In the past few years until late 2017, most people came in touch with Bitcoin through mining them. Regardless if you’ve installed a mining software on your computer just to test this new thing out, or if you bought an ASIC miner or a mining rig worth several hundreds or thousands of Dollar, you would have needed to create yourself a private key, from which your public key is created, that you needed to put into the mining software, so that you can get the Bitcoins you mined.
If that’s some years ago, chances are high that you are one of those, who just tried it for some days or weeks, and then left all that new Bitcoin internet currency thing alone, because it wasn’t generating any noticeable amount of money. I did that too. I only mined for a week or so, and the BTC I mined would now be worth like about 1000 Dollars. And guess what: I don’t have the private key anymore.
Well, sure, 1000 Dollars isn’t a life-changing amount of money, but there are people out there who mined for several months, and maybe far earlier than I did. If they still would own their private keys or wallet passphrases, they would floating in money today.
The old people of crypto learned it the very hard way.
And new people to crypto? The last bullrun late 2017, early 2018 was the reason that many people now, at least, heard about Bitcoin. Most of them for sure still don’t know exactly what it’s about, but they know it’s an “Internet currency” and sometimes you can get rich with. But as with all things, often you don’t (especially if you don’t educate yourself before pumping money into anything you don’t know anything about). Well, those, who are still into crypto, often don’t know how important it is to keep their private key or wallet passphrase. They give it away, like they give away their credit card informations on websites, not knowing, that whoever owns a private key owns the coins and tokens on it.
And there are SO many scammers out there who want your coins. From obvious ones like companies with a website that screams “I AM NOT LEGIT”, to scam emails from your own email address that tell you, they have hacked your email address and if you don’t transfer x amount of BTC or ETH to their address, they would go public with all the details of you they allegedly gathered. But they didn’t hacked your email, they just used a free online service to disguise their email as yours, and still many not-so-well-internet-users are falling for this. And then there are all these corrupted softwares, browser plugins and mobile apps that just scan your device and steal all the cryptocurrency related informations out of it.
So, what can we do about it?
I believe, if we want to have cryptocurrencies used in our daily life, or at least that the prices go higher because more an more people are investing into it, we need to work on “adoption”. We’ve managed to learn how to, more or less, safely use the Internet without having to fear that we’re going to lose all of our money by using it. And we’ve even taught our parents, grandparents and children how to do that. What we now need to do is, teaching all of them, and ourselves, how to safely use cryptocurrencies and related things.
One part of it is to know the importance of a private key or a wallet passphrase.
For that reason, I’m writing this article, in hope it leads to more awareness of the importance of your private key or wallet passphrase.
The basics (super short and simple versions)
You need to know at least the basics and I try to sum it up in a very short and easy to understand way. I will stick to Bitcoin for this article, but most of what I’ve written here is the same with other cryptocurrencies and tokens.
The technology behind Bitcoin is the “blockchain”. It’s like a shared database which is used by everyone who uses the Bitcoin network, for example everyone that sends and receives Bitcoin. Let’s assume you own 2 BTC, then there would be a note on the blockchain that says like “the public address with the id [Your Public Address] has 2 BTC”. So don’t think of BTC like files on a computer, but more like a cashbook, or preciser, a ledger, where only the information is stored in the blockchain, which public address has which amount of BTC. So even if you lose access to your wallet, or your private key, the BTC will not be lost. It will only be unaccessible for you or anyone else.
To participate in the Bitcoin network (again, for example sending or receiving BTC) you need to have a wallet. A wallet is basically a program with which you can manage your crypto assets. The three things you’ll be usually able to do is to
- Send BTC
- Create a public address to receive BTC
- Have a look at the total amount of BTC on your wallet
A wallet will create a private key in the background and handle the requests for you, so you don’t have to do it and the risk is minimized that your private key is exposed to your computer where potentially corrupted software could steal it. You rather will get a wallet passphrase.
Wallets come in many forms and shapes.
Hot wallets are created on a websites. For example when you create an account on one of the exchanges to trade BTC, with you account creation there will also be a creation of a wallet for you in the background. But you will never get the private key of it, so, to be picky here, the exchange owns this wallet, not you. If the exchange is hacked, your coins get stolen. Or if the exchange is just in the mood, it could (and many have done in the past) lock your wallet and your access to your BTC. To be clear: There are some legit and trustworthy exchanges out there, but you should only keep your cryptocurrencies on an exchange for the time you trade. Do not store your coins and tokens there, because you don’t own that wallet. Again: Whoever owns the wallet / private key, owns what is in it. (Not your private key, not your coins).
Software wallets which come as desktop or mobile versions, are programs you can download, install and manage by your own. In this case, you are your own bank, which means you have full control over what you have there. But that also means you need to take care of backups and security. In the initialization process of a software wallet, you’ll most likely get a passphrase, usually consisting of 12 to 24 words, which act like a seed. This passphrase seed will then create your private key, and again, the public address will be created out of the private key. That means, your passphrase is your backup key. If you loose it and you delete the wallet, break the device the wallet was installed on, or lose the device, you’ll never get back access to your wallet and all the coins on it again.
