🔐Wallet Security

• Do not use your wallet's dashboard or browser extension on the internet browser that you use for regular internet browsing.

• You should have at least two different browsers on your device. Use one as your default browser to browse the internet as you normally do. And a secondary browser for all activities related to using your wallet. The next header below makes it clearer why you should do this.

• For example, many users at The Sandbox decide to use Chrome for regular browsing, and Brave for wallet-related activities.

• Do not set the browser that your wallet is used or attached to as your "default" browser.

• So, you've taken the time to learn about blockchains and cryptocurrency - in that case, you should also take the time to learn to stop impulsively clicking links while using the browser with your wallet dashboard or extension on.

• Get into the habit of treating links as suspicious. Whether the link is on a webpage, a social page, in an email, in a direct message, and so on.

• Links can be used to trick you into connecting your wallet to a compromised app or a fake third-party website, giving fraudsters access to your wallet.

• If the link mentions a community or company, Google it first to see if it is legitimate. If it does seem legitimate, check the spelling of the link. Some scam websites use an alternate spelling of the real thing.

• You can also scan the link for malicious code and so forth on virus scan websites, such as https://www.virustotal.com/.

• Even if it still seems legitimate, open the link in a different browser that does not have your wallet connected to it.

SECURITY NOTE One way scammers try to get you to click such dangerous links is to claim that you have won a prize. Or that you have been randomly selected to participate in something (ie, a game test). They could also pose as someone who is shilling another project, but is in fact trying to entice you to click a link to a scam.

• Always do your own research (DYOR) about websites that ask you to connect your wallet to them. Do not just go ahead and connect it to everyone who asks.

• If you're still unsure, ask in a cryptocurrency community that isn't operated or managed by the website that is asking you to connect your wallet to it.

• When your wallet is not in use, it should be locked at all time.

• Locking a wallet is achieved simply by logging out of it via the web dashboard or browser extension.

• If you are not sure how to lock your specific wallet, search the help documents provided by your chosen wallet service, as the instructions differ depending on your chosen wallet.

SECURITY NOTE

Banking websites, PayPal, and similar money service websites will usually automatically log you out after a certain number of minutes. However, many cryptocurrency wallets do not currently have this feature, so you need to make sure you do so manually.

• Nobody else should be able to access your wallet. This includes family members, friends, and romantic partners - people argue and fall out all the time.

When writing down your seed phrase for safekeeping, it is usually a good idea to hide the seed phrase within a custom poem, song, or riddle.

This way, if someone happens to stumble across your seed phrase, it will just look like a pretty (or sometimes weird) bit of creative writing, and they shouldn't catch on that it's a hidden seed phrase.

For example, let's say your first four seed phrase words are Purple, Lion, Bed, Floor.

Purple rain falls all around the plains, The lion goes to check on the drains, But his bed retains the water, And the wood floor has stained.

Notice the first word of the poem is your first seed phrase word. The second word of the poem is your second seed phrase word. And so on.

This is just an example, there are many ways that seed phrases can be hidden within creative writing.

If you really feel that you must back up your seed phrase digitally, then make sure that the seed phrase is encrypted. Or even better, hidden creatively (see above) and then encrypted.

Do not store your seed phrase as a standard electronic note or document, and especially do not store them online. This includes Notepad, Microsoft Word, Google Docs, note-taking software, emails, and so on.

Make sure any digitally backed-up seed phrases are protected by passwords and other security measures that may be available to you. This might include 2-factor authentication, PIN codes, and biometric fingerprint scanners.

SECURITY NOTE There have been claims posted on the internet that facial recognition and retinal scanner biometric security has been fooled before by using a high-definition photograph of a person's face or eye close-up, which can easily be taken from social media.

Should you decide to back up your seed phrase physically (hopefully creatively hidden in a poem, etc), then you should make sure that the physical back-up is kept in a secure place away from your computer - preferably not even in the same room as your computer.

It would be a good idea to seal your seed phrase in a plastic container or ziplock bag to protect it from water damage. For example, should there be a flood or burst pipe incident.

Writing the seed phrase in invisible ink may be a good idea as well.

Safes are a good place to store a physical backup, as long as your safe is not highly visible. Bear in mind that during a home burglary, a safe is one of the first things a thief will keep an eye open for.

Make sure the safe is well hidden. There are many specialist hidden safes available on the market, such as safes that can be embedded into the floor, safes that look like an innocent power plug socket, and so on.

Alternatively to a hidden safe, make sure your safe is embedded into the building itself, such as inside a wall, so that it cannot be removed from the property by a thief to be cracked open later with power tools.

Your safe should ideally be fireproof. Beware of safes on the market claiming to be "fireproof" but have holes in the back or bottom of the safe for bolting onto something - obviously fire can get through holes.

It would be a good idea to seal your seed phrase in a plastic container or ziplock bag to protect it from water damage. For example, should there be a flood or burst pipe incident.

SECURITY NOTE If your safe has a keypad where you'll need to enter a code to access it, then don't forget to wipe away your fingerprints after using your safe. This is to prevent the combination of a fine powder being dusted onto the keypad to see which numbers you've been pressing, followed by attempts at guessing the code using those numbers.

Safes with a "kill switch" which disables power to the keypad or blocks the unlocking mechanism after too many failed attempts may help to prevent this (except if the thief is very lucky at guessing), but then you'll have the hassle of finding, hiring, and proving that you're the owner of the safe to a trusted locksmith to open it for you.

Those who have a large amount of cryptocurrency or a lot of high-value NFTs might want to consider something even stronger than having a safe on their property. That being a safe deposit box within a bank vault.

The bank will charge you to rent space for your safe deposit box in their vault, which is why it's usually a better solution for those with large amounts of crypto, as opposed to a "smaller" trader, unless you already have a safe deposit box for another purpose.

You could consider hiding your seed phrase creatively, as advised above, then store it in a safe deposit box at your bank branch. This way, even in the very unlikely one-in-a-billion-chance that the bank vault does end up being successfully robbed and they coincidentally go for your safe deposit box out of the hundreds or thousands of others in the vault, it will just look like a random piece of paper with a rambling poem on it to the thieves.