Lets say you want some bitcoins in an online wallet like Coinbase or Blockchain.info because you're going out and want to pay at the bar or restaurant with bitcoin, or you're traveling. Here are some tips on how to increase your online wallet's security.

1. Always use Gmail with 2-step authentication.

Before we get into anything else, make sure your have a Gmail address with 2-step authentication, which is a method through which you must enter two passwords in order to access your gmail account.

It is also a method used by Coinbase and Blockchain.info, but we will get to that later.

When 2-step authentication is activated in Gmail, the system asks for a password and for a verification number generated by an iOS and Android app called Google Authenticator, which works as an OTP device. That number is the second password and it changes every 60 seconds, so it's impossible to guess.

This gives you a double layer of protection from people trying to guess your password -which, we assume, is already over 8 characters long and difficult to guess- as it requires the authentication number, which changes every minute.

For extra protection, link a cel phone number (not an online number, but a real celphone number) to your Gmail account so you can receive an authentication code if it's necessary.

Part of the point of doing this, by the way, is to familiarize you with Google Authenticator, as you will need it later.

2. Use Coinbase or Blockchain.info with Google Authenticator and SMS code.

So here's how you'll be able to enhance security for your online wallet.

Coinbase and Blockchain.info allow you to use 2-step authentication using Google Authenticator. When you sign up for either of them make sure you use the Gmail account set up with 2-step authentication and also activate 2-step authentication in the settings section of Coinbase or Blockchain.info.

Doing this will force you to use Google Authenticator every time you log into Coinbase or Blockchain.info and it will prevent hackers from entering to the account simply by guessing your password.


Coinbase offers another protection setting by letting you register mobile phone so you can receive an authentication code by SMS.

If SMS authentication is set up, you can access the account either using the SMS code, or the Google authenticator code. Just make sure to keep your mobile phone number up to date in Coinbase.

3. Keep your alternate email address secret and secure.

Gmail asks you for an alternate email address so they can send you your password if you forget it.

If somebody else knows that address, and the address has a weak password, you could seriously compromise your overall security, as the second email address could be used to retrieve your password from Gmail. If the Gmail account is compromised, then your Coinbase or Blockchain.info address could be compromised.

Yes, 2 step authentication will make it difficult to log into the Gmail account even with the password, but still, there's no need to compromise your password at all.

So when you register your Gmail account make sure nobody knows the alternate address and to use a strong, 16 chatacter password for the alternate address.

4. Avoid password typing mistakes on Coinbase

Coinbase will suspend access to your account for 24 hours if you enter the wrong password for more than a couple of times, or if you enter the wrong authentication number. So make sure you enter both items correctly. They will also lock up your account if you log in and out too many times durinf a 24-hour period.

While it is inconvenient to be locked out of your Coinbase account, it is also a good way to keep attackers away. Still, not being able to access your bitcoins is a problem even if it is for the sake of security. Hence, you should consider how many bitcoins you want stored in a Coinbase wallet and how many bitcoins you may want in a local cold storage wallet just in case you get locked out of your account.

Found this tutorial useful? Tip us!
Bitcoin: 1J4jtLc3zwpBu3mpX1pEP4rWmCjAm8L75K
Click here to get some FREE BITCOINS.

No comments:

Post a Comment