Monero Best Practices for Beginners
Many users might be shocked to learn that experts think that it's possible to use a cryptocurrency incorrectly. Depending on what a user is defending against, there are certain steps and precautions that must be taken to preserve privacy, evade scams, and ensure the proper and timely delivery of transactions. Fortunately, the Monero developers have done everything they can to set sane defaults in these areas, so users who use the wallet software as-is will be safe the majority of the time. That said, we'd like to take some time to look at a few cases where it might be helpful to be a little more thoughtful in your spending.
WRITE DOWN YOUR SEED!
The first, and biggest way to keep your cryptocurrency safe and secure is to write down your Monero mnemonic seed, which is a short word list shown when you first create your wallet. If you have this seed, but your computer/phone dies, then you can recover your Monero. If you do not have this seed, and you lose your wallet, then your Monero is lost and nobody can help you recover it. In the same way, do not share this seed with anyone. If they have this word list, they have full access and spending rights to your Monero. Many have been careless with securing their seed, and come to the terrifying reality of lost funds because someone has taken them. We recommend writing it down. Physically. Not storing it digitally, and ensuring that you have several copies in various places. This is the number one thing you can do to secure your Monero. WRITE DOWN YOUR SEED!
Double check your addresses
Some scams utilize malware on your computer that changes the copy/paste functionality to put the address of the malware creator instead of the intended recipient. Since Monero addresses are long and unwieldy, it can be tempting to just verify the first few numbers and letters and call it good, or maybe not double check the address at all. While it's probably not necessary to verify the entire address, checking the first dozen and last dozen characters of an address will be more than enough for most cases. For addresses that you send to frequently, many wallets have an address book feature, which will put in the chosen saved address automatically. Still best to do a quick check though.
Learn the difference between hot and cold wallets
Hot and cold wallets are common terminology in the cryptocurrency space, and the concept is really quite simple. A hot wallet is one that you take out and use often. It's 'hot' from being in your back pocket. Cold wallets are ones that are not touched very often, similar to money in a bank. Just as it's not advisable to carry hundreds of dollars in your physical wallet, but it's generally acceptable to do so in a bank account, users should consider how much Monero is prudent to carry in their hot, mobile wallets, and how much is best left at home in a second, cold one. This way, losing a phone, theft, or other mishaps won't cause total loss of funds.
Are hardware wallets right for you?
If the idea of keeping your digital environment completely free from viruses and malware to protect your Monero is scary to you, then you might consider a hardware wallet. Basically the hardware wallet keeps your private keys on the device, away from your computer. So even if your computer does get compromised, the hackers will not have access to your seed. You will only be able to spend the funds if the hardware wallet is connected to the computer and signs the transaction. This moves the security of the keys from your computer, which is used for many things, and has a large attack surface, to the hardware wallet, which is only used for one thing, and has a much smaller attack surface. For the common person that doesn't know the ins and outs of computer security, it's a viable option to keep your funds secure.
When in doubt, use the defaults (with Monero)
In the realm of privacy, it's often far too easy to accidentally leak or reveal data about yourself that can be used to identify you. An old example that no longer applies to Monero is custom ringsizes. If the default is 11, and everyone uses 11, but you consistently use 54, yes the number is higher so your anonymity set is higher, but now you stand apart from the crowd and your transactions are easier to identify. Monero has since made an update to fix the ringsize at 11, so now everyone looks the same.
There are several things one can do to accidentally harm their privacy in other cryptocurrencies like Bitcoin. Choosing a reputable mixer, getting non-KYC/AML'd coins, not reusing addresses, and proper coin output management are all things an individual needs to consider when trying to minimize leakage of metadata. Monero sidesteps many of these problems by making the privacy features mandatory, and setting good defaults for the average user. The example above of using a fixed ringsize means that end users don't have to puzzle over how to achieve the best possible privacy in this regard. The wallet does it for them automatically.
This may seem like an odd thing to talk about. Most users could be forgiven for thinking that all software automatically works for them, and not against them. Sadly, nothing could be further from the truth, and when it comes to privacy almost all cryptocurrencies are severely lacking. The amount of effort one has to go through to achieve any level of privacy is usually too much and too difficult for an average user. This is often the case even with other cryptocurrencies that focus on privacy! Monero makes sure to make it so privacy happens automatically, with no thought from users, at the protocol level when possible, and with sane default settings for the wallets when it's not. When in doubt, just use the defaults of the wallet, and don't be afraid to ask questions.