Security hygiene

Core principles

• Keys = coins: Anyone with your private keys (or seed phrase) can spend your funds.
• Backups before deposits: Confirm you can recover from your seed (and passphrase if used) before sending significant value.
• Minimize attack surface: Keep long-term keys offline; separate devices/roles.

Seed phrase & backups

• Write the seed clearly; avoid photos/cloud storage. Consider metal backup for fire/water resistance.
• Store backups in at least two separate, secure locations. Periodically verify legibility and completeness.
• If you use a BIP39 passphrase, back it up separately and treat it like a second factor.

Device & environment hardening

• Use a hardware wallet for savings; keep firmware updated from the official vendor site.
• Enable PIN on devices; lock down phone/PC with automatic updates and reputable antivirus where appropriate.
• Use a password manager; enable 2FA (authenticator app or hardware key) on exchanges and email.

Phishing & social engineering

• Never type a seed phrase into a computer or website. The correct place is your hardware wallet (or paper during creation).
• Bookmark official URLs; beware look-alike domains, fake support, and DMs.
• Verify downloads and addresses; send a small test transaction first when practical.

Spending safely

• Double-check the destination address and network. QR codes can help avoid typos.
• Prefer RBF for flexibility; confirm support in your wallet.
• For large or critical payments, consider multisig or require co-signers.

Recovery drills & lifecycle

• Practice restoring from seed on a spare/temporary device (offline) to verify your backups.
• Rotate or migrate wallets after device loss, suspected compromise, or life events (move, divorce, inheritance planning).
• Document a simple inheritance plan so trusted parties can recover if needed.

Educational content only; not investment advice.

See also: Wallet types · Fees & mempool · Back to “What is Bitcoin?”