Connect with us

Blockchain

Crypto OPSEC [2020]: Accounts, Cell Phones, 2FA & Security

Staying up to date with security best practices is vital as a cryptocurrency investor, trader or user. This guide will help you learn how to minimize the risk associated with using cryptocurrency websites, exchanges, and services. If you are a public figure involved in cryptocurrency, the importance of following proper security practices is even more critical. […]

Crypto OPSEC [2020]: Accounts, Cell Phones, 2FA & Security was originally found on Blokt – Privacy, Tech, Bitcoin, Blockchain & Cryptocurrency.

Published

on

Staying up to date with security best practices is vital as a cryptocurrency investor, trader or user. This guide will help you learn how to minimize the risk associated with using cryptocurrency websites, exchanges, and services.

If you are a public figure involved in cryptocurrency, the importance of following proper security practices is even more critical. You should consider yourself an active target for hackers. Many vloggers, bloggers, hedge fund managers and other individuals who have spoken or written publicly about cryptocurrency have had funds stolen, or at the very least, thefts have been attempted. This, however, is not a reason to slack if you’re not a public figure, there are numerous ways bad actors can find crypto holders and choose a mark, it’s not exclusive to those in the spotlight.

1 Accounts

AccountsThe accounts you set up and use for cryptocurrency related matters are a potential security concern. Bad actors can use information found via these accounts to home in on the identity of the person behind them.

For example, let’s imagine you always use the username “crazy_crypto_fiend.” Even if your e-mail address is not visible on a target website, an attacker can search for your username on other sites, which might publicly display their users’ e-mail addresses, and locate yours. Once they have your e-mail from this third party website (perhaps with lower security standards), they can use it as a starting point to get into your accounts on crypto exchanges.

Let’s look at the options for remaining as anonymous as possible when creating accounts on any website or platform:

Unique Usernames

Noone cares how much you love it, drop it. Start using random usernames for accounts on websites, social media and in particular, crypto-related sites. As mentioned above, your username can be used as an attack vector if it’s plastered all over the internet so make sure you are using unique usernames for every website or service.

Random Passwords

This should go without saying. Do not re-use passwords across multiple websites. There are regular database dumps of usernames, e-mails, passwords and personal data made available to hackers, sometimes from prominent sites such as Yahoo. Use a long password which contains numbers, uppercase letters, lower case letters, and punctuation. The length is extremely important, so use passwords that are as long as possible. It would take considerably longer for a hacker to brute force a thirty letter password than a five letter password. Your password manager should have an option to generate and store these passwords for you, more on password managers further down.

Crypto-Specific E-Mail Address

Use an e-mail address specific to your crypto dealings. This way, it is harder for attackers to locate your e-mail address from social accounts, database dumps and through other means. Don’t include your name in your crypto e-mail address, something generic would be much more secure.

Stay Informed to Hacks & Dumps

Knowing when your e-mail, username, password, or personal data has been compromised is useful when trying to keep your online identity secure. Sign up with have i been pwned to receive notifications when your information is contained within a dump. It’s advisable to sign up with your personal e-mail and your crypto-specific e-mail.

2 Password Managers

Password ManagersWondering how on earth you are going to remember multiple random, long, and unique passwords? Have no fear; password managers are here. A password manager allows you to sign with a single password and then automatically fill passwords on other sites from an encrypted database. You can view some of the available password managers here. The issue here is that you have one single password as a point of failure. If your password manger’s password is compromised, everything is compromised. To further secure your password manager you must set up 2-factor authentication on it.

3 Two-Factor Authentication

Two-Factor AuthenticationIn today’s climate, two-factor authentication, or 2FA, is essential to keeping your accounts safe from hackers. There are two main options when considering which software to use for your 2FA needs:

The Options

  1. Google Authenticator
  2. Authy

The 2FA software runs on a mobile device and can be downloaded from the Google Play Store or the Apple Store depending on your handset. Never download apps from a third-party website. Avoid using SMS as 2FA at all costs. Your telco could unknowingly port your phone number to a hackers SIM which would allow them to take over your accounts. More on this later.

There are pros and cons for each of these 2FA options. Google Authenticator is more secure out of the box, but Authy can be backed up to multiple devices which means you are not locked out of accounts should you lose your primary handset. I’ll explain how to secure Authy so that you have the benefit of multi-device backup, without the security flaws that can be present in some configurations. You will need a backup device to install Authy on too.

