Bitcoin Storage: What is the Safest Way to Store Bitcoin Securely?

By Security.org Research | Updated: August, 2021

Did you know that U.S. dollars used to be backed up by physical gold? That’s where the phrase “the gold standard” comes from. Today, however, the U.S. relies on fiat currency, dollar bills, and coins not backed up by gold or any other materials. Bitcoin, however, takes it a step further, neither backed up by any physical materials or by the government. In fact, it doesn’t even require a bank and may or may not take a physical form.¹

Bitcoin is the first form of cryptocurrency, often abbreviated to BTC or XBT. It’s a decentralized currency powered by cryptography and the network of the individuals who use it. Rather than being backed by gold, it’s supported by a code called blockchain.² And as a result of the lack of a bank, users need to store Bitcoin themselves, which can get complicated.

If you're diving into the world of Bitcoin, or you're already holding some, let me walk you through the ins and outs of keeping your digital gold safe from hackers, technical mishaps, and simple human error.

Where is it Safe to Store Bitcoin?
How to Secure a Bitcoin Wallet
Bitcoin Security Facts and Statistics

Where is it Safe to Store Bitcoin?

Think of storing Bitcoin like storing regular money. You keep some cash in your pocket for daily expenses and the rest in a secure bank vault, right? The Bitcoin organization recommends a similar two-wallet approach:

Hot wallet vs cold wallet

Hot spending wallet: Your digital “pocket money” that holds a small amount of Bitcoin for daily transactions and online purchases. Most people keep this on their smartphone for easy access.
Cold savings wallet: Your digital “vault” that stores the bulk of your Bitcoin holdings completely offline. Think of it as your retirement fund that sits in a fireproof safe at home, only accessed when you need to refill your hot wallet.

Types of Wallets

You've got four main options for storing Bitcoin: mobile, desktop, web, and hardware wallets. The types of wallets can be either internet-connected (hot wallet) or not internet-connected (cold wallet). However, no matter what kind of wallet you use, to access your currency, you’ll need a set of private keys. If these keys are lost or stolen, you won’t be able to access your Bitcoin, and that’s true whether you store them physically or digitally. From losing physical items to digital devices malfunctioning and hacking, storing your Bitcoin safely requires thoughtful action.

Digital Wallets

Digital wallets are either hardware or web-based wallets that can be used on a computer, phone, or even paper. Again, it's best to only keep a small amount of Bitcoin in the digital wallet for spending, while the bulk of the Bitcoin should be stored in cold storage, a safer environment overall. Of course, the digital wallet should be encrypted so no one can access your private keys.

Pros: Perfect for travelers and daily users – you can access your funds from anywhere with an internet connection.
Cons: Like any digital service or product, digital wallets are vulnerable to hacking.

How to find: While you can research different digital wallet companies for their past security breaches and features, an easier method is to use a tool on the Bitcoin organization’s website.³ Essentially, it’s a quiz that will help you find a digital wallet based on your type of operating system, whether you want hardware and other criteria and features such as:

Control: This asks whether you want to have total control over your Bitcoin, meaning that you are fully responsible for securing and backing up your currency. Otherwise, you can work through a third-party provider, but that means giving up total control of your wallet.
Validation: Relatedly, validation means having a third party verify transactions. In a full node digital wallet, no third party is needed.
Transparency: Transparency measures whether the wallet is open-sourced and tamper-proof.
Environment: If the wallet is stored on your computer, it should have a strong password, two-factor authentication, or multi-factor authentication. Learn more in our authentication guide.
Privacy: Do you want to change your IP address? Some wallets rotate addresses and don’t disclose this information to peers on your network. Others allow for the use of Tor as a proxy server if you want to unlink your transactions from your IP address.
Fees: Transaction fees vary wildly. They can range from $1 to over $60 depending on network congestion. Some wallets let you set custom fees, while others don't give you that control.
Bech32: Bech32 is a special address format that not all wallets support; this format is also known as “bc1 addresses”.
Hardware wallet: If you want a physical wallet, check this box on the Bitcoin organization’s digital wallet quiz.
Legacy addresses: Rather than starting with bc1 like most modern Bitcoin addresses, legacy addresses start with the numbers one or three and are only available on older wallets or exchanges, typically.
Lightning: The Lightning Network has grown significantly, with capacity exceeding 5,000 BTC. It enables near-instant transactions with fees typically under a penny.
Multisig: If you want to require multiple keys to authorize transactions, you can divide the required signatures into multiple parties.
SegWit: SegWit reduces fees by using blockchain technology more efficiently, thus saving space.

Offline Wallets

Offline wallets are “cold storage” that isn’t internet-accessible. However, that doesn’t mean that they’re necessarily physical objects; desktop wallets, for example, are on a computer but are not connected to the internet. Rather, the keys are stored on the physical machine itself.

