How do I keep my wallet safe?
What's safer than keeping your money in a Swiss bank? Of course, keeping your crypto funds in Atomic Wallet.
There’s just one caveat, though. While you can task the bank with taking full care of your funds' safety, you are the bank for your crypto holdings. No one but you has your private keys, which makes you their sole master, keeper, and protector. This can sound overwhelming even if you aren't a novice in the crypto world, so here's our guide to help you keep your funds safe.
Security do's and don'ts: how to keep your wallet secure
We'll give you the most important tip outright: never share your 12-word mnemonic phrase or your private keys with anyone. These are to your crypto savings what a CVV code is to your card. Except the scammers don't even need to know your wallet's address or any other data to steal your money, the 12-word phrase alone will suffice. As they say, "Not your keys, not your coins." Generally, you should avoid using your private keys anywhere online, which includes web wallets.
- Do keep multiple pen-and-paper copies of your 12-word backup phrase. We recommend storing the copies in multiple different places as well. If you need any help with locating the phrase in your wallet app, see our guide How to view your private keys/backup phrase.
- Do make sure you have made no mistakes while writing your backup phrase down.
- Do create a unique password for your Atomic Wallet account and avoid using it anywhere else.
- Do store your password in a trusted password manager, such as KeePass or 1Password.
However, it would be even better to avoid using an auto-generated mix of numbers and letters you'll need to copy & paste every time. Instead, try choosing a password you'll be able to memorize. How about a string of seemingly random words only you can connect in some way? Practice typing it out so that you don't even need to rely on password managers.
- Do add our official website (https://atomicwallet.io) to bookmarks so that you can easily tell it from any bogus one.
- Do keep a VPN on at all times. Refer to our VPN guide here for more details on its importance and our recommendations on VPN providers.
- Do enable 2FA everywhere you can, e.g. your Google account & your AppleID. Once you enable 2FA, someone who has taken hold of just your password won't be able to log in. To do so, they'll also need to get permission from one of your other devices.
- Don't keep any digital copies of your backup phrase, be it on your computer, your phone, or some cloud service.
- Don't share your 12-word backup phrase with anyone.
- Don't choose a password that's easy to guess for someone who knows you personally.
- Don't make screenshots of your password & don't keep any digital copies of it outside of your password manager.
- Don't let your computer and/or browser autosave your passwords. If your Google or AppleID password gets compromised, then so will all of your private data.
- Don't seek any assistance anywhere but at firstname.lastname@example.org.
- Don't use public Wi-Fi.
- Don't use a pirated version of Windows on your desktop. If your account gets emptied because of some security patch missing, it'll take a much higher toll on your wallet than spending money on a licensed Windows copy would.
To sum up: the 3 things you should do right now to thank yourself later
- Write your 12-word backup phrase down using pen and paper. After doing so, put it someplace safe. You can go further and create multiple paper copies of the phrase, as well as destroy any digital ones you may have, screenshots included. If you need any help with locating the phrase in your wallet app, see our guide How to view your private keys/backup phrase.
- Write your Atomic Wallet password down using pen and paper & save it into a password manager. If you have any digital copies of the password, make sure to delete them.
- Scan your device with a trusted antivirus program and follow through with the recommendations it'll give.
Beware of scammers
Cryptocurrency scammers are abundant everywhere nowadays. Luckily, the methods they're using are more or less the same across all the platforms they're present on. If you share any issues you're experiencing with the wallet on Telegram, Facebook, Twitter, or Reddit, you'll be quickly contacted by lots of seemingly friendly "support agents" offering to lend you their helping hands. Here's how to tell a scammer from a real Atomic Wallet team member:
- The scammer will message you first, whereas no member of our team will ever DM you on any platform.
- The scammer will send you a web wallet link, even though there's no web version of our app in existence. If they're lazy enough, you'll receive a Google form asking for your 12-word seed phrase, which brings us to our next point...
- The scammer will ask for your 12-word backup phrase or your private keys, whereas no member of our team will ever do this. Most likely, you'll receive a link to a "web wallet" website that will ask you to enter your 12-word backup phrase. No such website will not "restore" or "validate" your wallet—you'll just be sharing your data with scammers.
Even if the link sent to you has "Atomic" in it, it doesn't mean the website's associated with us in any way. The only official one we have is https://atomicwallet.io. Again, we'd recommend you bookmark it so it's easy to tell the genuine website from all the fake pages out there.
If the crypto market is the Wild West, then Telegram scammers are its most ruthless mercenaries. It's much harder for us to report and take down scam accounts on this platform compared to others, so you'll need to be extra careful when venturing into our community. Promptly block anyone who shoots you a message first and avoid discussing your crypto holdings in the chat.
To find the real Telegram admins in the chat, look for the "admin" label they should have next to their names. For your safety, we'd recommend asking any questions you have in the chat and wait for the admins to reply.
All in all, you should keep just one simple rule in mind: the real members of our team will never contact you first, so anyone doing otherwise is an impersonator. Don't waste your time on scammers and simply block them instead.
On Twitter, Facebook, & Instagram
We strongly recommend to avoid looking for any assistance with the wallet on social media. Instead, you should contact our support team at email@example.com. Our social media accounts are filled with scammers that offer "instant support forms" asking for your 12-word seed phrase. Again, the real support agents will never do that.
On Google Play
Lots of fake Atomic Wallet apps have been appearing on and off on Google Play Store. The genuine app published by Atomic Wallet has tens of thousands of reviews, so it should be easy to tell it apart from all the fake ones. When in doubt, play safe and just go to our website for the real Google Play link.
There're lots of scammers lurking around r/atomicwallet. However, everything outlined above still stands: u/atomicwallet will never DM you first, and anyone who does is after stealing your money. For more Reddit rules, refer to this post.