Two people carrying a giant key representing security

At Shapeshift, we take security quite seriously. As they say — Not Your Keys, Not Your Crypto. Likewise, safety is positioned as one of the core features of our new, hardware-secured platform.

To prepare for the next bull market, it’s critical that you understand the basics of safety and security in this Brave New World full of shady exchanges, scammy blockchain projects, and unfriendly private keys.

Two-factor authentication (2FA)

Two-factor authentication (2FA) is your added extra layer of protection. Enabling 2FA involves entering a six-digit code (called a Time-based One-Time Passcode, or TOTP code) after entering your username and password.

🔐It’s extremely important that you keep a copy of your seed (secret code) you used in a secure place.

Which Apps provide TOTP codes?
  1. Google Authenticator (Android version 2.1 or later is required)
  2. Authy
  3. YubiKey

ShapeShift Membership accounts offer this too! Enable 2FA on your ShapeShift Membership for an added layer of security.

Ready to add the extra layer of security you need?

ShapeShift accounts allow you to enable 2FA on your account.

Remember, SMS 2FA is not recommended as it’s easier to intercept. Check out our article below for an in-depth guide.

Hodl vs. Hodler

“Hold on for dear life” — Hodl means hold your funds (save and don’t sell) more so then how you hodl them. A hodler describes someone who is holding their funds long-term in hopes of getting big gains one day. You don’t sell — and don’t fall victim to FUD.

Someone who hodls means they don’t sell — they hold strong through the bull or bear market. Someone who goes long on the coins they support.

Cryptographic Hash

Cryptographic hashes produce a fixed-size and unique hash value from variable-size transaction input (the SHA-256 computational algorithm is an example of a cryptographic hash).


The word cryptography, like many other words in the English language, has its roots in Greek. Broken down, the word roughly translates into “hidden writing.” In an environment like the internet where privacy can seem scarce, public and private keys enable people to communicate through cryptography.

Asymmetric & Symmetric Cryptography

Asymmetric cryptography is a method that uses one key to encrypt data (the public key) and one key to decrypt data (the private key). Conversely, symmetric cryptography uses the same key to both encrypt and decrypt the same piece of data. As a result, asymmetric is more secure than symmetric cryptography, but the process can take slightly longer as you’re dealing with two keys instead of one.

Cold Storage

Cold storage ensures your private keys are offline and never exposed to the internet. There are two types of wallets that may be considered cold storage:

1. Hardware Wallet

The most secure way to hold your crypto, a hardware wallet is a physical device that stores your keys offline while still allowing easy and safe signing.

2. Paper Wallet

Typically printed on a physical piece of paper, a paper wallet has both the public and private keys printed on it. This form of cold storage is not usually advised as paper (shockingly) is not the most durable of substances.

Crypto Wallet

A crypto wallet is the technology used to hold digital assets. A wallet is defined by a unique code that represents its “address” on the blockchain. The wallet address is public, but within it is a number of private keys that prove ownership of the crypto itself


Converting plain text into unintelligible text with the use of a cipher.

Hardware Wallet

If you’re serious about crypto, you’ll need a hardware wallet. Hardware wallets allow you to store, receive and send digital assets, making them the complete solution. We recommend KeepKey, but hey — we’re biased. Hardware wallets are one of the safest options for anyone that wants to keep their digital assets both accessible and offline.

Hot Wallet

A hot wallet is a wallet meant to hold digital assets that is always online.

Key Pair

A key pair is the pairing of a public and private key.

Mobile Wallets

Mobile wallets are exactly what they sound like — a wallet that is usable via a mobile application. This type of wallet is safer than an online wallet because the data is not stored via the cloud. However, it is considered less safe than using a desktop wallet due to the commonality of losing or breaking a mobile phone.

Online Wallet

Online wallet store your digital assets online through an external service that has control of your crypto. They are cloud-based, meaning you can access them on any device that you can connect to the internet. While this makes them convenient, they are far less secure than other wallet options.

Private Key

A string of numbers and letters that are used to access your wallet. While your wallet address acts as a public key, the private key is represented by a seed phrase, which is essential to protect.

You need your private key when selling or withdrawing cryptocurrencies, as it acts as your digital signature. When a transaction is initiated, the wallet software creates a digital signature by processing the transaction with the private key.

Public Key

This is your unique wallet address, which appears as a long string of numbers and letters. It is used to receive cryptocurrencies. Public Key is created from the private key with the use of asymmetric cryptography.

Your public key is essentially the public address where your cryptocurrency is deposited (But in order to withdraw it, you also need the private key).

Recovery Sentence

Random 12, 18, or 24-word recovery sentence that’s used to derive numerous pairs of private and public keys. Something to keep very secret.

KeepKey supports 12, 18 and 24-word recovery sentences — If you already have a recovery sentence and would like to recover it onto your KeepKey device please follow our recovery article: KeepKey Recovery Process.


The name of the cryptographic hash function (the hashing algorithm) used by bitcoin. It’s been subsequently used by a number of altcoins too. A very strong cryptographic standard that is used as the basis for Bitcoin’s and other proof of work systems. It is also the technology that protects wallets.

Software Wallet

A wallet where your private key for an individual is stored within software files on a computer. This is the system you are likely to use if you sign up for a wallet online that is not associated with an exchange. Storage of cryptocurrency that exists as software files on your computer software wallets can be attained free from a variety of different sources.

Verification Code

Code sent to a second device to ensure the identity of someone logging into an account; used for 2FA.

Ready to improve your security?

We believe in keeping you secure and want your private keys to remain with you in the safest way possible. When you pair your hardware wallet with our platform, you are getting the best of both worlds: a sleek interface and the knowledge that your crypto is as safe as it can be.

🚀 Are you ready? Let’s do this thing.