Table of Contents
Money Investing
Article updated on Mar 17, 2022

Holding Bitcoin? Here’s How to Keep Your Crypto Safe

Everything you need to know about hot wallets, cold storage and seed phrases.

Why You Can Trust CNET Money
Our mission is to help you make informed financial decisions, and we hold ourselves to strict . This post may contain links to products from our partners, which may earn us a commission. Here’s a more detailed explanation of .
Our Experts
Justin Jaffe Julian Dossett
Written by 
Justin Jaffe

Justin Jaffe

Managing editor

Justin Jaffe is the Managing Editor for CNET Money. He has more than 20 years of experience publishing books, articles and research on finance and technology for Wired, IDC and others. He is the coauthor of Uninvested (Random House, 2015), which reveals how financial services companies take advantage of customers -- and how to protect yourself. He graduated from Skidmore College with a B.A. in English Literature, spent 10 years in San Francisco and now lives in Portland, Maine.

See full bio
Julian Dossett

Julian Dossett

Writer

Julian is a staff writer at CNET. He's covered a range of topics, such as tech, travel, sports and commerce. His past work has appeared at print and online publications, including New Mexico Magazine, TV Guide, Mental Floss and NextAdvisor with TIME. On his days off, you can find him at Isotopes Park in Albuquerque watching the ballgame.

See full bio

CNET staff -- not advertisers, partners or business interests -- determine how we review the products and services we cover. If you buy through our links, we may get paid.

Reviews ethics statement
Our Experts
Justin Jaffe Julian Dossett
Written by 
Justin Jaffe

Justin Jaffe

Managing editor

Justin Jaffe is the Managing Editor for CNET Money. He has more than 20 years of experience publishing books, articles and research on finance and technology for Wired, IDC and others. He is the coauthor of Uninvested (Random House, 2015), which reveals how financial services companies take advantage of customers -- and how to protect yourself. He graduated from Skidmore College with a B.A. in English Literature, spent 10 years in San Francisco and now lives in Portland, Maine.

See full bio
Julian Dossett

Julian Dossett

Writer

Julian is a staff writer at CNET. He's covered a range of topics, such as tech, travel, sports and commerce. His past work has appeared at print and online publications, including New Mexico Magazine, TV Guide, Mental Floss and NextAdvisor with TIME. On his days off, you can find him at Isotopes Park in Albuquerque watching the ballgame.

See full bio

CNET staff -- not advertisers, partners or business interests -- determine how we review the products and services we cover. If you buy through our links, we may get paid.

Reviews ethics statement
Why You Can Trust CNET Money
Our mission is to help you make informed financial decisions, and we hold ourselves to strict . This post may contain links to products from our partners, which may earn us a commission. Here’s a more detailed explanation of .
Table of Contents
Peter Dazeley/Getty Images

Cryptocurrency like bitcoin and ether are lines of code on a server. Since crypto is fully digital and there are no physical assets, protecting it requires some technical know-how. Where you store your digital currency and how it could be susceptible to hacks are important to understand. 

We’ll walk you through the different types of crypto wallets and a few helpful security fundamentals. Here’s what you need to know to keep your cryptocurrency safe. 

Using exchange default wallets is risky

Many newcomers buy cryptocurrency from an exchange, such as Coinbase or Kraken, and leave their holdings in those sites’ “custodial” wallets. But like any other online entity, exchanges are vulnerable to hacking -- and as the crossroads for many billions of dollars of transactions every day, they make for particularly attractive targets. 

The cautionary tales of Mt. Gox, which “lost” 750,000 of its customers’ bitcoins in 2014; NiceHash, which was robbed of $60 million in December 2017; and a close call at Binance in 2018 show the risks associated with leaving your coins in an exchange’s online wallet.

Cold storage vs. hot wallets

Conventional wisdom dictates that if you’ve got more virtual currency than you’d be comfortable carrying around on your person, or you intend to hold it as a long-term investment, you should keep it in “cold storage.” This could be a computer that’s disconnected from the internet or a specialized USB drive called a hardware wallet.