Hardware wallets are the most safest way to handle cryptocurrencies. Most popular and trusted ones are the “Ledger Nano S” and the “Trezor”, but there are, of course, many other companies creating hardware wallets. Sometimes they look like a USB stick, sometimes like a credit card, sometimes like an external harddrive. But if a hardware wallet is well made, it has the one reason in common why it is so safe to use: the private keys, that will be created in the background, will never leave the hardware wallet. The good hardware wallets have a display, that will display your passphrase, like the ones from software wallets, in the initialization process, which you need to backup. After that, you can connect your hardware wallet to nearly any website which supports the model, and don’t have to worry about getting hacked. They often come with a software that acts like a multi wallet with which you can manage multiple cryptocurrencies and tokens on that one device. Hardware wallets use encryption processes on a military level, that is virtually impossible to hack.
When I heard of paper wallets for the first time, my initial thoughts were “how can I store something offline, that’s usually online?”. You create a paper wallet using any given and trustful software wallet that has an option to generate a paper wallet. It creates a new private and public key (public address) and gives you a print file. On it you’ll find your private key and your public key, both in plain text and as QR codes, and additionally some informations about the wallet. Since you are not able to send something from that wallet, because it’s paper and not software, it’s also called a cold wallet, because you can only use it to receive and hold (hodl!) coins and tokens. As we learned previously, the Bitcoin blockchain will only need a public key, so it can save the assigned amount of money to it. That part is online. But the private key, out of which the public key was created to send BTC to, can and should be stored offline (at least).
When you initialize a wallet, most of them will give you 12 to 24 easy to write words, like “moon” or “house”, which combined form your wallet passphrase. From this passphrase, your private key will be created, via voodoo (in this guide it’s not important to know how this works, but you can google it of course). You can also generate a password to encrypted the wallet passphrase, but if you do that, you need to remember it. Personally I would recommend to not encrypt your wallet passphrase and only save that passphrase in a durable way (more on that later).
So if you ever loose the device your wallet was installed on, you could simply install the wallet again, type in your passphrase, and gain back access to your wallet and all the coins and tokens on it.
You can also set a password for the wallet program itself, to limit the access to your wallet. So if someone gets access to the device your wallet is installed on, your wallet would be protected with a password.
If your wallet gets destroyed or lost and you don’t have the passphrase anymore, then you will not get access to your coins and tokens ever again. No one on this planet can help you get back access to it again.
The Blockchain only cares about keys. So if you want to participate with the Bitcoin network, you need to have at least a private key. We’ve learned in the last part, that a wallet will generate that for you in the background and you never going to see it. But if you want, you can create a private key yourself. There are many tools out there to do it. But if you don’t know what you’re doing, then please consider just using a wallet.
The private key is basically your password to gain access to your coins. So handle it with caution. You wouldn’t save your passwords in an unencrypted text file on your computer (I hope not), or post it somewhere on the Internet.
Similar to a wallet passphrase, you can type in your private key in most wallets, to manage your cryptocurrencies (send & receive BTC).
If you ever lose your private key, you will no longer have access to it and therefore never have access to what is on it. No one in this world can help you then.
Public Key (Public Address)
The public key is generated from your private key via voodoo. Of course it’s not voodoo, but how this process looks like isn’t important in this guide. You only should know, a public key can be created from a private key. But you can’t figure out the private key by encoding a public key. That in mind, you can be sure to be safe while posting your public key wherever you want. The worst thing that can happen is that someone would know, that this public key is yours (if you want to have this information secret, don’t post your public key on Facebook).
If you want to receive BTC, because you just bought it from an exchange and you don’t want to have it on a wallet that you technically don’t own (wink wink), then you would put in your own public key when you withdraw your BTC from that exchange. But always double or tripple check if the public key you’re sending BTC to is the right one. Because if you send it to another ones public key, the BTC will be lost. Always be cautious, it’s about money!
How to backup your wallet passphrase / private key
Now that we know the basics, I can present you some good methods to store your wallet passphrase or private key in a durable and save way.
What most people will first think of, is to store a digitally key in a digitally way. Makes sense! You can encrypt a file, a folder or complete volumes using free and good softwares like Veracrypt.
Write your private key or wallet passphrase into a file and encrypt it. When you do that, you should at least turn off the Internet for the time you’re creating your encrypted file. Use a strong password that you can remember, or write the password on a piece of paper and store it without any notes what it’s about somewhere safe, just in case you forget it. If you’ve copied the private key or passphrase doing this process, make sure you copy a random sentence after that. Or maybe don’t copy it at all. There are scam programs out there which search in your copy temporary storage for anything useful. Write your private key or wallet passphrase on a piece of paper and type it manually into the encrypted file.
Best way is to create a virtual box and do anything in there. That would provide an extra layer of safety.
After your file is encrypted and you properly written down the password for it, copy the files on multiple USB sticks and store them in multiple safe spots. Like one in a safe, one in the workroom, and so on.
Since it’s secured with a (hopefully) strong password, chances are very high, that if someone finds one of the USB sticks, they will not get access to the files on it.
