I've had a lot of people asking me about cryptocurrency lately. It's a predictable pattern when the price goes up. People know I've been in to bitcoin for years now (even made a movie about it).
One question that's been asked several times is, "How do I store my cryptocurrency?"
That seems like a straightforward question, but it really is not. It depends on your level of knowledge, your priorities, and the resources you're willing to dedicate to storage.
I'll attempt to address the spectrum of options, though not at all exhaustively.
NOTE: The first line of security in storing your bitcoin is education. That may sound like a hollow platitude. It’s not. If you don't understand and correctly implement basic security measures on your devices, nothing else will matter. You need to be smart about this. Don't use obvious passwords. Don't use short passwords. DO use a password manager, like 1Password or Lastpass, and DO make sure your master password is long, like a full sentence. NEVER click on links from people you don't know or trust, and ALWAYS check the security certificate on sites you visit (the little "lock" icon at the top of your browser, next to the website address). And use a REPUTABLE virus scanner, like Sophos Home.
If you're not doing these things, you will eventually get hacked. When you get hacked, you won't know it till your funds are just gone one day. And there is no way to get them back.
Okay, if that didn't scare you off... let's proceed.
If you intend to be moving funds in and out of your wallet often, and want easy access with modest security, a cloud wallet is an acceptable choice.
Addition in 2021: I do not recommend PayPal or Robinhood. These services don’t really sell you bitcoin. They sell you an investment in bitcoin. You can’t ever actually take custody of the coins. All you can do is sell it back to them for US Dollars at a later date. There are numerous problems with this. If you’re going to own something, just own it.
Coinbase or Gemini are popular starting points for people first buying cryptocurrency (it’s what I recommend, first-timers can click here or click here). But contrary to the common perception, Coinbase and many others don’t really give you a "bitcoin wallet", so much as they give you a Coinbase account. It's like PayPal, in that your funds are managed by them. They make it easy, but the downside is that you don't actually control the funds. They do. Many users are upset with a recent ruling that Coinbase will have to turn over all records to the IRS. This just happened recently, but was a predictable outcome.
Similarly, if there were a catastrophic economic event (the outbreak of war, economic collapse, large-scale natural disaster), there is every reason to believe that Coinbase would lock up your money, just like banks impose "bank holidays" when they think there will be a run on the banks. And to really add a punch to that scenario, a catastrophic economic event would send bitcoin skyrocketing in value. You'd have no access to your money. That's the risk with Coinbase. They're fine, as long as it's just business as usual.
If you're going to be moving funds regularly but want something that offers you more control, a cloud based wallet like Blockchain.info is much more private. It allows you to interface with the bitcoin blockchain directly, rather than acting as a manager or intermediary like Coinbase does. You control the money, and nobody else has access. This would prove to be a huge advantage in the above listed scenarios. The downside to this approach is the technical hurdle. It's not always easy or straightforward. Especially when you're dealing with large sums of money, it's nerve-wracking to move it around. If you make a mistake, there is nobody there to hold your hand or save you. There is no safety net. The responsibility is on you to manage those funds. There is no FDIC in the bitcoin world. If your personal information is compromised somehow, those funds are stored "in the cloud", and would be immediately available to anybody willing and able to steal them.
If the cloud sounds too risky to you, another option is to have a localized wallet on your phone or computer. This is simply a piece of software that you download and keep on your device. This has the advantage of giving you full control of the funds, and being offline when you're offline. The downside is a physical device, like a laptop or smartphone, can be lost, stolen, or broken. If your plan is to store your bitcoin locally, it's important to store backup information in a very very secure secondary place. More on this later. A good option for a local wallet on your laptop, desktop, or smartphone would be Mycelium.
The third option is a hardware wallet. This is a device designed expressly to securely store cryptocurrency. This is one of the best options out there. They’re more secure than other options because the “private key”, the string of alphanumeric characters protecting your bitcoin through cryptography, are stored on the device in a way that is totally inaccessible. They can’t be “downloaded”, and you can’t open the device to extract them. They’re basically impossible to get to, unless the secure protocol is followed for sending or receiving your cryptocurrency. This is a prefered method for people who hold a lot of cryptocurrency and are serious about their security. Two popular choices are the Ledger and the Trezor.
But every security measure has weaknesses. Nothing is fool-proof, meaning if you’re foolish, you’ll be taken advantage of. Somebody could steal your bitcoin from a hardware wallet, but there are more steps to the process, and it would be harder for them. They would have to do one of the following:
Steal your device AND your access code
Steal your backup seed phrase and duplicate the wallet
“Wait, what’s a backup seed phrase?” Good question, let’s address that. Many wallets have the option of creating a backup seed phrase, which is a random string of words, something like “correct horse battery staple”. The phrase can be as many as 24 words long. They don’t mean anything, but together they constitute so many individual alphabetic characters that no computer on earth could just guess the access code. Not in a million years.
Using this phrase, you could recreate a lost wallet, and get access to all the funds.
Did you catch that? With the seed phrase, you can get access to all the funds.
Do not lose the seed phrase.
Be smart. Hide it in a secure and obscure place. Some people store half the words in one place, the other half in another. Some people put it in a safe deposit box. Some people will imprint the phrase on a strip of metal, then dip the metal in wax to cover it up, thus making it tamper-proof. Like I said, this is serious.
Oh, and there are paper wallets, but if you're technically capable enough to securely put one of those together, there's no reason for you to have read this far. Link if you're interested in learning more.
As you’ve gathered, there are a lot of options here. That’s the blessing and the curse of cryptocurrency. It’s yours to do with as you please. As mentioned at the beginning of this article, the most important thing is education. Learn how security works. You don’t need to become a cryptographer, but it wouldn’t hurt to learn the basic mechanics of cryptography. If you're interested in those basics, you should check out this excellent video from SciShow about how bitcoin works.