Secure Yourself in Web3

Secure Yourself in Web3

I remember the first time I heard about cryptocurrency. It was 2013 and a coworker was buying some bitcoin. He had a crazed excitement about him. The wide-eyed look of a man possessed. He went on and on about bitcoin being the future of money. He was doubling and tripling his money month to month.

You are your own security

The first thing you need to understand about Web3 is that you are your own security.

Password Manager

When getting into Web3, many of the best security practices in the current internet world still apply. Remember, when you start to get active, you are also increasing the size of the target on your back from scammers and fraudsters. If they can’t get your crypto keys, they’ll go for other things like email.

Multi-factor authentication

I recommend setting up multi-factor authentication on all of your essential accounts to create another layer of protection. It might seem inconvenient at times, but it could save you a lot of trouble down the line.


Virtual Private Networks are also essential. They encrypt data across the network while disguising your IP address and location. They are absolutely necessary if you are logging into any public wifi. Your devices are especially vulnerable in those situations.


That’s where the web browser can help. A good web browser will detect suspicious websites and warn you if they break standard security protocols. But this is not dependable, bad judgment will still be costly.

Don’t click suspicious links!

This should go without saying, but scammers are much savvier now and will continue becoming more sophisticated. I recently heard an artist share how he regrettably clicked a link that ended in .lo instead of .io. That’s easy to miss!

Secondary email address

As I mentioned, in Web3 you’ll find yourself publicly revealing your email address. It’s hard to fully grasp the implications of that exposure. Use a secondary email address for your Web3 participation. It’s simple to create and could save you from a whole world of hurt down the road.

Wallets, keys, and accounts

Typically, when you get into web3 there are three critical accounts where cryptocurrency is stored. Each account type serves its own purpose.

The Exchange

Let’s start with the cryptocurrency exchange. This is your entry point.


The next type of account you’ll have is a wallet. Securing a wallet is much different than securing your Web2 accounts. No one will have the key to your wallet except you and the people you tell.

The Cold Wallet

The next thing I strongly recommend is getting a hardware cold wallet. I use the Ledger Nano that I’ve had for years now. They now have multiple products and more options. Ledger is still one of the most trusted cold wallet makers.

The Hot Wallet

A hot wallet is the best way to access Web3 resources like the NFT exchanges, websites, or DAOs. They usually have a website, a browser extension, and an app to allow use on multiple devices. Hot wallets are often specific to the cryptocurrency you’re connecting with, but some store multiple cryptos.

Additional Resources

General Web3 security

Complete guide on cryptocurrency security

Best practices to storing your seed phrase

The best way to store your seed phrase



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Hassan Karimi

Hassan Karimi

UX/Product designer writing about Web3