If you store some sticks in other houses, for example your parents home, you would have access to it, even if your house would burn down.
In the process of creating the files, you could fall for some corrupted software that steals the keys before they are encrypted.
Since the backup for the password of your encrypted file needs to be in plain text somewhere, because otherwise it would be meaningless, it can be read by other persons that might should not read it.
This method isn’t the best of storing things for very long time. The encryption software you used could be outdated in some years and you would need to search for old versions that run on your new operating system. So there is a risk of not getting access to the file after many years, although you can remember the password.
Water, fire, even time, there are many ways a USB stick can break. There is a risk that all your USB sticks are broken, like in a flood, or fire, or other unlucky events.
Paper, Cardboard, Plastic
Even if you store your private key or wallet passphrase digitally and encrypted, you should at least have a not-electronic version as an additionally backup too.
Write it down manually, or if you feel the need to print it (my handwriting for example is awful, I couldn’t read what I’ve written a week ago), then you should at least turn off the Internet during the printing. Don’t use a WiFi or Bluetooth printer, it would be better to use a very old printer via USB, because WiFi and Bluetooth is easy to hack. After it is printed, you should laminate it. A laminating device doesn’t cost that much. Then store it somewhere safe.
Please don’t make the mistake of encrypting it yourself by changing some letters or numbers. This is your backup. You can split these informations in half and store them in different locations. But you should never alter something from your passphrase or private key. You will not remember this altering after a year or two. Don’t trust yourself! Split it into pieces and give every piece to a different lawyer or a family member or put it in different safes.
It maybe sounds a bit like paranoia, but don’t spell out the numbers, letters and words loud in front of your TV, Smartphone, Alexa or whatever. Just don’t spell them out in general. There are many things that can get hacked, and we’re surrounded by helpful and wonderful devices that make our lives easier and more comfortable. But most of them also listen constantly, and if someone hacked into it, then you shouldn’t tell the hacker your passphrase.
I know, I know. Maybe that’s a bit too much. But I just wanted to mention it.
Very affordable and quick
You can say your beloved ones where to find it, in case something bad happens to you
If you’re using a printed version, it’s readable for everyone
It cannot get hacked (after it’s printed or written down)
If you don’t split it, it’s readable to everyone
It’s vulnerable to fire, water, and even time, since ink can vanish over time as well as paper itself under bad conditions
It can get stolen
What you can do with paper, you can do with metals as well. Every metal that has a melting point higher than 1000°C (1832°F) is very durable against a house fire which has an average temperature of about 600°C (1112°F). If you use a metal that doesn’t rusts or rusts just a little, it can endure all kinds of watery environments.
If you don’t want the hassle to create such a thing yourself, there are many products out there that are helping you:
Phrasekeeper, (currently on Kickstarter) which is made out of copper and can get ordered in a set with high quality punching letters and numbers. You hammer your private key or passphrase into the copper. It’s melting point is 1083°C (1981°F) which is even a bit more than the “very save” mark of 1000°C (1832°F). Copper does can rust, but this copper rust can easily get removed. Old pennies (at least in Germany) were made out of copper too and the copper rust only makes them a bit green in some spots. Since you punch the letters into the metal, you can be sure it is readable even if the plates are deformed under heat or by force.
Cryptosteel, which is made out of steel and comes with a box full of little steel numbers and letters to put into the Cryptosteel card. Steel doesn’t russt and as a high melting point. The only concern I have is that these numbers and letters can be removed. Manually, or by the card deforming under heat or impact. That would be a nightmare if these letters and numbers would come off.
Solutions with engraving pen, with which you can engrave a metal plate yourself. The engraving will be not very deep, and you need to have a good handwriting and some kind of engraving skills (or practice a lot).
You should make sure to split your key or passphrase on two plates and place them in different spots.
If you’re using one of the metal methods and encrypted files, you will get the best of both worlds, offline and online. That should ensure that you will never lose access to your wallet and your cryptocurrencies and tokens.
You can say your beloved ones where to find it, in case something bad happens to you
Most of them are readable for everyone
It cannot get hacked
It’s durable against fire, water and other environmental influences
Creation process can take a while
If you don’t split it, it’s readable to everyone
It can get stolen
Isn’t that a bit too much?
If you’re holding 10$ worth of Bitcoin somewhere, many of these methods will not suitable for you. On the other hand, you never know. If you would have bought Bitcoins for 10$ a long time ago, that would still be a bunch of money today. But if you have coins and tokens worth 1000$ or more, these methods should give you a very warm feeling. And you never know how much of these 1000$ worth of coins will be in five years.
All what I can say is, that there are many stories out there of people who had hundreds or thousands of Bitcoin many years ago, when they were worth nearly nothing. If they didn’t sold Bitcoin very early, then most of them lost they private keys. And you don’t want to play “where’s Waldo” on a landfill with an old harddrive your millions worth of Dollars were saved on.
Keep in mind, your private key and/or your wallet passphrase is important. And if you don’t want to lose your cryptocurrencies or tokens, then you should take care of it.