One of the most important thing to remember when interacting with smart contracts and the decentralized finance (DeFi) space is to practice good security habits. This is because in the world of blockchain and DeFi, everything is digital and you are solely responsible for the custody of your wallets.
If your wallets are hacked or you lose your seed phrase, there is no “customer support” who will be able to help you to recover your account.
One of the most common gateway to connect to the decentralized finance is via MetaMask. When connecting to decentralized applications, here are some of the security considerations that I follow:
Use one main device for your main MetaMask wallet
For me, it is important to use my personal desktop while accessing my main MetaMask wallet. This MetaMask is only accessible via my home desktop computer browser.
As I am using a browser extension, I make sure to only install browser extensions I trust. Browser extensions can also be potential entry points for bad actors to gain access to your MetaMask Wallet.
Besides that, my home desktop is only connected to one WiFi connection point, which is my home personal WiFi connection. As much as possible, I try not to access the decentralized finance world or connecting my MetaMask wallet using public WiFi points.
Avoid using MetaMask on Android
There is a higher security risk when using the Android applications you’ve downloaded.
This is because Android is an open source operating system and therefore there are thousands of applications which available on the app store.
There may be a higher chance of finding a malicious program or application on Android especially since:
- You download new applications everyday
- New applications have different access permissions on your phone
- You connect your phone to public WiFi access points frequently
- You share and send photos to one another over the public WiFi access
- You may enable your Bluetooth connection daily to access safe entry token registration
- You may be visiting websites via advertisement shown to you on Instagram or Facebook app
These are all potential “entry points” for bad actors to gain access to your MetaMask wallet on your Android device, and hence I personally do not use my MetaMask wallet on my Android device.
However, that also means that I am giving up the convenience of being able to access the decentralized world using my mobile phone. What that means is I cant be minting NFTs on the go or using multiple devices to do so.
While there are no reported hacks of MetaMask via Android yet, this is a good reminder for everyone that if you are using MetaMask, be it via a desktop or mobile device, have good security practices, keep your seed phrase safely stored, and never give away your passwords.
Featured Image Credit: Crypto Kosh