Some tips related to software wallets on PC/Mac and backup.
1. Open your wallet only when it's absolutely necessary.
Don't access your wallet every time you check your balance. Store your address somewhere so you can use block explorers to check your balance. Manage your portfolio using an app or use my Google template to track your balance. (https://steemit.com/cryptocurrency/@mix1009/cryptocurrency-portfolio-template-version-2-for-google-sheets)
If you aren't sending coins, don't open the wallet. Use a block explorer. To receive, you don't need to open your wallet. Use block explorer to check if you received the coins.
Here are two popular block explorers:
- https://blockchain.info : Bitcoin
- https://etherscan.io : Ethereum and ERC20 tokens
Google for block explorer for other coins.
Write your addresses. This aren't private keys, but if someone can edit your files, they can trick you to send your coins to their address. I keep my address inside a password protected note in Mac/iOS Notes app. I also save links to the block explorer so I can access it faster.
Since many bitcoin wallets change it's receiving address, it's better to just write down your coin holdings. Since figuring out how much you hold is hard to figure out from block explorer. If privacy is important to you, you'll have to open your Bitcoin wallet to check the new address. If privacy is not too important you can reuse the old address to receive BTC. For some coins you have to use new address for each transaction.
2. Unique password for each wallet
If you are using a software wallet and it saves private key with a passphrase, make sure you use different passphrase for each wallet.
3. Use encrypted drive
Use encrypted drive to save your private keys(keystore files). If you have to enter a private key(which I think is a bad wallet) to access the wallet, save it where it's encrypted. I used to use Jaxx and it had weak security. Jaxx used to encrypt private key with common key (not sure now), so I encrypted the config folder. I only open this encrypted drive when accessing Jaxx. It's a bit technical to achieve this(using symbolic link) and I don't know how to do it in Windows. I don't use Jaxx anymore. My Ethereum keystore files are stored in an encrypted drive.
I recommend using a encrypted container file. Not a physical drive thats encrypted. Encrypted drive data is stored in one container file. You can connect/disconnect faster and it's easier to backup.
How do you create an encrypted drive?
- You can use VeraCrypt(https://www.veracrypt.fr/) on Windows or Mac.
- If you are using a Mac, you could also create an encrypted drive from "Disk Utility". http://technology.pitt.edu/help-desk/how-to-documents/creating-encrypted-disk-image-mac-os-x
- Windows 10 seems to support encrypted drives: https://www.howtogeek.com/193013/how-to-create-an-encrypted-container-file-with-bitlocker-on-windows/
Only connect(decrypt/mount) when you access it, and disconnect right after use. If you copied something important to the clipboard make sure you copy something useless to the clipboard. And don't use a clipboard management app.
My wallet files (which is needed to send coins) are stored in one encrypted drive.
My backup files that stores 24 restore words for hardware wallet & Authenticator screenshots are in another encrypted drive with different password.
4. Backup your encrypted drive.
I also make a backup of the encrypted drives. I zip the encrypted drives with different password and store it in external drives located in multiple distant locations.
5. Always double check addresses when transferring
Make sure you send to the right address. Double check the receiving address. There is report about malware replacing addresses from clipboard.
If you are using a Ledger hardware wallet, please read https://cointelegraph.com/news/newly-discovered-vulnerability-in-all-ledger-hardware-wallets-puts-user-funds-at-risk .
Photo from https://www.pexels.com/photo/ethereum-and-bitcoin-emblems-730569/