Paper wallet security is something all users need to be aware of. Paper wallets work well for cold storage if you do it right and play it safe.
Here are ten security tips for using a Bitcoin paper wallet. Most of them apply anytime you are buying, selling or storing cryptocurrency. Not only when using paper wallets.
BASIC SECURITY MEASURES
1. When you want to spend the Bitcoin in a paper wallet always ‘sweep’ all the funds into a live wallet first. Never leave any change in the paper wallet. You can then complete your transactions from the live wallet. Any change is safe in your online wallet if you don’t spend all your Bitcoin.
2. Use several paper wallets to secure your Bitcoin offline. Spread the coins between them. If one wallet gets compromised or destroyed you won’t lose all your money. Use BIP38 encryption and keep the passphrase somewhere safe like a safe deposit box at a bank.
3. Install a browser for your Bitcoin transactions only. Do not use it for anything else. Make sure it retains no data once you close it. If you choose Firefox there are several settings you can check. Do these before any transactions.
Click on the hamburger in the top right corner and go to options.
Click Privacy & Security.
Make sure the Remember logins and passwords for websites box is not checked.
Set the options to Never Remember History.
Click clear all current history.
This box will appear.
Check everything and click on Clear Now.
Scroll down and click on Tracking Protection. Click on both the Always options.
Scroll down to Permissions and check the three boxes.
Uncheck the two boxes in the Firefox Data Collection Use section.
Scroll down to security and check all three boxes below.
Click Ask you every time in the Certificates section and check the Query OSCP box underneath.
You can also manually clear the cache.
Always use a new private window for your transactions. This lets you browse the internet without saving any information. BUT it is not 100% anonymous to your ISP.
Another suggestion is to try the Brave browser. The designers claim it does not track anything you do online. They say Brave is much faster than any other browser because it is not weighed down by ads and tracking. We are tesing it over several months to see how it performs. There is a Cnet review of it here.
4. If you want to put money back in a paper wallet DO NOT use an old wallet you have used to store Bitcoin in before.
Generate a new one in a secure offline environment. There is a tutorial on how to do that here. Transfer the Bitcoin to it from your live wallet. Always double-check the Bitcoin arrived in the new wallet.
5. Check your computer for malware and other threats before and after any transaction. Use a program like System Mechanic. Always have a top-notch Firewall and Virus scanner on your computer. Run the virus scanner before and after any transaction also.
6. Use a VPN program to mask your IP address when making any transactions online.
7. Use a password manager so no one can monitor your keystrokes. Always use a password generator to generate your passwords. Make sure it has 14 uppercase and lowercase letters, special character, and numbers. Minimum. This makes your password tough to decipher using brute force techniques.
8. If your paper wallet public key is online, (so you can accept Bitcoin donations for instance). Remember, anyone can go to Blockchain.info and paste in your public key and see how many Bitcoin you have. Do you have enough to make it worth a criminal coming after you?
9. Once you expose your paper wallet’s private key to the internet, consider it a security risk. Generate a new paper wallet for cold storage. Check the old one is empty and shred it.
10. Always enable two-factor identification on the live wallet website if possible by using a 2FA App. This gives you an extra layer of security. If someone has your password and logs in, the live wallet site will notify you to confirm your identity. If the site only offers SMS verification, use that. It’s better than nothing.
This goes for your email account as well. This makes it tougher for anyone to get in and look at sensitive emails or delete your account.
*Full disclosure. Some, but not all the links on this page are affiliate links. If you choose to buy from them, we will earn a commission.
Get our FREE how-to video series on cryptocurrency transactions