With private keys being so integral in accessing funds keeping them safe is a top priority. There are some basic things to keep in mind when storing and handling private keys:
- If the private key is leaked any funds on that account can be accessed
- The level of private key storage depends on the amount of value being held on the account. For example if you were storing a few ounces of gold you might do it in a safe at home but storing a few hundred gold bullion would require a vault in a bank.
- Most wallets use a seed phrase which is used to generate a private key. The seed phrase can be considered the private key for the account.
Initial key management
The first step to keeping a company controlled private key safe is to use one of the hardware wallets available on the market. This means the private key is never exposed when managing day to day company activities.
When setting up the hardware wallet you will be forced to store two separate pieces of information. A seed phrase and a password/pin (this combination is essentially a more human friendly version of the private key), together any wallet can use these to access all the funds on the account. The password and pin can be securely stored on a password manager of your choice. The seed phrase needs to be written down on a piece of paper and requires a more traditional form of storage. A safety deposit box or safe are good initial storage locations.
- Setup a hardware wallet with both a seed phrase and passphrase
- Store the passphrase securely using a password manager
- Store the seed phrase by writing it down and keeping it in a safe or safety deposit box. This is only needed for recovery purposes.