Crypto security isn’t about one thing — it’s about layers. A strong security plan uses multiple layers so that if one fails, the others protect you.
This is your complete crypto security checklist. Follow every step.
Layer 1: Seed Phrase Security
Your seed phrase (12 or 24 words) is the master key to your crypto. Anyone with these words controls your funds.
- Written on paper (not digital — no screenshots, no cloud, no notes app)
- Stored in a fireproof safe or safety deposit box
- Never typed into any website or app
- Backup copy stored in a second location (different building)
- Tested by recovering a small amount first
Do NOT:
- Store seed phrase in Google Docs, iCloud, or any cloud service
- Take a photo of your seed phrase
- Email it to yourself
- Enter it into any website claiming to be “wallet recovery”
Layer 2: Hardware Wallet
- Own a hardware wallet (Ledger or Trezor) for holdings over $1,000
- Purchase directly from the manufacturer (not Amazon or eBay — risk of tampered devices)
- Set up PIN code on the device
- Verify the device is genuine (Ledger Live checks this)
- Test sending and receiving with a small amount first
Layer 3: 2FA (Two-Factor Authentication)
- Authenticator app (Google Authenticator, Authy) on ALL exchange accounts
- Hardware security key (YubiKey) for primary email and largest exchange account
- Backup codes saved securely (not on phone)
- SMS 2FA disabled wherever possible
Layer 4: Email Security
Your email is the gateway to resetting passwords on exchanges.
- Strong unique password (20+ characters, random)
- 2FA enabled (authenticator app, not SMS)
- Recovery email also secured with 2FA
- No forwarding rules set up (attackers add hidden forwarding to intercept password resets)
- Login alerts enabled
Layer 5: Device Security
- Operating system updated (no pending security updates)
- Antivirus/malware protection active (Windows Defender, Malwarebytes)
- Browser extensions minimized (fewer extensions = lower attack surface)
- No pirated software (common source of malware)
- Separate browser for crypto activity (no random browsing)
- Ad blocker installed (uBlock Origin)
Layer 6: Network Security
- No public Wi-Fi for crypto transactions (coffee shops, airports, hotels)
- Home Wi-Fi secured with WPA3
- VPN used when on untrusted networks
- Router firmware updated
Layer 7: Exchange Security
- Only use major exchanges (Coinbase, Kraken, Binance)
- Withdraw crypto immediately after purchase
- Whitelist withdrawal addresses (new addresses blocked for 24-48 hours)
- Withdrawal limits set to minimum practical amount
- No more than 1-2% of portfolio left on exchanges
Layer 8: Social Engineering Protection
- Never share seed phrase with anyone (including “support,” “family,” “investors”)
- Verify all communication claiming to be from exchanges
- Ignore DMs about “helping with your account” or “investment opportunities”
- No personal information shared in crypto forums
- Family members educated about crypto scams targeting you
Emergency Response Plan
If you suspect you’ve been compromised:
- Don’t panic — Quick actions are often wrong actions
- Transfer remaining funds to a new wallet (create a new seed phrase)
- Change passwords on all exchanges
- Revoke all wallet connections (use Revoke.cash for EVM wallets)
- Scan device for malware
- Contact exchange support if funds were stolen
- File a police report (may help with tax loss claims)
Security Levels by Portfolio Size
| Portfolio | Minimum Security Setup |
|---|---|
| Under $500 | App password + 2FA on exchanges |
| $500 - $5,000 | Hardware wallet + authenticator app + unique passwords |
| $5,000 - $50,000 | Hardware wallet + YubiKey + dedicated device for crypto |
| $50,000+ | Hardware wallet + multisig + legal structure + professional audit |
Weekly Security Checklist
- Check that no unauthorized withdrawals have occurred
- Verify exchange login history
- Check for unusual account activity
- Confirm all 2FA devices are still accessible
Verdict
Crypto security is simple but requires discipline:
Seed phrase offline. Hardware wallet for storage. 2FA on everything. Email locked down. Exchanges only for buying.
Follow this checklist, and you’ll be safer than 99% of crypto users. Most losses come from skipping these basics.
Related: What Is Two-Factor Authentication? | Hot Wallets vs Cold Wallets | Common Phishing Attacks | What Is a Seed Phrase?
Security is the most discussed topic on BitcoinTalk. The veterans all follow some version of this checklist. Newbies who skip these steps are the ones posting “I’ve been hacked” threads.