Dedicating a computer to store your cryptocurrency or shelling out for a hardware wallet isn’t an option for everyone, however. Well known devices such as the Trezor and Ledger cost between $120 and $220 and, by design, add complexity and a few extra steps to every transaction. Software wallets, by contrast, are usually free and easily accessed though, ultimately, less secure.

Three kinds of software wallets

A cryptocurrency wallet’s primary function is to store the public and private keys you need to conduct a transaction on the blockchain. Many also offer features such as integrated currency swapping. Software wallets can be roughly divided into three kinds: desktop, online and mobile. These categories overlap, as many software wallets can function across devices. Each type offers a different combination of convenience and security. 

  • Mobile app wallets are optimized for retail transactions -- that is, paying for stuff with bitcoin or another cryptocurrency. But because your encryption keys are stored on your phone, you lose your coins if you lose your device. But if you keep your private keys in a safe place, you may be able to restore your wallet on a different device, depending on the type of mobile crypto wallet you use. You thought it was a bummer to leave your phone in a taxi? Imagine how bad it will be if it has thousands of dollars of cryptocurrency locked on it.
  • Desktop wallets are software you install on your computer. They give you lots of control over your assets but, if connected to the internet, remain vulnerable. A malware infection, the remote takeover of your computer or -- even if you’re not online -- a hard-drive failure could be a catastrophe. So make sure to keep track of your private keys and store them in a secure place.
  • Online wallets are hosted on a server, typically one controlled by a cryptocurrency exchange. This makes them convenient because they’re accessible from any internet-connected device. The downside: Your private keys are usually known to the website owner. This is known as a custodial wallet, where someone else has access to the private keys and keeps them for you. So you’re trusting the company that controls the keys to your wallet. And, from a technical perspective, there’s not much to stop them from simply taking your coins.

Security fundamentals 

Whether you choose a hardware, software or paper wallet to manage your passwords and private keys, there are a handful of tips you can follow to keep your stash safer. These include:

  • Be cautious of any online service -- any device connected to the internet is vulnerable 
  • Encrypt your wallet with a strong password
  • Use a hardware wallet that’s disconnected from the internet, when possible
  • Regularly back up your wallet and store your backups in multiple locations
  • Use multisignature security, which helps maintain control of your coins even if one of your devices is compromised
  • Generate, write down and hide your wallet’s mnemonic seed -- a group of words you can use to restore your wallet in the event of a hardware failure
  • Don’t share private keys or passwords
  • Be aware: if something seems too good to be true, it may be a scam

More crypto advice

Justin Jaffe
Written by
Justin Jaffe
Managing editor
Read more from Justin
Justin Jaffe is the Managing Editor for CNET Money. He has more than 20 years of experience publishing books, articles and research on finance and technology for Wired, IDC and others. He is the coauthor of Uninvested (Random House, 2015), which reveals how financial services companies take advantage of customers -- and how to protect yourself. He graduated from Skidmore College with a B.A. in English Literature, spent 10 years in San Francisco and now lives in Portland, Maine.
Julian Dossett
Written by
Julian Dossett
Writer
Read more from Julian
Julian is a staff writer at CNET. He's covered a range of topics, such as tech, travel, sports and commerce. His past work has appeared at print and online publications, including New Mexico Magazine, TV Guide, Mental Floss and NextAdvisor with TIME. On his days off, you can find him at Isotopes Park in Albuquerque watching the ballgame.
Advertiser Disclosure

CNET editors independently choose every product and service we cover. Though we can’t review every available financial company or offer, we strive to make comprehensive, rigorous comparisons in order to highlight the best of them. For many of these products and services, we earn a commission. The compensation we receive may impact how products and links appear on our site.

Editorial Guidelines

Writers and editors and produce editorial content with the objective to provide accurate and unbiased information. A separate team is responsible for placing paid links and advertisements, creating a firewall between our affiliate partners and our editorial team. Our editorial team does not receive direct compensation from advertisers.

How we make money

CNET Money is an advertising-supported publisher and comparison service. We’re compensated in exchange for placement of sponsored products and services, or when you click on certain links posted on our site. Therefore, this compensation may impact where and in what order affiliate links appear within advertising units. While we strive to provide a wide range of products and services, CNET Money does not include information about every financial or credit product or service.