Core principles
Security in crypto is layered: secure credentials, multi-factor authentication, careful permission management, and healthy device practices all contribute to overall resilience.
Multi-Factor Authentication (MFA)
TOTP
Authenticator apps
Use apps like Authenticator or hardware keys where supported — more secure than SMS.
U2F
Hardware keys
FIDO2 / WebAuthn keys provide phishing-resistant authentication.
Phishing prevention
- Always verify domain names and SSL padlocks.
- Never enter recovery keys or seeds anywhere online.
- Trust official channels and bookmark important sites to avoid typosquats.
Device hygiene
- Keep OS and apps patched; disable unused browser extensions.
- Use dedicated wallets for large holdings and limit browser wallet approvals.
- Consider hardware wallets for high-value storage and sign transactions on-device.