Signed in as:
filler@godaddy.com
Warnings & Scams!!!
Your Seed Phrase = Your Private Key = Your Vault Password = Your Money
When you put your Bitcoin in cold storage (Hardware Wallet), you'll write down 12 or 24 words, a seed phrase, to access the funds. NEVER, EVER tell anyone this, don't show anyone this, don't write it down in your phone, or in your computer, or on your fridge or take a photo of this. I'd hesitate to ever read it out loud, as your phone could be listening to you! Ever get ads on instagram about something you were just talking about? Strange, huh?!
Instead, write it down in CAPITAL letters, in your neatest handwriting and clearly legible. Then store it somewhere safe, preferably protect it from potential water and fire damage, or insects too. After that, you can etch a copy in steel or similar fire proof material (put it in a fireproof envelope), for a more durable long term solution. Check out our page on Bitcoin Storage: https://bitcoinbizhub.com/how-to-store-bitcoin.
Increase your security 1% at a time. No need to over do it at first, and over complicate it. But constantly iterate and improve on it over time.
Remember! This is the only access to your Bitcoin. Do not lose this or give it to someone, unless you trust them. There is no Bitcoin Hotline you can ring to get access to your funds in the event of someone getting hold of this seed phrase.
Don't Trust, Verify!
IF A PRETTY GIRL MESSAGES YOU ONLINE... IGNORE HIM!!!
DON'T TRUST ANYONE! NOT EVEN US HERE AT BITCOIN BIZ HUB!
We'll never message you and ask for your Wallet Seed Phrase a.k.a. Private Key a.k.a Wallet Passphrase a.k.a 12 or 24 words. Don't give them to anyone. Not even your Mom! Sorry Mom!
When you get good enough at security and best practices you can share them with certain people for inheritance planning. but until then, treasure them. Keep em secret, keep em safe!
And for the love of God and all that is holy... don't type them in to a computer or smartphone. They should only be typed in to your hardware device or signing device.*
*Unless it's a hot wallet (no hardware device), but best to double check and ask someone like us before you do this! Don't worry as we said, we won't ask for the seed phrase, so don't give it to us. But happy to answer any questions you have, or point you in the right direction.
The Keys Are In The Computer
When it comes to using your passphrase, the keys are in the device. Your 12 or 24 word seed phrase is what unlocks your hardware device and allows you to send and sign bitcoin transactions.
Think of them as the keys to unlock your treasure chest. They are entered into the device... and ONLY THE HARDWARE DEVICE. Most hardware devices will have buttons that allow you to scroll through the alphabet and press 'enter' on each letter until you have selected the word you are looking for. Then the same with the next word and so on and so on.
Only after entering all of your words, (usually 12 or 24 words) will you be able to send bitcoin to another address and sign the transaction into the bitcoin blockchain. This is why these hardware wallets are also called signing devices.
Remember to keep these words safe and secret. Don't enter them into any computer, only into the device itself! This is the most important thing to remember!
Practice good security!
$5 Wrench Attacks!
Well technically it's a $10 wrench attack (Inflation Adjusted).
This is as simple an attack as it sounds, but it's pretty effective. Bad guy hits you with a wrench, or other hard object, until you give them your Bitcoin. Check the story in the link for more details on these types of attacks and what you can do to protect yourself. Stay Safe Out There!
Password Managers
Password Managers. Get One! It'll Change Your Life!
Constantly using the same password or variations of the same password? Have you been using your pet's name? Spot1, $p0t1!, or Spot#1?
Hard to keep track of, even easier to be compromised. We're creatures of habit, we don't like change. But that's what hackers are counting on!
Get a password manager and auto generate and store random passwords that are easy to copy & paste into your favourite apps and websites. Have them always at hand when you're on the go, without the need to remember any of them.
All you have to do is remember ONE long , difficult, secure password to access your vault of stored passwords.
Our personal favourite is Bitwarden: https://bitwarden.com/
Two-Factor Authentication (2FA) Auto-Syncing Security Risk - How to Turn Off the Account Synchronization of Google Authenticator?
Major Issue - Please Read:
Google Authenticator App has been know to sync to Google Accounts, meaning that if your Gmail or Google Account gets compromised, then so can your Two-Factor (2FA) for accounts. A bad actor having access to your Gmail account and now your 2FA can get into your accounts with ease. This feature has not been end-to-end encrypted, which may pose a potential account security risk to users who turned it on.
Make sure the 'cloud' icon is greyed out. If it is 'coloured green/ blue' it is likely syncing to your account. Make sure to 'Grey" it out to turn off. Or use an alternative 2FA method such as a Yubikey or similar device.
Social Engineering Attacks/ Man-In-The-Middle Attacks
Not everyone is who they seem!
Artificial Intelligence and hackers are getting better and more convincing. Phone Caller ID can be changed to make it look like someone you know is calling, when it is not actually that person. Emails can be changed to have the header and footer changed within them, so that it appears someone is emailing you, when it in fact isn't i.e. "Johnson Solicit0rs" rather than "Johnson Solicitors". Deep Fake voice calls can now be used to sound like your loved ones (i.e Eleven Labs). Hear these examples in more detail in the video below.
Rule #1 - Don't Freak Out!
Hackers and Scammers prey on human emotions and rely on getting you to act quickly, often calling you, instead of letting you call the person you might need to in order to complete the action. For example your "solicitor" may call you, when it is in fact the scammer. 'YOU' should be the person to instigate the call to someone or politely hang up and call them back on their official number. Especially, if you are unsure or they are causing you to TRUST and not question their actions or asking you to act quickly. Take Your Time! They rely on urgency and emotion! Don't Trust, Verify!
Two-Factor Authentication (2FA) Devices - Yubikey
Two Factor Authentication Devices.
Consider using these to add an extra layer of security to your accounts, such as email or exchange logins. They are harder to compromise, over apps like Google Authenticator. These devices can be carried with you and are available for multiple devices such as PC/ Laptop and phones.
(Get a Yubikey on Amazon).
Starting A New Digital Identity
K3tan takes us though how he would start all over again with a new digital identity.
I've often wondered how I would start my digital identity again. This wouldn't be applicable to me but rather for anyone just starting out down the path. Knowing what I know now, I'd definitely do things a little differently.
If I was to start over again, here's what I would do. I think I could do it rather cheaply as well.
A Modest Privacy Protection Proposal - How to reclaim your privacy in the surveillance age.
Jameson Lopp discusses "How to reclaim your privacy in the surveillance age".
It’s hard to retain much privacy in the information age — the internet has a nearly perfect limitless memory and we’re placing a ton of sensitive data onto it. After being swatted in 2017, I set out on a mission to start my life over with a renewed focus on privacy. While I was motivated by changes in the Bitcoin ecosystem (an increased rate of physical attacks), this guide is meant to be comprehensive for people living in the USA and generally helpful for other citizens of the world. The journey has been long and arduous because there simply aren’t many resources out there for how to achieve what I wanted.