  1. Install the Authy app on your main handset
  2. Add 2FA to your chosen websites using the Authy app
  3. In the settings on your main handset, allow multi-device
  4. Install the Authy app on your backup device
  5. Check that your accounts have synced across both devices
  6. In the settings on your main handset, turn off multi-device
  7. Setup a PIN number for the Authy app on both devices

Now both devices will sync, but further devices cannot be added to sync. This means that if an attacker was to compromise your mobile number, (it happens much more than you might think) they will not be able to add Authy to their device and sync your accounts.

If you choose to use Google Authenticator, you will be required to print and store backup codes for each website you decide to add.

Secure Your Accounts

Now that you have 2FA setup, you need secure your accounts. It’s best practice to secure everything that allows it. Most decent websites support 2FA these days, so get it enabled. Here’s a list to get you started, securing all of the below is extremely IMPORTANT:

  • Add 2FA to your password manager
  • Add 2FA to your Google account(s)
  • Add 2FA to your e-mail accounts
  • Add 2FA to your crypto exchange accounts
  • Add 2FA everywhere else you can

4 Mobile Phones

Mobile PhonesYour mobile phone is a weakness in your security armor. Hackers regularly trick telcos into porting their victims’ numbers to their SIM cards by simply calling up, and playing it dumb. They could have also obtained personal details about you from a dump, hack, social network or some other means which will give them extra sway with your telco when they’re trying to pass themselves off as you. This is the main reason it is a bad idea to use SMS as a 2FA option.

There are some steps you can take to secure your mobile account, but sometimes these options may not be available, it depends on your telco. It’s advisable to do as many of the below as possible to secure your account:

  • Set up an account PIN number
  • Ensure this PIN number must be used to talk to a representative or make any changes at all on your account
  • Memorize your PIN
  • Ask your telco what would happen if you forget your PIN and ensure it is secure
  • Use a telco specific e-mail address for your account (similar method as using a crypto-specific e-mail)

5 Think Like a Nasty Hacker

HackerIf you were a career hacker, whose income revolved around finding and exploiting information relating to a person, e-mail account, or phone number, what lengths would you go to? The answer is probably “any,” and this is why you need to put yourselves in a hackers shoes to make sure you are secure.

Being security aware is more of a mindset than a method, but the following steps should get your started to thinking like a hacker:

  • Dox yourself – use Google, social media and other resources to try to find your personal information online.
  • Do the above for names, addresses, e-mails, phone numbers and any other personal information you can think of.

There are many ways a hacker can infiltrate your online identity, and it’s important to stay in the mindset that it could, and might, happen to you.

I’ll leave you with the eeriest example:

The photos on your mobile phone may contain EXIF data. This data includes the make and model of your phone, the software version (hacker jackpot), the date and time you took the photo and the GPS coordinates of where you took the photo (amongst other things). Yes, you heard me right, your uploaded photos could give a hacker or thief pinpoint directions to your house, bedroom or office. Scary right?

Luckily, most major social networks strip this data away from uploaded images, but there are plenty of smaller sites, blogs, and services that don’t. Something as simple as uploading a photo could lead a hacker to your address. If this doesn’t drive the importance of OPSEC and good security practices home, then I don’t know what will.

If you want to learn more about to secure your crypto holdings, then grab yourself a hardware wallet and read our in-depth guide.

Feel free to debate the methods discussed in this article below. If I’ve missed anything, please let me know.

Blokt is a leading independent privacy resource that maintains the highest possible professional and ethical journalistic standards.

Source: https://blokt.com/guides/opsec

Blockchain

Bitcoin dominance is an irrelevant metric unless…

Published

on

The volatile cryptocurrency market has given way to multiple metrics for the market observers to analyze and predict what’s coming next. One such metric has been Bitcoin dominance, but as per Su Zhu, it should not be relevant to you unless you are a billionaire.

How so?

The CEO of Three Arrows Capital opined this after noticing the trend of the newcomers avoiding Bitcoin and Ethereum and opting for risky crypto tokens. When the largest digital asset was stuck in a wider correction period, altcoins like Dogecoin [DOGE] grabbed much attention. This was possible due to the hype created by Tesla CEO or, self-proclaimed “doge-father,” Elon Musk and the Doge community.

