A guide to securing online accounts

Entering the bitcoin space is as exciting as it is fraught with risk. The promise of an Internet of Money, permission-less transactions, and owning unconfiscatable wealth captures our imagination and draws us in. Our first instinct is to buy bitcoin without thinking about the many steps required to secure this online wealth.

We should learn from those who are unfortunate victims of poor online security. Notable examples include losses of thousands, tens of thousands, and even a hundred thousand dollars.

While this is exceptionally relevant for those in the bitcoin space, online security is a must for just about everyone.

Our goal in this series is to look at the many aspects of online security, such as having strong and unique passwords, enabling 2-factor authentication, scrambling email address, and secondary online phone numbers.

Why care about online security

A journalist for WIRED learned the hard way.

In the space of an hour, a takeover of his email account led to his social media accounts, digital devices, email, and other online accounts being totally hijacked and controlled by attackers.

Nothing was spared. His laptop was remotely wiped, erasing the first year and a half of pictures of his newborn daughter. In this case, the hackers didn't even want bitcoin—just his short and unique Twitter handle.

The scary part: It wasn't by brute force. Hackers did this through loopholes in Apple and Amazon's security systems. Because the senior writer didn't have 2-factor lined up, they were used social engineering to trick Apple and Amazon support staff.

The Wired journalist noted: Had two-factor authentication been implemented, it's possible that "none of this would have happened."

When enabled, two-factor authentication is a two-step verification process. It requires users to provide two different forms of identification to access resources and data. Typically, that looks like inputing something you know (the standard username/password information) and something you have (for instance, information from a device or mobile phone application, which proves you are in possession of that particular device at the time you log in).

Note: While two-factor authentication is effective, like most risks, is not infallible and users should remain vigilant against potential security threats.

Two-factor authentication and crypto

In the world of crypto, security is crucial.

Crypto wallets are often targets for cybercriminals due to the value and somewhat anonymous nature of digital currencies. Introducing a second layer of verification in addition to a password aims to improve security and make it that much more difficult for unauthorized individuals to gain access to your accounts.

Bitcoin is powerful (but comes with responsibility)

Bitcoin is considered by many to be the future of finance. It allows you to transfer value anywhere globally in a very easy way, and without intermediaries. Best of all, you're in control of your own money.

But with great features come great security concerns. Bitcoin can provide very high levels of security if used correctly. It's your responsibility to adopt good practices in order to protect your money.

Bitcoin is a bearer instrument

Owning bitcoin is like carrying cash—whoever holds it, owns it.

That means whoever controls the private keys controls the funds. So, if someone else gains access to those keys, they can take your bitcoin, and there’s no way to get it back.

Bitcoin can appreciate in value very quickly

As we’ve seen over the last few years, the price of one bitcoin can skyrocket orders of magnitude in a matter of months. So, the $100 worth of bitcoin you bought a while ago could suddenly be worth $10,000, and the security setup that felt “good enough” back then might not cut it anymore.

It’s wise to plan ahead and secure your accounts now, before the stakes get higher.

Finally, bitcoin transactions are irreversible

Unlike many money transfer protocols (wire transfers, cheques, credit cards), once a transaction is on the blockchain with enough confirmations it cannot be reserved.

There is no bitcoin fraud department to call nor is there a consumer protection agency we can plead to in hopes to regain our money.

This finality is one of Bitcoin’s strengths. It makes transactions cheaper and more reliable. But it also places full responsibility on the user.

Because of these properties, securing your online accounts and wallets isn’t optional—it’s essential. A single lapse in security can result in the total loss of your funds.

Let’s secure our online account

In this series, we’ll explore:

• Creating strong and unique passwords with a password manager
• Enabling 2-factor authentication everywhere
• Securing a primary email account
• Protecting against phone number hijacking
• Generating unique email addresses for each new online account
• Creating a secondary mobile number to route SMS-based 2-Factor Authentication
• Browsing the web securely on public Wi-Fi (coffee shops, airports, etc.)

We’ll begin with an exploration of passwords and password managers in the first guide in the series.