Wallet Security Dos and Don'ts
This is the approved revision of this page, as well as being the most recent.
This article should not be considered as a replacement for the more in-depth articles on best practices, however key points in wallet security:
- DO seek to understand what you are doing, before you do it
- DO verify understanding by testing with testnet
- DO encrypt your wallet with a strong passphrase
- DO use recommended software from the list at https://bitcoin.org/en/choose-your-wallet
- DO make multiple redundant backups of your wallet
- DO keep your OS up to date and run a virus scanner
- DO manage significant amounts in offline wallets
- DO prepare for black swan disaster scenarios when dealing with large sums (e.g., fire & water damage, theft, head injury and death)
- DO NOT trust an untrustworthy device or program to generate your wallet keys
- DO NOT generate cold storage keys on Internet-connected machines.
- DO NOT reconnect to the Internet a machine that has had access to cold storage keys.
- DO NOT reuse a wallet encryption passphrases with online services
- DO NOT store your wallet on cloud storage (Dropbox, etc.)
- DO NOT re-use addresses