Bitcoin and cryptocurrencies are disrupting finance but freedom comes with a greater degree of responsibility. Although crypto can act as a hedge against a faltering economy, individuals need to be aware of the risks associated with this new type of currency.

Losing your coins to hacks is the #1 danger with using cryptocurrencies and is an obstacle for widespread consumer adoption. For this reason, good security cannot be emphasized enough but unfortunately the average person pays very little attention to this.

Personally, as a crypto trader the benefits far outweigh the risks but I’ve taken certain measures to protect my private keys. Here are twelve steps that you can take to help keep your money safe.

#1: Keep your Computer Secure

Having a clean operating system is the foundation of good security. The majority of hacks that I’ve seen tend to target Window’s users and it has the most viruses in the wild. Anti-viruses aren’t always 100% effective and they can slow down your computer. That said, it’s better to run one than to not run one.

Many people use Windows because it offers a wider selection of programs. If you do decide to use it, perhaps have a dedicated computer exclusively for crypto. If you’re surfing the internet with a Window’s computer then you should keep your crypto related activity separate. Macs tend to be more secure and Linux is considered to be the best option. This is the main reason why most servers in the world run on the Linux operating system.

#2: Update your Computer Regularly

Updates often fix bugs and security vulnerabilities so it’s important to run them as often as possible. Open-source software tends to have frequent updates because there are more eyes auditing the code. People sometimes procrastinate updating their computers which leaves them susceptible to hackers. When vulnerabilities become known, many hackers will create viruses to exploit them.

#3: Use Strong Passwords

Brute force cracking is the most common way for thieves to get access to your account. People often make the mistake of using really simple passwords like “Mickeymouse123”. Another common mistake is to use the same password on multiple accounts.

The best passwords are at least 16 characters long with a combination of numbers, letters, capitals and symbols. If you find this too difficult to remember then perhaps use a sentence that’s at least 20 characters long.

#4: Use Two-Factor Authentication

In the event that your password gets cracked, 2FA will still prevent the hacker from accessing your account. This is an additional level of security that generates a secondary password from a phone app or text message. Not only does the attacker need to steal your password, they also need physical access to your phone.

Two-factor authentication is an absolute must for using cryptocurrency exchanges. You may also want to consider using it for your primary email address as well as any websites that you own.

#5: Double Check all URLs

You can have to most air tight security in the world but if you send your coins to a fake website you’ll lose your money. There are many fake websites that mimic genuine crypto sites yet they change one letter of the domain name in order to trick people. You want to always double check the url and never send money to a site that’s not encrypted with https.

#6: Double Check the Crypto Address

When you’re sending bitcoins to somebody it’s always important to double check the address. Human error is also a common mistake and crypto transactions are irreversible. There are also some new crafty viruses that change the address on you when you copy and paste it into your wallet. There’s even a nasty chrome extension that changes the QR code in your browser.

#7: Use a Hardware Wallet

Bitcoin has great hardware wallets like Trezor, which provides the security of cold storage with the simplicity of a hot wallet. Cold storage is considered the best practice for keeping your private keys secure but can sometimes be time consuming to implement.

Paper wallets aren’t reusable and can be vulnerable when swiping the keys into another wallet. Hardware wallets may be the perfect tool to help boost mainstream user adoption because they’re safe and convenient to use.

#8: Be Careful of Counterparty Risk

Bitcoin traders need to use exchanges in order to make money in the markets. Crypto exchanges have a history of losing or stealing people’s coins so they actually pose one of the biggest risks. If you are an active trader then there are a few things you can do to reduce the risk.

Don’t keep coins on an exchange when you’re not actively trading

Only use 20-30% of your coins for trading

Diversify your coins amongst several exchanges

Always research the exchange to make sure it’s in good standing with the crypto community

#9: Be Careful with Downloading too Many Wallets

There are new altcoins being released every week and it’s not always possible to audit the code for security vulnerabilities. Some of these wallets may contain malware that can steal private keys form other wallets. The more wallets you download on a computer the greater the chances are of getting a trojan horse.

#10: Backup your Private Keys

Too many people have lost money as a result of forgetting to backup their private keys. If you’re running a core wallet then save regular backups stored on a usb key.

Some wallets like Electrum and Trezor can generate a 13 or 24 word seed that can restore all your addresses. Make sure to write these down somewhere safe and do not keep a digital record of them.

#11: Use Different Addresses for Each Transaction

Blockchains are pseudonymous but your transactions can still be seen on the public ledger. To increase your privacy you may want to consider generating a new address every time you receive coins. This will help obfuscate your transactions on the network.

#12: Only use Phone or Web Wallets for Petty Cash

Phones and web wallets tend to be less secure than core wallets and cold storage. Many phones have vulnerabilities due to app permissions and web wallets tend to store your private keys in your browser. It’s much easier to steal private keys from a phone or browser than it is from encrypted core software or cold storage. Consider your phone like petty cash that should be spent on smaller transactions as you go about your day.