Pros: Offline wallets are safer than digital wallets because they’re at significantly less risk of being exposed online, creating the highest level of security possible.
Cons: They're not immune to physical threats. House fires, floods, or simple forgetfulness can mean your Bitcoin is gone forever. Plus, desktop-based offline wallets can still fall victim to malware if you're not careful.

Users can choose between three types of offline wallets: hardware, paper, or coin.

Hardware Wallets

Think of hardware wallets as sophisticated USB drives specifically designed to store cryptocurrency. They're my go-to recommendation for serious Bitcoin holders.

Pros: With hardware wallets, transactions are completely anonymous, as none of the user’s personally identifiable information is on the hardware. And unlike desktop wallets, hardware wallets are resilient to malware. Finally, even if the user loses their key, they’ll be able to recover their funds using a seed phrase, a 20-word phrase that the user will set up when they create the wallet itself.⁴ Ideally, the user stores the seed phrase on paper in a locked safe.
Cons: Lose the device and forget your seed phrase? Your Bitcoin is gone forever. Also, quality hardware wallets cost between $60 to $250.
How to find: Popular options include the Ledger Nano X ($149), Trezor Model T ($219), and the budget-friendly Trezor One ($69).

Paper Wallets

Paper wallets were popular in Bitcoin's early days, but I rarely recommend them now unless you really know what you're doing.

Pros: In a minimal amount of space, paper wallets allow for complete anonymity; essentially, they’re a seed phrase written on a piece of paper.
Cons: Paper can be lost, damaged, or smudged, and ink can fade. Plus, if the user is printing their paper wallet, they have to take into consideration any potential insecurities on their printer’s network. Another issue is address re-usage; if you don’t re-use the same address, then you’ll need to create a new paper wallet for every transaction. But re-using the same address can make it easier to trace the private key signature, so the safest way, creating a new wallet for every transaction, is also the most cumbersome.
How to find: You can print a paper wallet through services like BitcoinPaperWallet, WalletGenerator, or BitAddress.⁵

Physical Coins

Finally, physical coins will have tamper-proof stickers that cover a certain amount of Bitcoin.

Pros: Highly secure, physical coins don’t require any internet usage, which removes any possibility of online theft or fraud. Rather, users will have total control over their coins and can store them as they please, not relying on any third parties.
Cons: Physical Bitcoin coins are mostly collector's items now. The premium over the actual Bitcoin value can be 20 to 50 percent, and they're targets for physical theft.
How to find: Companies like Casascius stopped producing loaded coins in 2013 due to regulatory concerns. Today, you'll mostly find commemorative coins without actual Bitcoin value.

How to Secure a Bitcoin Wallet

After helping dozens of friends secure their Bitcoin over the years, I've developed this checklist that covers all the bases:

Use antivirus software: Today, crypto-targeting malware is more sophisticated than ever. Any device touching your Bitcoin needs quality antivirus software with real-time protection against cryptojacking and wallet-stealing malware.
Backup your wallet: Backup your entire wallet, including its hidden private keys, as early and as often as possible. If your device fails, this could be the only way to recover your currency. It’s best to back up your wallet in multiple locations like CDs, USB sticks, and hard drives; redundancy is key. And, of course, your backup should be encrypted. While eventually, wallets will only need to be backed up once, for the time being, users need to back up their wallets regularly.
Use a strong password: Your Bitcoin password should be at least 20 characters long – yes, 20! Mix uppercase, lowercase, numbers, and symbols. Better yet, use a passphrase like “MyDog$Ate7Purple!Bananas@Dawn”. Check your password strength with our secure password checker.
Store your password securely: If you lose your password, you’ll have limited or no way of recovering your currency, so it’s important to keep a paper copy of your password in a vault or another safe place. In case that gets lost or stolen, memorize your password or store it in an encrypted password manager.
Update software: Critical security patches come out monthly. Set your wallet software to auto-update, or check manually every week. Running outdated wallet software is like leaving your front door unlocked.
Turn on two-factor authentication: Two-factor authentication or 2FA means that in order to enter your Bitcoin account, you’ll also need to enter a passcode sent to another device. Turn on 2FA whenever it’s available, but if possible, have the code sent to a SIM card used only for this purpose as opposed to your phone. As many people use their phones for 2FA, they’re more likely to be hijacked by hackers.
Create a recovery contact: Choose someone you trust completely – maybe a family member or close friend. Give them sealed instructions on accessing your wallets, but only to be opened in emergencies. Consider using a lawyer or including instructions in your will.
Use a separate email: For the most privacy, use an email address for your Bitcoin account and communications that is just used for Bitcoin. In other words, it shouldn’t be associated with your social media profiles or accounts on PayPal, if you’re going for total anonymity.
Implement multi-signature: Another option is to require approval from three to five people to allow completed transactions. This means that a single server or controller can’t carry out transactions, greatly reducing the risk of theft.⁶
Offline transaction signing: We recommend dividing a single wallet into two computers, one disconnected and one connected to the web. The “cold” wallet includes all of the currency and can sign transactions, while the “hot” wallet can create unsigned transactions only.⁷ For secure new transactions, follow the following steps:
- Create a new transaction on the web-connected computer.
- Save it on a USB key, or the “cold” wallet.
- Use the offline computer to sign the transaction.
Keep it to yourself: While it’s okay to say that you’ve invested in Bitcoin, don’t mention exactly how much money you’ve invested or gained; otherwise, you’re making yourself a target for theft.⁸
Don’t post on social: Many of us don’t realize how much of our personally identifiable information is available publicly on social media. Not only does this put us at risk of identity theft in general, but it also makes you more vulnerable to Bitcoin theft, so don’t post your email address, home address, or phone number. It’s best to make all of your social media profiles private, as well.
Secure network: When accessing your Bitcoin via the internet, it’s best to use a secure and private network rather than a public Wi-Fi network. However, if you absolutely need to use a public network, you can either connect to a hotspot or use a VPN to encrypt your web activity and IP address. And for your home network, use antivirus software with network security built-in.
Avoid scams: Various outlets⁹ have reported numerous Bitcoin scam phishing emails, many of them promising Bitcoin giveaways. Beware of these scams, and try not to click on any unfamiliar emails, links, or attachments, especially on Twitter. Chances are if it sounds too good to be true, it probably is.
Check address: Before you send currency to another Bitcoin wallet, make sure that the address is correct, as most transactions are irreversible. Malware can change the currency’s destination in some cases, so it’s always best to double-check.
Use smaller transactions and different exchanges: Test with small amounts first – send $10 before sending $10,000. Also, spread large holdings across multiple reputable exchanges to minimize risk if one gets hacked.

