How to keep your self-custody wallet secure

A self-custody wallet like Coinbase Wallet gives you maximum control over your crypto while also serving as the gateway to an entire universe of decentralized applications, blockchains, and protocols. In this tutorial, we’ll walk you through four crucial tips that will help you safeguard your Coinbase Wallet, your crypto, and your NFTs. 

Throughout this article, we will be focusing on Coinbase Wallet. However, these tips are best practices that apply to any crypto self-custody wallet, regardless of whom you use.

(If you’re looking to understand the basics of crypto wallet, we recommend you read this guide first.) 

Keep your recovery phrase in a safe place

When you first set up your Coinbase Wallet, it will generate a recovery phrase (sometimes referred to as a “seed phrase”), which is a string of 12 simple words. The recovery phrase is the master password to your wallet—as long as you have your recovery phrase, you’ll have access to all of the crypto and NFTs associated with the wallet. You can even import your wallet using that same recovery phrase to access it on multiple devices, such as a smartphone with the Coinbase Wallet mobile app, or a computer with the Coinbase Wallet browser extension. .

Keeping your recovery phrase safe is of the utmost importance. If you lose your recovery phrase, you lose access to your assets. And if someone else gets your recovery phrase, they gain access to your assets. 

For most people, simply writing your recovery phrase down and keeping copies in more than one safe location is a solid approach. Using the mobile version of Coinbase Wallet (which is separate from the main Coinbase app you use to buy or sell crypto) you can also opt in to the encrypted Google Drive or iCloud recovery phrase backup feature, which stores an encrypted version of your recovery phrase in the cloud. If you want to use this feature, make sure you have a strong password for your Google Account or AppleID.

Lock your Coinbase Wallet account when not in use

Similar to how your smartphone has a “passcode” or a “lock” feature, your Coinbase Wallet will automatically lock after a certain period of time. For Coinbase Wallet browser extension, the default auto-lock timer is set to 24 hours. This means if you do not open the Wallet browser extension for 24 hours, it will require your password to unlock your wallet.

For additional security, you can modify the auto-lock timer so that your Coinbase Wallet is always locked when it is not in use (similar to re-entering your passcode to unlock your smartphone).

To modify the auto-lock timer in Coinbase Wallet (available in the browser extension only), follow these simple steps:

1. Unlock your Coinbase Wallet, and navigate to “Settings”.

2. In the settings tab, navigate to “Auto-lock timer”.

3. In the Auto-lock timer settings, enter your preferred timer settings, and press “Save”.

4. Bonus tip! To manually lock your wallet, you can click on “Lock Wallet” in the settings tab

Periodically review and disconnect unused dapps

As you explore the world of decentralized applications via Coinbase Wallet, you’ll be connecting to a variety of dapps and protocols, and granting them certain permissions to view and manage your data, crypto, and NFTs. Any dapp that you grant access to can generally see what is in your wallet. It’s important to regularly review these permissions and disconnect your wallet from any dapp or protocol you aren’t using or have any reservations about. 

This applies to dapps like:

• Decentralized exchanges (DEXs) 

• Staking protocols

• NFT marketplaces

• NFT minting sites

To review and/or modify Wallet’s  existing connections, follow these simple steps (available in the browser extension only):

1. Unlock your Coinbase Wallet, and navigate to “Settings”.

2. From the settings tab; choose “Dapp connections”.

3. In “Dapp Connections,” you can disconnect dapps individually by clicking on the “Disconnect” button, located to the right side of the Dapps name. You also have the option to disconnect all dapps by clicking on “Disconnect all,” located at the bottom of the Dapp Connections window.

Only use Coinbase Wallet via a secure network connection

It might be tempting to use public Wi-Fi to perform a quick transaction, but it can put your Wallet’s security at risk as public networks are cybercriminal activity hot spots. The most common public-network exploits come in some form of a “man in the middle attack,” which is a form of cyber eavesdropping in which an unauthorized entity inserts itself between you and the authorized entity that you’re connected to.

In the context of public networks, the most common attack of this type is via an exploit known as a “rogue Wi-Fi access point.” A rogue access point is an access point installed on a network without the network owner’s permission, and which is disguised as a nearby legitimate Wi-Fi network. It tricks devices into joining its network instead of connecting with the authentic Wi-Fi point.

These attacks are most common in public areas with shared W-iFi such as airports, coffee shops, and museums.

Connecting to a rogue access point gives an attacker the ability to:

• See all data (including passwords!) flowing through the network.

• Modify intercepted data, and send the modified user data to the destination endpoint. If you were using Coinbase Wallet to send some ETH to your friend, say, the hacker can simply redirect the transfer to their own wallet.

There are countless other methods used by cybercriminals, which is why it’s in your best interest to never use your wallet on a public network. Did this quick tutorial whet your appetite for more crypto security tips? Coinbase’s security team has you covered.