The Safest Way to Store Private Keys

Beginner Dec 11, 2019 · 6 min read

hardware wallet
Key takeaways
— When you own cryptocurrencies, what you really own is a private key. Whoever has the knowledge of this key can spend the associated funds.
— If you leave your crypto assets online, on an exchange for instance, you are basically not in charge: you are entrusting the exchange with your private keys.
— Owning your private keys gives you much more power and control but it also means you have to take care of their security.
— Hardware wallet offer best-in-class security.

How you store your private keys is absolutely critical to the security of your crypto assets. Read on to find out how to make sure you’re crypto stays safe.

When you own cryptocurrencies, what you really own is a “private key”, a critical piece of information used to authorize outgoing transactions on the blockchain network. Whoever has the knowledge of this key can spend the associated funds.

If your private keys are stolen or misplaced, or if you store them on a device that crashes, there is no bank or institution to back you up or give you a replacement: you lose access to your crypto. 

“Not your keys, not your bitcoins”

The way most individuals first get into cryptocurrency is by purchasing coins on an exchange platform, and leaving them there, especially if they have the intention to trade.

Not your keys, not your bitcoins

If you are keeping your crypto assets on an exchange, you are entrusting a third party with these private keys and mandating them to serve as a safeguard.

While exchanges provide some basic levels of security, the fact is that most trading platforms are not security companies, and you are entrusting them to keep your private keys protected with whatever measures they choose to implement. You’re also trusting the exchange platform not to have malicious usage of your assets. Your are basically not in charge, and hoping for the best.

With a series of high profile hacks on major crypto exchange platforms as well as a constant stream of headlines around individual crypto attacks, it’s more evident than ever before that security must be top of mind for every crypto investor no matter how large or small their assets.

With great power comes great responsibility

Owning your private keys gives you much more power and control, but it also comes with the needs to take care of their security. Many tools are available to manage your keys, usually called “wallets”, but not all of them are secure. There are 4 different type of wallets you could use to manage your assets:

online wallet

Online Wallets

Online wallets are online services that enable you to access your crypto assets from any browser that’s connected to the internet. When you leave your crypto assets on a cryptocurrency exchange platform, you’re actually using the platform’s online wallet.

The biggest advantage of online wallets is that they are easily accessible from any computer or other device with an internet connection.

Being online is also their biggest disadvantage asthey can become targets for hackers. Moreover, in most of the cases, you do not keep control of your private keys: they are controlled by the wallet provider.

software wallet

Software Wallets

Software wallets are applications that manage cryptocurrencies. They can be installed on your computer or smartphone

You remain in control of your private keys. They are not shared with or controlled by a third-party.

Unfortunately, since a software wallet is installed on your PC or smartphone, it is still connected to the internet which exposes your private keys to hackers.

Vulnerabilities of modern PCs and smartphones are well known, and if you keep your private keys there it’s just a matter of time before you’ll get hacked and lose everything.

paper wallet

Paper Wallets

A paper wallet is an offline mechanism for storing crypto assets. As suggested by its name, the process simply involves printing the private keys and its corresponding addresses on a paper sheet.

This is a simple way to store your cryptocurrencies keys offline. It requires paying great attention and care to this paper.

If your paper wallet gets lost or destroyed, you will permanently lose the access to your crypto assets. Also, processing a transaction with a paper wallet can be tedious and unsafe: you will need to manually enter your keys in a transaction tool, typically by using your computer’s internet browser which could expose the keys to a cyber attack.

hardware wallet

Hardware Wallets

A Hardware wallet is an offline storage option for private keys. This is a physical device that allows you to store the private keys in a secure offline storage. It generally also enables you to verify the transaction details on the device screen.  

With a hardware wallet, even if a hacker succeeds in getting control of your computer, he will not be able to steal your private keys and access your crypto assets. Your private key is kept offline and limits the risk of hacking.

As a result, hardware wallets are widely considered to offer the most secure wallet option.

This is why hardware wallets are booming in popularity and becoming the new standard bearer for crypto security.

A closer look to hardware wallet security

Diving into the physical and software security components reveals some promising options for hardware wallet users.

Hardware wallets offer a much more thorough level of protection, as these physical devices enable investors to take their private keys into their own hands and secure them into a harder-to-hack product.

First, hardware devices use encrypted chips for resisting sophisticated attacks and hosting numerous applications.

For example, in Ledger, we use Secure Element (SE) chips, cryptographically protected chips used in the likes of passports and SIM cards: your private keys stay safe and isolated inside the secure element. Additionally, our physical devices are independently certified by ANSSI, the French cybersecurity agency. 

security certification

However, even hardware wallets are prone to attacks including physical attacks to abstract keys, fault attacks to disrupt a wallet’s chip causing faulty behavior or hacker access, and side channel attacks, which involves a hacker “listening” to the chip’s electric or electromagnetic signature to gain access to the device.
While the emergence of hardware wallets are providing critical new security solutions, most vendors are still vulnerable to various attacks.

That’s where Ledger comes in. We are pioneering hardware wallet technology that provides unprecedented levels of security for crypto asset through a secure element — a chip designed specifically to resist highly skilled attackers and a custom OS designed specifically to protect crypto assets.

In other words, Ledger offers you the best security for your crypto assets. Furthermore, Ledger hardware wallet combined with the Ledger Live app enable you to manage your crypto easily and securely. Buy, sell, exchange, stake or lend crypto without compromising the security of your assets. Dealing with crypto has never been so easy and secure!

Your way to financial freedom

Important disclaimer:

When a user first receives their Ledger wallet, it must always be initialised by following this process:

  • Powering on the device
  • Generating a pin code
  • Generating 24 words

If a user were to receive a device containing a pre-completed recovery phrase or a pin code, the user should not use the device, as it means that the device may have already been used by somebody else. Ledger will never provide a pin code or recovery phrase with the product, nor ever ask for them. Under these circumstances, the user must contact Ledger customer support.

Knowledge is power.

Trust yourself and keep learning! If you enjoy getting to grips with crypto and blockchain, check out our School of Block video getting inside the mind of a crypto scammer.

Related article

Share this article

Stay in touch

Announcements can be found in our blog. Press contact:
[email protected]

Subscribe to our

New coins supported, blog updates and exclusive offers directly in your inbox