# Security Guide
As crypto adoption grows, **cybercriminals** become more active β using phishing, malware, and impersonation to steal your assets.
To secure your crypto, you must consider **multiple attack vectors** and implement strong practices across three layers of security:
## π Three layers of security
### 𧱠1. Network Layer
* Are your **private keys cryptographically secure**?
* Is the **blockchain safe** from attacks (e.g. 51%)?
***
### 𧩠2. Application Layer
* Do you use **trusted apps or exchanges**?
* How are your funds stored?
* Is your **account login secured** with strong passwords and 2FA?
***
### π 3. Real-World Layer
* Are your devices **encrypted and secure**?
* Is your 2FA setup safe?
* Have you set up **inheritance or recovery** instructions in case of death?
{% hint style="info" %}
Your **#1 job** as a crypto holder: **Protect your funds.** Self-custody and cold storage are key.
{% endhint %}
***
## π¨ Common Mistakes That Lead to Loss
* Reusing weak passwords
* Skipping 2FA
* Sharing or exposing **private keys**
* Saving keys or passwords online
***
## π§ Email Security for Crypto
#### π Why Email Is Important
Your email is the **gateway** to all your crypto accounts. It must be locked down.
#### β
Best Practices:
* Use trusted providers: Gmail, Outlook, Protonmail
* **Always enable 2FA** on your email
* Create a **separate crypto-only email**
* Be wary of **phishing emails** that try to scare or trick you
#### β‘ Quick Tips:
* Never trust email links
* Double-check the domain of login pages
* Use anti-phishing banners if your exchange offers one
* Visit [haveibeenpwned.com](https://haveibeenpwned.com) to check for data breaches
***
## π Two-Factor Authentication (2FA)
#### π² What You Need to Know:
* Enable 2FA **everywhere** (email, exchange, wallet, social media)
* Use **authentication apps**, NOT SMS (SMS is vulnerable to SIM swaps)
#### π‘οΈ Backup Codes:
* Store them **offline and securely** - like your recovery phrase
* NEVER screenshot QR codes or save them online
***
## πΌ Crypto Wallet Safety
#### β
Best Practices:
* **Donβt store large amounts** on exchanges
* Use **hardware wallets** (cold wallets) for long-term storage
* **Verify all details** on your wallet screen before confirming
* Be cautious of malware that swaps addresses β **double check recipient address**
***
## π Private Keys: The Most Important Thing
* Write down your keys on **paper or metal backups** (fire/waterproof)
* NEVER save private keys:
* Online
* In your phone
* On cloud services
* Donβt share keys with **anyone**
* Beware of **giveaway scams** asking for keys
{% hint style="warning" %}
If someone asks for your private key β it's a scam. No exceptions.
{% endhint %}
***
## π§ Final Thoughts
> Hacks are **rare** β most losses are due to **user error**, phishing, or negligence.
Remember:
* Cold wallets are **unhackable** unless **you give away** your private keys
* Security is not a chore β it's your opportunity to have peace of mind
{% hint style="success" %}
Think critically. Stay informed. Protect your future.
{% endhint %}
***