Sign in Subscribe

Bitcoin Security Checklist: 10 Steps to Protect Your BTC

Glyntex Team

2 min read

Most Bitcoin losses aren't from hacks. They're from poor security practices — bad passwords, seed phrases stored on phones, or accounts without 2FA. This checklist covers the 10 most important steps to protect your Bitcoin.

1. Get Your Bitcoin Off Exchanges

Exchanges are the biggest single risk for most Bitcoin holders. If the exchange is hacked, insolvent, or your account is compromised, you can lose everything. Move Bitcoin you're not actively trading to a hardware wallet you control.

Good hardware wallets: Trezor Safe 5, Trezor Safe 3, Ledger

2. Store Your Seed Phrase Properly

Your seed phrase (12 or 24 words) is the master key to your Bitcoin. Anyone who has it has your Bitcoin. Anyone who destroys it destroys your access.

Do:

  • Write it down in physical form (pen and paper at minimum)
  • Use a metal backup for fire/water resistance (Trezor Keep Metal)
  • Store in multiple physical locations
  • Verify you wrote it correctly by testing recovery before depositing large amounts

Don't:

  • Take a photo of it
  • Store in cloud storage, email, or notes apps
  • Enter it anywhere online
  • Share it with anyone

3. Use Strong, Unique Passwords

Every Bitcoin exchange account needs a unique, strong password. Use a password manager (Bitwarden, 1Password) to generate and store them. Never reuse passwords. A data breach on one service shouldn't compromise your Bitcoin exchange.

4. Enable Two-Factor Authentication (Properly)

All exchange accounts should have 2FA enabled. But choose carefully:

  • Use: Authenticator app (Google Authenticator, Authy, Aegis)
  • Avoid: SMS 2FA — vulnerable to SIM swap attacks

SIM swapping is a real threat: attackers convince your carrier to transfer your phone number, then use it to bypass SMS 2FA. Authenticator apps don't have this vulnerability.

5. Use a Hardware Wallet for Cold Storage

Covered in step 1, but worth emphasizing: a hardware wallet that never connects to the internet is orders of magnitude more secure than any software wallet or exchange for long-term storage.

6. Verify Receive Addresses Carefully

Before sending Bitcoin, verify the receiving address on your hardware wallet's screen. Malware can modify addresses in clipboard ("clipboard hijacking"). Always check the first 4–6 and last 4–6 characters on the hardware wallet display match what you intended.

7. Add a Passphrase (25th Word)

A BIP39 passphrase is an additional word (or phrase) added to your seed. It creates an entirely separate wallet. Even if someone steals your seed words, they can't access your Bitcoin without also knowing the passphrase.

Downside: you must remember and protect the passphrase as carefully as the seed words. If you lose it, your funds are inaccessible. Start with a small amount before moving large holdings to a passphrase wallet.

8. Be Careful About What You Share

Don't announce how much Bitcoin you hold publicly. Don't reveal your wallet addresses (links your identity to balances). Be cautious about who knows you hold Bitcoin at all — this reduces social engineering and physical attack risk.

9. Use a Dedicated Device for Transactions

For large amounts, consider a dedicated laptop or phone used only for Bitcoin — no browsing, no email, no other apps that could deliver malware. Keep the OS updated. This isolates your Bitcoin transactions from general internet exposure.

10. Have a Recovery Plan

What happens to your Bitcoin if you die or become incapacitated? Consider:

  • A secure document explaining how to access your Bitcoin (stored separately from the seed)
  • A trusted person who knows a Bitcoin exists and has instructions to find the document
  • Multisig arrangements for significant holdings

Bitcoin with no recovery plan is permanently lost if something happens to you.

Quick Self-Check

Run through this list right now:

  • ☐ Bitcoin off exchanges and on hardware wallet
  • ☐ Seed phrase written down physically, not digitally
  • ☐ Seed phrase stored in multiple locations
  • ☐ Unique password for each exchange account
  • ☐ Authenticator app 2FA on all accounts (not SMS)
  • ☐ Hardware wallet verified before each transaction
  • ☐ Someone trusted knows you own Bitcoin

Also see: Bitcoin Custody Options | Trezor Safe 5 Review | Bitcoin Wallet vs Exchange

Sign up for more like this.

Enter your email
Subscribe