Account and Wallet Security
Are your cryptocurrency wallets and associated accounts secure? Find out here. This page contains advice for keeping your digital assets safe.
Your cryptocurrency wallet, which will hold all of your utility tokens as well as NFTs such as LAND and ASSETs, will undoubtedly be very valuable and have a very high monetary value. For this reason, it is very important to keep your cryptocurrency wallets and any accounts associated with them safe and secure.
This page will offer tips in keeping your wallet and accounts secure.
It goes without saying that you should have a very strong password protecting your cryptocurrency wallet and any accounts that are associated with this wallet.
The only person who should know your password is yourself. And that's it. Just you, nobody else - not even your cat or dog.
Do not use the same password on multiple accounts. Each account that you have anywhere on the Internet needs to have a unique password. For example - If you use your Facebook account password as your wallet password and then your Facebook account gets compromised - then your wallet will be compromised too.
If you are particularly forgetful, you may benefit from using a password manager service. A password manager is a third-party piece of software which automatically generates and stores strong passwords for you. Your password to access this software needs to be particularly strong in order to protect the other ones stored inside.
Two-Factor Authentication, also known as 2FA, adds an extra layer of security to your accounts. To put it simply, when you log into an account that has 2FA enabled on it, a randomly-generated time-sensitive code will be sent to a different device (usually a smartphone or tablet through an authenticator app). This code will need to be entered into the login screen after your password in order to access the account.
This means that if your password does end up compromised, the deviant party still will not be able to access your account unless they also have hold of your secondary device.
If your account offers 2FA security, you most definitely should make use of it.
Your cryptocurrency wallet may have given you a seed phrase (sometimes also referred to as a pass phrase or a key phrase), especially if you use MetaMask. This seed phrase needs to be kept secret from everyone who is not you, treat it as you would your password. Your seed phrase should be kept somewhere safe and secure in case you will need it in the future.
It might be a good idea to hide this seed phrase in a poem, short story, a puzzle or a pattern, for example. This way most people won't glance at it a second time and therefore won't realise you've hidden a seed phrase in there.
If you are storing the seed phrase digitally on an electronic device, then you should consider encrypting your device. Do not store your seed phrase in a standard electronic note or document. If your device ends up compromised then your seed phrase will also be compromised. If you feel that you need to store the seed phrase digitally, then do so on software that enables you to protect the seed phrase with a password and two-factor authentication.
If you are storing your seed phrase physically then it is a good practice to make sure it is kept in a secure place away from your computer, preferably not even in the same room. Keeping your keyphrase in a waterproof plastic bag inside a strong safe would be a good idea - as long as the safe is very well hidden (and potentially impossible to remove due to being embedded into the building), because obvious safes are one of the first things a home intruder will look for.
It would probably be good practice to keep more than one physical copy of the seed phrase in different secure locations, in case one ends up getting lost.
You should always make sure that your wallet is locked when you are not using it. You generally do this by logging out of it, whether your wallet is accessed through a website or a browser extension. Online banking websites, such as PayPal, have a timer running in the background which automatically logs you out of your account after a set time, however many wallet services currently do not provide this feature.
Some websites that you access with your wallet unlocked has the potential to see your wallet address. Malicious individuals could potentially see this wallet address and attempt to scam you with false wallet notifications via the website. Click this link to learn how malicious websites can be used to scam you of your wallet contents.
If someone shares an unknown and potentially dodgy link in a public place, such as in an email, in a message, on Discord or Telegram - do not click it.
- If the link mentions a community or company, Google it first to see if it is legitimate.
- If it does seem legitimate, check the spelling of the link. Some scam websites use an alternate spelling of the real thing.
- If it still seems legitimate, open the link in a different browser that does not have your wallet connected to it.
- Unsure? Ask! On our official Discord, The Sandbox staff have blue usernames. On our official Telegram, The Sandbox staff have the word "Admin" on the top-right of their messages. And remember - genuine staff will never DM you first.
Anything can happen in life. You might be healthy right now but, who knows what might happen tomorrow? You could get hit by a bus one day or have a heart attack from a sudden undiagnosed condition. This is a grim and dark paragraph, we know, but it needs to be brought up.
It would be a good practice to leave instructions to loved ones - for example a married partner, a non-married partner or a child - in your last will and testament explaining where to find the password and seed phrase to access your cryptocurrency funds (ie, where the safe or safety deposit box is) and how to invest or sell them for profit. These instructions can help your loved ones to carry on and support themselves should you suddenly and unexpectedly pass on from the world.
If you have no loved ones or relatives, you could ask a trusted friend or legal representative in your last will and testament to donate your crypto profits to a charitable cause.
Malicious thieves are coming up with new scams to try and trick you almost daily. You need to always be on high alert for this sort of thing.
Think before you react. Just because someone gave you a link it doesn't mean you have to click it. If something sounds too good to be true - it probably is.
Do not jump blindly into events, offers, airdrops and so on. Make sure you read all of the official documentation to ensure the event is genuine.
Please tag the @Moderators role on the Discord server in a support channel to report a potential scam being committed by someone within the community. Please avoid posting screenshots in public unless you have blanked out any web addresses. Otherwise, if a screenshot is needed, the responding moderator will ask you to DM it to them. You should also consider reporting the offender to Discord itself. Here's how: https://support.discord.com/hc/en-us/articles/360000291932-How-to-Properly-Report-Issues-to-Trust-Safety.
If the scammer is a member of the community channels on Telegram, please DM the details of the scammer and the scam to an admin.
Whether the scammer is on the official channels or not, please forward their profile and messages to Telegram's anti-scam team. Their username is: @NoToScam.