Why is security critical in crypto?
Unlike a bank account, crypto has no "forgot password" option. No call center can reset your access. No deposit insurance. Whoever has your seed phrase — has all your funds, forever.
Seed phrase — the master key
The seed phrase (recovery phrase) is a sequence of 12 or 24 randomly generated words that represents your master key.
- Never enter it on websites or apps you don't control
- Write it on paper and keep it in a physically secure location
- Consider a fireproof and waterproof metal plate
- Never photograph it or send it by email
Hot wallet vs Cold wallet
Hot wallet (online): MetaMask, Trust Wallet, exchanges (Binance, OKX). Convenient for frequent use and small amounts. Always online — more vulnerable to attacks.
Cold wallet (offline): Ledger, Trezor. Hardware device that keeps private keys offline. For amounts over €500 — mandatory.
Two-factor authentication (2FA)
- Authenticator app (Google Authenticator, Authy) — better than SMS
- SMS 2FA — acceptable, but vulnerable to SIM swap attacks
- Hardware key (YubiKey) — most secure, for advanced users
Recognizing scams
- Phishing — fake sites that look like Binance/MetaMask. Always check the URL.
- "Send 1 BTC, receive 2 BTC" — classic scam, never legitimate
- Rug pull — team abandons the project and pulls liquidity
- Pig butchering — romance scam that ends with an "investment platform"
- Fake support — no one from Binance/MetaMask will ever contact you first
DYOR — Do Your Own Research
Before any investment: check the whitepaper, research the team (LinkedIn profiles, past projects), review tokenomics, verify that a code audit exists from reputable firms (CertiK, Trail of Bits), and never invest out of FOMO.