Security Best Practices for Crypto Wallets

Security in crypto is paramount. Learn how to stay vigilant against hacks and crypto theft by securing your wallet.

What Can I Do to Stay Safe?

When it comes to safety and privacy, we must take extra precaution even though it may at times seem excessive.

Choosing a Strong Password

First things first, creating a strong password for accessing your wallet via the browser.

There are several password managers that allow you to generate and store complex passwords. Keep in mind that we have certain password requirements that are based on the ISO and NIST password standards and follow the GDPR password requirements.

Basic requirements are:

• Use of lowercase and uppercase letters

• Use of numbers

• Use of symbols

• Is at least 10 characters long

Storing Your Seed Phrase

Many users tend to forget how important it is to backup the seed phrase. If you do not have a backup, you're at a high risk of losing access to the wallet. The ArConnect team unfortunately cannot assist if this becomes the case.

ArConnect randomly generates a 12-word passphrase seed. Password managers most of the time allow you to save notes. Other options can include using hardware backup tools or even just old school pen and paper.

Conducting Your Own Research

There are several reputable password managers in the market today. However, there are certain things to keep in mind.

- Avoid the ones that have been recently hacked and breached (e.g. LastPass).

- If possible, check the password manager’s security model to ensure the data you entrust to it would be effectively impossible to decrypt.

For backing up your seed phrase, as we’ve already mentioned, there are a couple of ways of doing so. Choosing the right backup strategy for you is important.

- Figure out whether you want to back it up digitally (locally on PC) or physically (e.g. steel plates).

- Avoid third-party involvement as much as possible.

- Never upload your seed phrase or keyfile online, it will be at risk of exposure. This includes giving your seed phrase or keyfile to a support person asking for it. No support person ever needs your seed phrase or keyfile to provide support

Beware of Scams and Phishing

Be careful of links, think before you click! Malicious programs often get injected into your browser or worse into your OS itself.

Before signing transactions, be sure to trust the site's domain by verifying and double-checking. If unsure, use reputable URL scanners such as those provided by Cloudflare. There are countless fraudulent websites that mimic legitimate platforms to steal users’ funds.

Many scammers on Twitter, Telegram, etc. share links that guarantee you "free" tokens and NFTs in the disguise of airdrops. In recent months, many well known Twitter accounts have been taken over and were used to post malicious URLs for a brief period of time. One of the most common financial scams people fall into are called pig butchering scams. There is and will never be an investment scheme or strategy that will give you extraordinary returns.

If something seems too good to be true, it is most likely a scam. Always double-check sources and never give your seed phrase to anybody. Constantly be wary of unsolicited emails, messages, or links.

How Secure Is ArConnect?

ArConnect has been audited by Open Security for specific vulnerabilities that can cause a threat actor to exploit a high risk vulnerability on ArConnect and its various backend functions. At ArConnect, we implement RSA encryption. Though there are other wallets such as Trezor (ECDSA) or MetaMask (ECC) that use different encryption methods.

Getting Started with ArConnect

Ready to dive into the world of Arweave? Join over 20,000 users who are already navigating the world of Arweave with ArConnect. Start by creating an account at arconnect.io.

Looking for assistance or eager to join the community? Visit our Discord server for support and engagement.

And stay updated with the latest developments by following us on X.