With great power comes great responsibility — How to secure your AirGap Wallet
Peter Parker’s uncle, Benjamin Parker, is credited with popularizing this well-known phrase in the Spider-Man comics. The notion underlying this term is one of having an awareness of one’s position of power and ensuring that one manages the exercise of that authority wisely. Blockchain has taken away power from middlemen such as banks and has handed the responsibility of keeping your funds safe to you.
Now you are saddled with the responsibility of keeping your funds safe. How do you achieve this with AirGap?
How to secure your AirGap Wallet
Cryptocurrencies are becoming increasingly popular, but scammers and their schemes are becoming more prevalent as well. Even though blockchain networks are almost impossible to hack, scammers are constantly coming up with new techniques to trick people into obtaining their funds. This article will teach you how to increase the security of your Wallet. If you are planning to setup AirGap please follow these steps here.
Public key and Private key — what is the differences?
Two types of keys are used when working with cryptocurrencies: The public key and the private key. It is important to note that while a public key is similar to an address that you can share with others to receive cryptocurrency, the private key should never be shared with anyone because it grants access to the ownership of your wallet. Think of it this way;
The public key is like the account number of your bank, while the private key is your credit card number plus CVV and pin. In the case of AirGap, the private key comes in the form of 24 random words (also called mnemonics). Those words must be protected at all times and shouldn’t be shared with anyone you don’t fully trust.
Best way to secure mnemonics
When you create a new wallet in AirGap, you will be given a mnemonic consisting of twenty-four words. For example:
“alpha hint turkey lazy sponsor attitude topic wine neutral spend moral fuel spawn fiction device pyramid deer shiver alien there wheel uncle police entry”.
These words are very important, including the order in which they appear. Whoever has access to your 24 words will have access to all your cryptocurrencies.
Here are some good practices how you can keep them secure:
- When setting up AirGap Vault for the first time, do not use any mnemonic that has previously been used on a device that was connected to the internet. (Find here detailed instructions on how to set up AirGap)
- Store mnemonics in a safe location away from the internet to reduce the possibility of hacking, information leaking, or equipment failure.
- When backing up your mnemonics, be mindful of any equipment in your immediate vicinity that may be recording your actions, such as a microphone or a camera.
- Write down the mnemonics, making sure that all of the words are in the correct order and are spelt correctly.
- Do not try to remember your 24 words without creating a paper backup. It’s easy to forget it, either because enough time has passed, or because you had an accident. (We created a paper template for you with a non-see-through pattern on the backside so you can write your words down in a proper manner. Get the PDF here and print it out.)
- Add extra security to your mnemonics by using BIP 39 passphrase.
- Use the BIP 85 functionality if you are handling multiple mnemonics.
- Consider the Social Recovery functionality of AirGap (also known as Shamir Shares) if you are afraid of losing your mnemonic
Other tips to keep your funds safe.
Beware of phishing
Phishing is a method used by hackers to trick users into disclosing sensitive information to obtain access to their funds. No admin on our social media accounts, such as Twitter, Telegram, and Discord, will ever DM you first or ask you to send your mnemonics or fill out a google-form under any circumstances.
Look at the example below, which shows someone impersonating one of our developers and trying to defraud our user.
Limit Connection with unverified Dapps
When you connect your wallet to a Dapp (whether verified or not), you increase your vulnerability to phishing scams. If you do connect your wallet to a Dapp, always make sure that you verify the contents of the transaction in AirGap Vault.
No online backups
It is important not to store your mnemonics online, whether in your email, messengers, or cloud storage, to avoid hacking, which is becoming increasingly common in today’s digitalized society.
To ensure the safety of your assets, your private keys and mnemonic seed must be kept secure. Private keys and mnemonics give complete access to your wallet, letting anyone with access spend your coins. It is suggested that the backup be kept offline, that the storage device is protected from any environmental influences, and that no photographs or screenshots of the mnemonics be taken to avoid possible hacking.