However, understanding the newcomers’ enthusiasm Zhu opined that if he were to bet on projects now, he would choose Solana and Avalanche.

Despite the popularity of altcoins, the exec remained bullish on Bitcoin and Ethereum as he expected, the former to flip gold’s market cap, and the latter to eventually hit a value above $25,000. Bold predictions, but nothing we haven’t heard before.

However, newcomers were more bothered about the dominance metric but as data suggested, Bitcoin dominance has recently been falling. The dominance was hit earlier but recovered to form a peak at 49.25% on 30th July. But given the correction phase that followed, the dominance of BTC fell and was last noted to be at 40% on 10th September.

It is interesting to note that despite plenty of adoption related news such as that of El Salvador, coming in over the past few weeks, it looks like the dominance has remained unaffected by it.

Source: CoinMarketCap

Twitter user and crypto enthusiast, @HsakaTrades also noted that Bitcoin dominance was not a relevant metric for anyone who has a “sub mid 9fig portfolio]. Agreeing with Hasaka, Zhu added,

“To clarify, if you’re holding for 5+ yrs, you shouldn’t be thinking about btc dominance in the first place. And obv btc and eth have a strong place in that portfolio.

If you’re allocating actively atm, and think debating btc v eth v alts is a good framework, you’re ngmi.”

While this advice could stand true for experiences, long-term trader interested in making money, but not the ones looking out to invest in tech. This was especially highlighted in the comments wherein the crypto users were upset about the CEO’s Solana [SOL] recommendation that recently witnessed an outage.

Nevertheless, the trading advice and strategies differd from trader to trader and Zhu’s opinion to not focus on the BTC dominance, prebably stemmed from a hodlers perspective. While interesting projects were now erupting in the crypto space, it looks like Bitcoin’s dominance, not only in terms of price, but as a crypto project could be challenge.

Where to Invest?

Subscribe to our newsletter

PlatoAi. Web3 Reimagined. Data Intelligence Amplified.

Click here to access.

Source: https://ambcrypto.com/bitcoin-dominance-irrelevant-for-anyone-not-10figs

Continue Reading

Blockchain

Millions of Dollars Raised Through Solana’s DeFi Projects

Millions of Dollars Raised Through Solana's DeFi Projects

PAI, an algorithmic stablecoin, backs Parrot Protocol. Grape Protocol was the primary source of the downtime. Solana has been up

The post has appeared first on thenewscrypto.com

Published

on

  • PAI, an algorithmic stablecoin, backs Parrot Protocol.
  • Grape Protocol was the primary source of the downtime.

Solana has been up nearly 3200% since August. Investors’ interest in Ethereum rival systems featuring DeFi, NFT, and smart contract services has risen dramatically.

The software applications that simulate legal contracts are smart contracts. Once housed on a blockchain network, the software application will run automatically without human intervention.

This month, Solana’s DeFi initiatives raised millions of dollars. This is another proof of Solana’s potential to compete with Ethereum. Currently, Ethereum has the most DeFi and NFT projects.

Bots raced to invest in a token sale for Grape Protocol over flooded the blockchain, causing Solana to collapse for 17 hours on Tuesday. Let us take a look at the few IDO that helped raise millions.

Grape Protocol

Grape Protocol, the primary source of the downtime, managed to raise just $600,000 on Raydium’s “Acceleraytor.”

Tokenized communities may use Grape Network to connect to platforms like Discord, Telegram, and soon twitter to collaborate over Solana and reward members with crypto.

Parrot Protocol

Parrot Protocol is based on Solana. Investors in the Initial DEX offering included Sino Global Capital, Alameda Research, and QTUM VC. Moreover, to put it simply, Parrot is a non-custodial lending platform and decentralized exchange.

PAI, an algorithmic stablecoin, backs Parrot. Furthermore, Parrot offered a governance token called PRT in its IDO. Thus, allowing investors to vote on the protocol’s operation and farm yields on Solana without affecting other Layer 1 blockchains.

Solana’s failure impacted Parrot’s IDO, but it was resolved by Sept. 16. Moreover, the team said it would start working on PRT staking, NFTs, and adjustable interest rates in “Letter from the Parrot.”

Several Solana initiatives will be launched in the next day’s/weeks. Examples include Solanium, Boca Chica, and Solstarter. On Solanium, whitelisted users may buy MatrixETF.

PlatoAi. Web3 Reimagined. Data Inteligence Amplifed.
Click here for Free Trial.