bitcoin

Bitcoin Security Facts and Statistics

Just how common are Bitcoin theft and fraud? Well, it’s actually becoming less common overall, fortunately. In the first 10 months of 2020, for example, losses for hacks, fraud, and thefts of cryptocurrency were down $1.8 billion from the previous year. In general, cryptocurrency has become more secure, leading to fewer “mass-scale” attacks, says CipherTrace CEO Dave Jevans. That being said, the last two months of 2020 saw a 30 percent increase from all of 2019, with losses from thefts and hacks totaling $468 million.¹⁰ So while cryptocurrency becomes more secure in general, thefts and hackings are still possible.

While there’s no dependable data on how many people have lost their Bitcoin passwords and thus, access to their currency, as of June 2020, 20 percent of all Bitcoin has been lost. By lost, they mean that it hasn’t been moved from its current address in a minimum of five years. So out of the 18.6 million mined Bitcoin, 3.7 million are lost¹¹, although it’s not clear why.

Final Thoughts

Bitcoin is one of the only “off the grid” methods to store money that does not associate with banks or the government. It does not need physical backing or government support. Instead, it relies on a decentralized network. Of course, storing Bitcoin securely is essential to protecting your funds.

To safely store your Bitcoin, we recommend using two different wallets. The first is a hot wallet, perfect for everyday spending. This type can be stored on a mobile device and holds a smaller amount of Bitcoin. The second is called a cold wallet, optimal for long-term storage. A cold wallet is not connected to the internet and instead the keys are stored somewhere physically secure like a fireproof safe. This wallet also stores the majority of your Bitcoin and is used to replenish your hot wallet.

To make sure your Bitcoin wallet is secure, follow basic digital security best practices like using strong passwords and two-factor authentication. You should also avoid any oversharing and make sure your network connection is secure. With a few simple steps, you can protect your Bitcoin and keep your money safe.

FAQs

Where is the safest place to store Bitcoin?

The safest place to store Bitcoin is in two separate wallets. Using a hot wallet for short-term spending and a cold wallet for long-term spending can help protect your funds against cyber attacks and hackings.

Does Bitcoin lose value in a wallet?

The value of your Bitcoin will change whether it’s in your wallet or not, depending on current market conditions. However, directly storing it in a wallet will not decrease its value.

Is Bitcoin 100% safe?

Bitcoin is not 100% safe. While it does have some security advantages over other traditional currencies, users should take security measures to avoid potential risks.

Can you lose a Bitcoin wallet?

Yes, it’s possible to lose a Bitcoin wallet. Recovering it, on the other hand, is usually very difficult and nearly impossible.

Who owns the most Bitcoin?

As of 2024, Satoshi Nakamoto (Bitcoin's pseudonymous creator) still holds the largest stash at approximately 1.1 million BTC. Among known entities, MicroStrategy leads corporate holdings with over 189,000 BTC.

Bitcoin Storage: What is the Safest Way to Store Bitcoin Securely?

Table of Contents