Essential crypto security tips! Implement 2FA and strong passwords, and master the key rule: safeguarding your seed phrase to prevent loss.

Chapter 2

Chapter 2: Understanding the Dangers

Stay safe in crypto! Learn about extreme market volatility, how to avoid dangerous scams like phishing and rug pulls, and red flags to avoid