Hallo everyone,
I will try to make this brief but will apologise in advance if I am coming at this from a “lack of knowledge” perspective.
I am new to this so obviously I am putting in as much research as I possible can.
I have a came across what I can only describe as a “surprising” lack of security. As I wish to stake TIME using Metamask I did research into how best protect my assets from being hacked and I did manage to find some (good) tips.
Here they are for anyone who might not know them. Please feel to add and / or correct me:
-
Create a good strong password with Meta Mask
-
Write your 12 word Seedphrase down on paper and hide it somewhere, never share it with anyone.
-
Always make sure the pc you are checking your staked time is secure and no one else has access to it.
-
Make sure your wallet is disconnected and that your Meta Mask is no longer signed in.
-
Any suspicious emails that offer you “updates / free crypto advice / sponsorships” etc, however professional they might seem, avoid opening them just incase a virus is ready to pop on to your device which gives them control.
-
Always go to the “connected sites” option on Metamaks and delete Wonderland.
-
Best to use a cable rather then open un protected WiFi when connecting your PC.
-
Don’t use public WiFi.
-
Always book mark “original” and “authentic” pages. So here you can go to trusted Youtubers and maybe to Daniele’s Twitter, check first they haven’t been hacked and there is the danger the hacker could be posting a similar looking but fake URL. If everything looks good go to the real Wonderland /Binance / Traderjoe pages aso and then bookmark those pages to ensure you always go back to the original. Still double check though!
10.Refrain from taking screen shoots and videos to post, complain about loses or to show gains off to your friends due to sensitive information that you might not notice, but a hacker would.
-
Always double check windows updates when your PC (or mac) requests them before verifying.
-
Be aware that some trusted youtubers have importers that will pose as them on their YT channels offering updates via whats app for free.
So that is a basic collection of tips I was able to scrap together as a beginner I hope it helps.
I also contacted both Hardware wallet companies to ask them if their devices currently support Time Tokens. Sara from Ledger got back to me after two days and told me that Ledger does not, although it is compatible with meta mask it is not possible to stake Wonderland 100% effectively atm.
Trezor still has not answered my request.
I have seen people claiming they used ledger for Time and forwarded a YT video to Sara from Ledger to see what she thinks of it. I will share her answer in the comments.
This was slightly disheartening as I have no problem buying a hard wallet to protect my assets but I guess it will take time until they become more “Avalance” friendly? (Sara mentioned that was the issue)
So I will be sure to keep my eyes open.
I personally would welcome a “wonderland two step verification method” f.e. email and password. Or sms / email. I heard SMS is not a good idea for our friends in the states so maybe they could think of something additional?
Also having a community like this we could also build a team of “anti hackers”? Just suggesting as I believe in the long run we will run into each other more often and grow as a community… we will also be making money thanks to each other so it would be nice if we protect and support each other.
Anyways, hope this helps and look forward to learning from you guys!
Stake well, Karim