Crypto Key Management Is Too Complicated
And just like the rest of the Internet, the solution is to just get used to it.
Share this article
I grew up at the dawn of passwords. I pretty much just had to memorize my parent’s address and phone number to get around. Occasionally I’d need my social security number and birthday, but life was pretty simple back in those days.
It was really only after the advent of the Internet that the amount of memorization needed to manage my life became overwhelming… fast.
There are personal passwords for video game consoles, mobile marketplaces, online services, apps, accounts, and more. Then everything is multiplied by the amount of business accounts and passwords needed for the various websites I contribute to, business tools, etc.
In my finances alone, there are multiple banks, payment services, investment services, money management apps, and more that I log into. And that’s not even including my crypto investments, which is the point of this article (and website).
And none of these should be the same (although honestly, most of our non-crypto passwords inevitably are). It’s too easy to find passwords online.
For starters, all of Yahoo’s 3 billion accounts were breached in 2013, leaving access to a trove of online passwords, security phrases, etc.
Marriott, Friend Finder, Adobe, eBay, Equifax, Sony, the United States Postal Service, and so many other databases have been hacked for information. Your information is definitely included in the pile, regardless of how secure or private you are online.
So will blockchain and crypto make our lives easier or more difficult with all these keys, seeds, passwords, and other authentication games?
The Crypto Conundrum
Every time I test a new blockchain project or wallet, sign up for an exchange, or invest in a new token, I’m creating yet another set of crypto keys.
In fact, password management has long been a struggle for me, and cryptocurrency is what finally made me invest in password aggregators like LastPass and two-factor authenticators like Yubico’s Yubikey.
I typically hate creating a single point of failure, but I’m just too busy to have friction in moving between services and devices. That’s what this cloud-based world is all about.
But even storing both passwords and crypto keys in LastPass and securing it with two-factor authentication isn’t guaranteed.
Everyone ‘knows’ a cold wallet is the most secure way to store keys, but is it really?
When 30-year-old QuadrigaCX CEO Gerry Cotten died suddenly this year, he took with him the only keys to $137 million in cryptocurrency. The single point of failure in technology is always humans, and we’d be wise to always remember that.
And even if he hadn’t died, Cotten could have simply lost the keys. That’s right – you’re not the only person who lost a crypto key you couldn’t recover. TV shows from The Big Bang Theory to Broad City and Alone Together made lost bitcoins a source of comedic material.
A 2017 study from Chainalysis estimates approximately 3-4 million bitcoins are lost. That’s over $15 billion worth of lost bitcoins sitting out there in the ether. To provide a contrast of the stakes we’re playing with, Bloomberg estimates Americans throw away approximately $61.8 million worth of coins every year.
Because so much value can be found digging in our trash, professional dumpster divers are now digging through our landfills to recover this buried treasure.
How long do you think it’ll be before someone decides $15 billion is worth taking?
Nobody would report the theft – how would you even know if something you lost was stolen, and at what point would it be theft anyway?
And widespread quantum computing makes our best military-grade encryption much easier to break these days, so we’re not talking hypotheticals (or at least won’t be for long).
The Solution (For Now)
Of course, encryption and cryptography run much deeper than blockchain and cryptocurrency, or even passwords. We all know our house can inevitably be broken into, and most security systems are only designed to make the process slower and response times faster.
Computer technology is more advanced than ever before, and at this point, we’re just building layers on top of layers. So many redundancies are built into the system that data can always be recovered.
Blockchain is, funny enough, a great solution for helping ease the pain of password management.
Your social security number builds a record, and blockchains like GXChain are hoping to move high-level government and enterprise identity servers into a decentralized and/or distributed model.
Creating data redundancy won’t prevent an attack from happening to you. It’ll just make it easier to stop the damage and recover.
This is why I have backups of backups, even of my cold storage options. I’ve lost a lot in my life (including a bitcoin and litecoin in their early years), and documentation has always been key to recovering it.
The balance between security and usability will forever be our war with technology. And the best solution to date may still be a few scrawls on a piece of paper.
Unless there’s a fire. OMG WHAT IF THERE’S A FIRE?????