NGRAVE has a short and free quiz that anyone can take as a self-audit regarding their crypto security. It's not a recent one but it came to my attention, thanks again to Onealfa who posted his result on threads. His result came out as a Legend!
How is it done?
There's a series of questions from simple and generic ones in the beginning to assessing your level of crypto custody (like how you split your crypto assets over exchanges, hot wallets, and cold wallets; how do you transact, where you store your seed phrases or backup keys etcetera). Your answers to them determine the level of your security profile.
It takes just approximately four minutes to complete and no personal data are asked - except for a few questions related to your country and age bracket.
I took the test and apparently, my security profile turned out to be "Professional." Here's a quote from the result:
Kudos, our dear friend. You can challenge most hackers and come out triumphant with your coins intact. Your research and experience have made you a crypto-security professional. However, you can still aim higher to become a Legend.¹
So it looks like the highest security profile is a "Legend" and it might have something to do with having a backup in metal plates and more.
Recommendations
After completing the quiz and submitting the result, they gave me the following advice for me to level up my crypto security:
❇️ One of my answers was that I store some funds (about 1% of my portfolio) on 2-3 exchanges for trading purposes. Hence, they suggested keeping an eye on those CEXs and reviewing their security. There's a platform called CER with a list of exchanges
❇️ Further, when it comes to exchanges, they also recommended using security features like 2FA (and having a backup of them) and whitelisting external addresses to which we occasionally send assets.
❇️ They also suggested that in case I am relying on SMS-based 2FA, I should consider using anti-SIM-swap providers. As far as I know, we don't have that here in the country.
❇️ I often use more than 3 hot wallets (MetaMask, THORWallet, XDEFI, Phantom, and yes, Keychain). They reminded me of the risks associated with them. They added that even exchanges that are said to be secure have been hacked in recent years. Cold wallets are a lot safer, they say.
❇️ Hardware wallets are still safer and they further recommended using high-quality cold wallets and being aware of the pitfalls of those too. "Are there still online attack vectors or phishing?" or "Is the key generation safe enough?"
❇️ They also mentioned using a more air-gapped and secure hardware wallet and considering multi-signature setups.
I recently learned about air-gapped wallets while watching a hardware wallet review. Accordingly, they are designed to be offline (no internet connectivity, even Bluetooth or any wireless communication). They sign transactions offline and interact via QR Codes or micro-SD cards.
Multi-sig is a storage setup that requires multiple signatures for one to be able to access funds and process a transaction, using 2 or 3 different hardware devices.²
❇️ Finally, since I answered that my keys and seed phrase backups are on paper, they recommended having one that is more resilient and recoverable even when I lose the backup itself.³
Personal Thoughts
I did learn from the short test and the recommendations I've been given. While we do our best to secure our hard-earned digital assets, scammers and bad actors are also leveling up their tactics and strategies. Therefore, we must continue to learn new ways to get ahead of them.
Losing our crypto (no matter the amount) is one thing we don't want to experience. Hence, we shouldn't be complacent, even when we think we have a high level of security in place.
If you are interested in learning about your own profile, go to NGRAVE and find out what measures you may still need to upgrade your crypto security.
For infotainment only.