Source: https://thenewscrypto.com/millions-of-dollars-raised-through-solanas-defi-projects/

Continue Reading

Blockchain

Cosmos (ATOM) Lead Market-Wide Rally

Cosmos (ATOM) Lead Market-Wide Rally

Cosmos’ creators call it an “internet of blockchains.” ATOM also launched a bridge to Ethereum at the end of August.

The post has appeared first on thenewscrypto.com

Published

on

  • Cosmos’ creators call it an “internet of blockchains.”
  • ATOM also launched a bridge to Ethereum at the end of August.

Cosmos (ATOM) blew up 10.74 percent overnight to establish a new price of $39.58, according to CoinMarketCap. It surpassed $40 yesterday, reaching $40.76. Despite today’s minor decline, Cosmos’ price was still ten dollars more than seven days ago, and twenty dollars higher than this time last month.

Its creators call it an “internet of blockchains.” It’s an interoperability network that allows various blockchains to connect, exchange data, and interact with one another.

In short, Cosmos claims to address some of the “hardest problems” in the blockchain sector. It seeks to provide an alternative to “slow, costly, unscalable, and ecologically harmful” proof-of-work protocols like Bitcoin by connecting blockchains. On August 18, Cosmos rose 25% from $15 to $20 after the introduction of Emeris, a cross-chain DeFi interface.

It also launched a bridge to Ethereum at the end of August. The inter-blockchain communication protocol (IBC) allowed trade across the Cosmos and Ethereum networks for the first time, along with the integration of Sifchain.

Cosmos Might Soon Over Take FTX Token

Cosmos is “Blockchain 3.0” — thus, as previously said, ease of usage is a significant objective. To this aim, the Cosmos SDK emphasizes modularity. This enables a network to be created quickly using existing code. Long term, it is anticipated that sophisticated applications would be simple to build.

Cosmos now has the twenty-first largest market value, but at this pace, it would only take $0.8 billion to flip FTX Token and make a bold entry into the top twenty.

Some in the crypto sector, much worried about the amount of fragmentation in blockchain networks. There are hundreds, yet few can converse. Cosmos wants to change this by making it feasible.

PlatoAi. Web3 Reimagined. Data Inteligence Amplifed.
Click here for Free Trial.

Source: https://thenewscrypto.com/cosmos-atom-lead-market-wide-rally/

Continue Reading
Uncategorized4 days ago

Wicked Craniums are now Nifty Gateway!

Blockchain3 days ago

Massive NFT and Token Giveaway from Polker as Staking is Announced!

Uncategorized4 days ago

Swissquote Confirms European Expansion Plan, Focusing on Crypto

Uncategorized4 days ago

Acorns Hires Former Amazon Executive as President, Hints at Crypto Options

Blockchain4 days ago

Biggest Crypto Adoption Rumours: Apple, Amazon, and Walmart

Uncategorized4 days ago

Investor: Coinbase’s $2 billion junk bond deal shows crypto ‘supercycle’ is in place

Blockchain4 days ago

Gate.io Introduces OpenPunks, A Community-Based NFT Collection

Uncategorized4 days ago

Head of Australian Crypto Exchange Says Regulations Are Beneficial

Blockchain4 days ago

The Signal and the Noise

Uncategorized5 days ago

How to fix the Party Member Preloading error in Apex Legends

News4 days ago

Evaluating Credit Card Debt Relief Options

Uncategorized4 days ago

Nickelodeon All-Star Brawl will include DLC fighters post-launch

Uncategorized4 days ago

Bingbon Launches its Carbon Free and Afforestation Project

News3 days ago

Gods Unchained and Guild of Guardians Layer 2 Solution Immutable Raises $60 Million

Blockchain4 days ago

Public.com Inks Deal with NFL Star to Advise on Financial Literacy Programs

Blockchain1 day ago

Over 40 days after Ethereum’s EIP-1559, here’s where it stands

Blockchain4 days ago

What’s Behind Elrond (EGLD) Daily Surges?

Uncategorized4 days ago

This needs to happen before Peter Schiff will buy Bitcoin (BTC)

Blockchain4 days ago

Ethereum’s Infura Launches Tool To Prevent Over-payment Of Fees

Blockchain4 days ago

xtingles To Drop Its First ASMR NFT “Free Like A Butterfly” On September 16

Trending