What are your security "non-negotiables"?

[ZAINmalik75]

These are also my non-negotiables and habits. What are your non-negotiables for secure transactions? You may have some uncommon ones that can be helpful to everyone.

I don't like antivirus because they don't do the work as they advertised instead when you install some they install unnecessary programs with them causing system lag. Enabling 2FA for all the accounts is must and it gives us the chance to recover them when lost. Spreading out funds is also a good method but then we have to keep the seed phrases of those wallets offline and save and when there are more seed phrases then the pressure is also greater.

Using paid vpns and paid anti viruses is a reliable method to secure your data and we should never use public networks in my country. The government provides free internet in some areas and we all should avoid making transactions and even connecting our finance phones with such networks.

[|MINER|]

Are you referring to something like BitLocker? As far as I can tell, people can steal encrypted data but will need more time and effort to decrypt it. We need other ways to protect our devices to avoid that. I believe there are several ways to reduce the time required by doing additional attacks such as social engineering to trick users into inputting their password for the decryption process, planting a keylogger on a computer, and so on. If I remember correctly, some crypto wallet stealers use keyloggers to steal our funds so encryption won't help much. CMIIW.

That doesn't mean you should stop using passwords to secure your wallet though, that would be stupid.

Actually, I told the data encryption system here, even if you mean BitLocker, I will not say wrong. It is true that some crypto wallet stealers or hackers have that skill even that we encrypted our data they can also steal the key logger and steal our data, fund whatever you said.
But generally, if we store personal data such as passwords or private keys in an encryption method, it will increase our security to some extent. Although, if our browsing is not secure I mean if we browse the internet unsafely then no amount of security protocols can save us from hackers.

[PrivateKayla]

I hope everyone, especially newbies, can get some solid nuggets of wisdom from this thread. I have learned some new things as well.

Aside from common security practice, i would never share wallet private key/recovery words with multiple persons just to save some TX fee. I've seen some people claim they do such thing when they got caught operating multiple account.

Those 3 usually refer to same thing. But FYI, some of those actually is spyware where they collect and sell your data. Here's an example, https://www.tomsguide.com/news/avast-avg-data-collection

This is the first time I've heard of people sharing their private keys just to save on TX fees. Yes, I may have not mentioned it, but sharing these is a big no-no. Thanks for this link. Gives us something to think about.

Anyway to your points I would like to add another thing that encryption technology should be used to store the data so that no one can take the encrypted data x x.

Are you referring to something like BitLocker? As far as I can tell, people can steal encrypted data but will need more time and effort to decrypt it. We need other ways to protect our devices to avoid that. I believe there are several ways to reduce the time required by doing additional attacks such as social engineering to trick users into inputting their password for the decryption process, planting a keylogger on a computer, and so on. If I remember correctly, some crypto wallet stealers use keyloggers to steal our funds so encryption won't help much. CMIIW.

That doesn't mean you should stop using passwords to secure your wallet though, that would be stupid.

This sounds like a great idea, but will encryption technology be a challenge for those who are not tech-savvy? Or is it something easy to learn?

This particular one is underrated but my advice is never login your wallet details into another person's phone. Don't import your seed phrase into another persons phone and never even dare try it with your private keys because I have seen a situation where friends became enemies, one import a wallet on the other and later deleted the wallet not knowing the friend screen recorded everything and later has access to the phone.

In addition, avoid browsers that don't allow adblock. There are instances where some browser that are not strong auto download things that may cause your device to install malware you are not aware. Be careful and be vigilant.

It is underrated and yes, should be high up there with never sharing your private keys and seed phrases. I've never read this one from articles. I'm glad you mentioned it.

[ABCbits]

Aside from common security practice, i would never share wallet private key/recovery words with multiple persons just to save some TX fee. I've seen some people claim they do such thing when they got caught operating multiple account.

Those 3 usually refer to same thing. But FYI, some of those actually is spyware where they collect and sell your data. Here's an example, https://www.tomsguide.com/news/avast-avg-data-collection

This is the first time I've heard of people sharing their private keys just to save on TX fees. Yes, I may have not mentioned it, but sharing these is a big no-no. Thanks for this link. Gives us something to think about.

TX fees isn't the only reason, but few people actually do or seriously consider that. Here are some examples for curious reader,
https://www.reddit.com/r/crypto/comments/gi3llq/how_can_i_send_my_private_key_safely_to_someone/
https://bitcoin.stackexchange.com/questions/71096/how-can-you-share-a-plaintext-bitcoin-address-private-key-with-a-friend-and-ensu
https://bitcointalk.org/index.php?topic=5498457.msg64221639#msg64221639

[Lucius]

I don't like antivirus because they don't do the work as they advertised instead when you install some they install unnecessary programs with them causing system lag.
~snip~

A program cannot install anything else without your approval, and you can simply reject anything additional that some AV offers you if you think you don't need it. Regarding the load on working memory, I think that today's AV consumes very little RAM (from my experience), but if you have 2 GB of RAM and use W10, you should know that the system itself consumes at least half - therefore, for some kind of pleasant work on the computer today, you need at least 8 GB of working memory.

[bayu7adi]

I read a ton of articles on how to be secure in crypto transactions when I started. The common recommendations are:
1. Don't use a public network while transacting.
2. Use strong, unique passwords. Don't use the same ones.
3. Use a (paid) VPN.
4. Invest in anti-malware, anti-virus, and anti-spyware.
5. If possible, use a dedicated device for crypto alone.
6. Use a secure browser.
7. Never click on unknown and unsolicited links.
8. Enable 2FA in your accounts.
9. Always check URLs.
10. Spread out your funds.

A more comprehensive answer might be to simply not connect your computer to the internet... this can be done on a dedicated computer that is only used to access the wallet... remember... if the private key is what you are after, then points 2,3,5, and 8 are probably useless... while number 4 is probably more of a preventative measure...

For point 3, paid VPNs don't necessarily provide great security and privacy, .. but they are definitely better than free VPNs.

Some of the points you mentioned do try to prevent hacking, so they are helpful in some contexts.

[Z-tight]

I always recommend that people never store a large amount of their funds in an online wallet, it is too risky and any mistake can lead to losses, online wallets should only hold a small amount of your funds, the one you store for spending on the go. A hardware wallet or an airgapped wallet is what should be used for storing a large amount in BTC.