You’ll have seen the stories about people who should be Bitcoin millionaires…except they’ve lost their password or the device they’re stored on, and now they’re completely unable to access them.
It can happen. Unlike with a bank account, there’s no “reset password” link or number you can call if you lock yourself out. But don’t think of this as a downside of Bitcoin: its whole beauty is you have full control. There’s no organisation you need to trust not to ban you, spy on you, or change the rules on you.
This means that you must take responsibility for the security of your Bitcoin. Given how I’ve seen people treat their passwords for normal “centralised” services, I’d say that most people are wholly unprepared for this responsibility. (If that’s you, this article about maintaining your online security will set you straight.)
I’ll admit though, it’s not particularly easy or intuitive. I wrote this article to get it all straight in my own head, and it might help you too.
(General-purpose warning: There are bits in here that are sort-of-wrong-but-right-enough for the purposes of keeping it easy to understand, and there may be other bits that are wrong without me realising. If you’re dealing with meaningful amounts of Bitcoin, you can start here but you should read MUCH more widely to develop a full understanding.)
Convenience over security
The easiest way to deal with Bitcoin is to buy it on an exchange (like Coinbase), then keep it on that exchange.
An exchange is just a website, like your bank’s website, which you’ll log into with a username and password. You can create an account, swap your fiat currency for Bitcoin (by linking your bank account or debit card), then leave the Bitcoin sitting there.
For most people, this is the best way to get started with Bitcoin: there’s so much to get to grips with anyway, there’s nothing wrong with buying it and holding it in the simplest way possible.
However, leaving your Bitcoin sitting on an exchange is not secure. Why? Because exchanges are vulnerable:
- They can be hacked, and customers’ Bitcoin stolen
- The owners of the exchange could run off with it
- Regulators could shut the exchange down and seize all the Bitcoin
How likely are any of these things to happen? If you stick to one of the major exchanges, not very.
But still, the whole beauty of Bitcoin is you don’t need to trust anyone other than yourself – including an exchange — to keep your assets safe. So by sticking to exchanges, you’re not taking full advantage of the technology.
What’s more, using an exchange makes it possible to take a “relaxed” attitude to security. Typically you’ll sign up using your email address and password. Forget your password? You can reset it via your email address. But what if a few years go by, and you’ve lost access to that email address too? It happens.
Storing your Bitcoin yourself – away from exchanges – involves more effort, but that’s a good thing because it forces you to take it seriously. Do you have enough coins that you’d be upset for more than a day if you lost them completely? Then I’d recommend moving to self-custody.
Basic Bitcoin principles
You’ll hear about Bitcoin being stored in wallets. The term “wallet” is slightly misleading, because it implies that you possess the bitcoins in a physical location. In reality, bitcoins never exist anywhere except on the Blockchain.
It might help to think of the blockchain as a giant spreadsheet that keeps track of who owns what. When someone sends bitcoin to someone else, a new line is added to the spreadsheet to record the transaction and update the balance of everyone’s wallets.
This spreadsheet – a “ledger” in Bitcoin terms – is all that exists. Coins are never “sent” between people or “withdrawn” to a physical location: all that ever happens is updates to the ledger.
Private and public keys
To make a transaction on the blockchain, you need two things: a public key and a private key.
The public key is like your bank account number, which you give to someone if you want them to send you bitcoin. Just like with your bank account number, it’s harmless for your public key to be public knowledge – because all someone can do with it is send you money (which would be a bonus!), and it doesn’t allow them to spend money from your account.
Your private key is like your password or security code to your bank account. Just like if someone had the security code for your bank account they could send money to anyone they wanted, anyone who knows your private key has full control over your coins.
Unlike with a bank, there’s no “backdoor” to this private key. If you forget it, there’s no “password reset” process to get it back. If someone else finds out what it is, there’s no “second factor” (like sending you a text) to prevent them from using it maliciously.
Another metaphor for your private key would be the combination to a safe. If you know the combination, you can open the safe. If someone else sees the combination written down somewhere, they can open the safe. And if you forget the combination, whatever is inside the safe is forever locked away from you and everyone else.
Back to wallets, then. A wallet is just an application that allows you to manage public keys and private keys, and make transactions. In other words, you interact with the blockchain via your wallet.
When you open a new wallet, it randomly creates a new public/private key pair for you. It keeps track of how much bitcoin you’ve got in your wallet, and has functionality to make it easy for you to send and receive payments.
If you keep your bitcoin on an exchange, the exchange creates a wallet for you and holds your private key. However, as we’ve seen, this means you need to put your trust in the exchange: if something goes wrong, it’s out of your control.
To avoid this, you can move your coins off the exchange and into your own wallet – for which you control both the public and private keys.
Types of wallet
There are three main types of wallet to be aware of:
- Software wallets
- Hardware wallets
- Paper wallets
Paper wallets are strictly for the hardcore only. It means you can store wealth and make transactions using nothing but a pencil and a piece of paper, which I still find mind-blowing –but it’s not going to be practical for most of us.
