To protect your crypto-tokens from being stolen the key is to make sure you are the only person to know your wallet’s private key and to keep it in a safe place where no one can access it. Choosing a reliable wallet only completes the first step to ensure assets security; only by developing a sense of security and right methods can you truly keep your assets safely.
The biggest feature of a decentralized wallet is that users are the only person who has the private key, in other words, users have absolute control of the assets. Because of this, users need to take the responsibility of assets security alone which requires them to have sufficient security awareness.
The user of imToken could protect their assets in three aspects:
Remember to backup
According to users’ feedback, the most common reason for users to digital assets is not theft, but not having backed up their wallet private keys. Actually there is no such thing as an asset loss on the blockchain. However there is loss of control of the asset.
In order to not lose control of your wallet, the most important thing is to backup your wallet accurately. Backing up a wallet refers to recording the mnemonic phrase and private key to the corresponding wallet address. If you meet a critical situation like losing your phone you are able to continue managing your assets by importing the backup in the new device. No matter what happens to your phone or computer, as long as you have a backup to the wallet, you will never lose the control of your assets.
To ensure that the backup information is correct, we strongly suggest to backup the mnemonic phrase as it is easier to record. Meanwhile, you have to avoid the following situations:
- One wallet address is backed up by one mnemonic phrase. DO NOT mix up the mnemonics!
- Make sure you transcribe the right words
- Make sure the words are in the right order
Tips: Secret storage is a good tool to backup the mnemonic phrase.
Keep the backup in a safe place
To avoid the backup being stolen by a hacker, you have to keep it in a safe place where others have no chance to access it. Here are ten principles of anti-theft summarized by imToken. For the safety of your assets, PLEASE keep them in mind and follow strictly.
- DO NOT use a wallet you haven’t backed up;
- DO NOT transmit or keep private key via e-mail;
- DO NOT use Instagram or any other social media application to store the private key;
- DO NOT take a screenshot or picture of the private key;
- DO NOT use any social media like Telegram to transmit the private key;
- DO NOT tell anyone about your private key;
- DO NOT send the private key to any public chat group;
- DO NOT use unknown source wallet Apps provided by untrusted third parties;
- DO NOT use the Apple ID provided by others to download imToken App;
- DO NOT import the private key to an unknown third-party website;
Beware of Ponzi schemes
There are tons of blockchain projects outside that are Ponzi schemes. We summarize the characteristics of those types of scams as follows. For your assets safety, do not participate in these projects:
- Use an incredible high return as bait with little or no risk;
- You could always see phrases such as ‘Totally decentralized’ or ‘Absolute security and transparency’ in the introduction of project;
- Full of fake promotions, for example, cooperation with some famous companies;
- Always wants to attract more investors and claim that the new money will be the source of payout for the initial investments;
- They are good at the community marketing and continue to brainwash the people within the community;
- Those firms behind are shell companies, it is too difficult to ban it totally;
The easiest way to identify a scam is to ‘Don’t be greedy, Don’t be irrational’. There is an old saying that there is no such thing as a free lunch. If you want to get something, you need to make an effort to earn it.
Lastly, if you find a scam, you can report it to us by emailing us via hack@token.im.