How To Secure Your Metamask Account

The following are security recommendations to secure your Metamask account using both the Metamask browser extension and Metamask mobile app.

General best practice for security of your Metamask wallet

  • Never use the wallet on a shared computer
  • Use desktop rather than mobile wallet. It’s much easier to access/steal or compromise a phone than a laptop
  • Backup your seed phrase securely
    • Use a password manager such as Lastpass or KeePass to save password and seed phrase.
    • Also back up on paper or in your favourite book that you would never part with.
    • A good method for backing up is to store your secret phrase and password in 3 parts in different places
    • You can also “salt the password and secret phrase backup” E.G.
      • If your password is password1Secure then back it up as password15SecureSecret5 and write somewhere else your salt words: E.G. Secret 5
      • Similarly if your secret phrase is happy phone hammer radio then back it up as happy grass phone hammer blue radio and write somewhere else your salt words: E.G. grass blue
  • Generate a secure hashed password using password manager
  • Check your browser extensions. If you are not using a browser extension then turn it off. Browser extensions can record your screen or log your keyboard easily.
  • Run anti-malware and ant-virus programs regularly to check for key-logging software or spyware
  • Regularly clear your browser’s history and cookies
  • Lock your Metamask account when not in use
  • Deactivate/turn off the Metamask extension when not in use
  • If holding large amount of funds then consider creating several accounts in your wallet and split the stake between accounts
    • Also consider moving profits out of your wallet at regular intervals
  • NEVER EVER tell anyone your secret phrase or post it to any channel. If someone gets your secret phrase they can steal all your funds.
  • Your password can only be used on your device so treat your device like a vault to protect from theft and damage.

Recommended Metamask Security Settings

The following are recommended settings for using the Metamask browser extension and mobile app securely. Hopefully you will have many of these turned on by default but it is worth checking and making any changes.

Metamask wallet browser extension:

  1. Settings → Advanced → set Auto-Lock Timer to < 5 minutes
  2. Settings → Advanced → turn off any experimental features
  3. Settings → Advanced → select preferred ledger connection type if using a hardware wallet
  4. Settings → Security & Privacy → turn on Show incoming transactions
  5. Settings → Security & Privacy → turn on Use Phishing Detection
  6. Settings → Security & Privacy → turn OFF Participate in MetaMetrics
  7. Settings → See for recommended Network settings for the FLEX DAO
  8. Settings → Alerts → turn on all alerts
  9. Settings → Experimental → turn off any experimental features

Metamask wallet mobile app:

  1. Mobile app → Settings → Security & Privacy → set Auto-Lock Timer to < 30 sec
  2. Mobile app → Settings → Security & Privacy → recommend to use password/passcode instead of face ID but if your password is weak then face ID is preferable
  3. Mobile app → Settings → Security & Privacy → turn on Privacy mode
  4. Mobile app → Settings → Security & Privacy →clear privacy data, browser history and cookies at regular intervals
  5. Mobile app → Settings → Security & Privacy → turn OFF Participate in MetaMetrics
  6. Mobile app → Settings → Security & Privacy →Mobile app → change password specific to mobile

Learn more

Helpful links for using Metamask to stake in the FLEX DAO

Seychelles Restructuring Update

Dear CoinFLEX Community, It has  been a while since our last update on the Reorganization process. As you are aware, our priority has been to implement the Scheme of Arrangement, which was overwhelmingly approved by the creditors.  The implementation of the Scheme of Arrangement would allow us to: Distribute the…

New Permissionless Listing: Tokenize (TKX) Now on CoinFLEX

TKX /USD is now tradable on the CoinFLEX Permissionless Zone.   TKX is the native exchange token of Tokenize Xchange (Tokenize), a Singapore-headquartered digital exchange. Founded in 2017, Tokenize offers trading for over 80 cryptocurrencies in a safe and secure environment with competitive fees. As an early entrant into Singapore’s…

Introducing Permissionless Listing on CoinFLEX

There is no industry standard for listing your token on a centralized exchange. As a result, the process can be both time-consuming and costly. CoinFLEX is committed to providing token projects a more transparent and accessible listing process.  Permissionless Listing – What does it mean? Permissionless Listing means that any…