Software wallets are available for mobile or desktop devices. With a good one, you’ll have full control of your private key: it’ll be stored on the device itself, so the maker of the software won’t have any access to it.
You’ll encrypt the wallet with a password, and if you forget the password you can restore it with a backup seed. However – if you lose both your password and the backup seed, the wallet can’t be unlocked and you’ll lose access to the coins stored inside it forever. This is why taking control of your coins is so powerful, but such an important responsibility too.
Because the private key is stored on the device and no-one else (including the software creator) has access to it, it removes the risks of keeping your coins on an exchange which we talked about earlier.
However, because your device is connected to the internet, it’s still possible for your your software wallet to be hacked and for someone to steal your private key (and therefore control over your coins). Any kind of malware or virus could technically find a way to expose your private key, or someone could install a malicious “keylogger” that transmits your password to them when you enter it.
To avoid this possibility and take the next step up in terms of Bitcoin security, you’ll need a hardware wallet.
A hardware wallet stores your private key on a physical device: it’s actually encoded into the physical chip itself, so there’s no way it can be exported. The wallet is always offline (indeed, it has no internet access capability) so no-one can hack into it.
Most hardware wallets look like a USB drive. You can transfer your coins onto one of these devices, put it in a drawer, and there’s absolutely no way anyone can access your coins. (You might wonder what happens if they find the device itself – we’ll get to that later.)
You still need to plug it into an internet-connected device like a laptop to actually make a transaction. You might think that this creates a risk, because someone could hack into the wallet while it’s plugged into a device that’s connected to the internet.
However, the connection between the wallet and the internet-enabled device is encrypted and the private key never leaves the hardware wallet.
In a nutshell:
- You initiate a transaction on your laptop, but it’s incomplete
- You plug in your hardware wallet, and the transaction gets sent over to it for signing
- The wallet uses the private key to sign the transaction, then sends the completed transaction back (without the private key going anywhere)
- The transaction is now ready to be sent from your laptop off to wherever it’s going
This means you’re totally dependent on your hardware wallet for spending your coins. That’s great for security, because it prevents anyone from hacking into your wallet over the internet.
It does though give rise to two other problems – both of which can be worked around.
Someone gets their hands on your hardware wallet
If you don’t put any further protection in place, anyone who physically gets their hands on your hardware wallet will have full control over your private key – and therefore over your coins.
It’s important to recognise that this is still a much lower risk than using a software wallet: rather than any internet user being able to hack into your wallet remotely, your only risk comes from people in physical proximity to you. If you keep your hardware wallet in a safe, there’s absolutely no risk.
However, it’s common to also protect the wallet with a password or PIN code – just like you would a mobile phone. This means that even if someone finds your hardware wallet in a desk drawer or steals it from your bag, it’ll be useless to them without knowing your code.
You lose your hardware wallet
Or you lose the PIN for it – or it gets damaged or destroyed. Then what? If physical access to the device gives control over your coins, does that mean that if you can’t access it anymore your keys are gone forever?
Well, yes – unless you’ve got the backup seed phrase.
The seed phrase is a set of 12 or 24 words that’s derived from the private key. Your hardware wallet will either prompt you to write these words down when you set it up, or give you the option to view them later.
By entering the seed phrase into any other wallet (software or hardware, same manufacturer or different), you’ll be able to recover the private key and get control of your coins – even if the original hardware wallet is lost and gone forever.
This means your seed phrase is actually more valuable than the hardware device itself:
- You can lose or break the device and still recover your key – but if you lose your seed phrase, that’s it forever
- If someone gets their hands on your hardware device, they’ll still need your PIN code (if you’ve set one). But if they get your seed phrase, they’ll have full control with no extra layer of security
In a way, this gets you back to the same problem as with the hardware wallet but more extreme: you have a “single point of vulnerability”, so you need to treat this phrase as if it were cash.
Just like anyone could just walk off with £100,000 if you left a bag full of banknotes lying around, they could walk off with £100,000 of Bitcoin if you leave your seed phrase lying around. You should therefore keep it in a safe, or somewhere else where it won’t be discovered, destroyed or degraded.
You should not attempt to remember it, store it in digital form anywhere (like in a notes app or password manager), or take a digital photograph of it.
A big responsibility? Yes. More scary than just keeping it in the bank? It seems that way…but as I said earlier, it just means you need to trust yourself rather than anyone else. Are you worthy of that trust? That’s for you to decide.
How to get started
I touched on it earlier, but I see Bitcoin security as a journey you’ll go on over time:
- Start by buying on an exchange, and storing it there
- Move to a software wallet, for better security and convenience if you want to spend it
- Eventually transition to a hardware wallet for the ultimate security, but more responsibility and effort
Each step along this journey involves a bit more research and work to set it up, and involves putting more trust in yourself and less trust in anyone else. If you only have £100 in Bitcoin, there’s just no point going to a lot of effort (unless £100 is a life-alteringly meaningful amount of money to you), but as you accumulate more the extra work becomes more worthwhile.
Bitcoin.org has a useful tool to help you choose a wallet based on your operating system, level of knowledge, and convenience/security trade-off.