Boxmining v2

Category: Hardware Wallets

Highly secure hardware wallets that protect you from hackers and thieves.

  • Yubico’s YubiKey: Review and Guide

    Yubico’s YubiKey: Review and Guide

    The first line of defense to an online account is a username and a password. However, malicious actors sprawling the internet have made the traditional account security combo unreliable and risky per se.

    Therefore, SMS-based two-factor authentication (2FA) has been heavily utilized to provide another layer of security. Unfortunately, skilled hackers can still find a way to intercept SMS codes.

    To detach account security from the monopoly of software-focused methods, universal second-factor (U2F) authentication was developed. The technology uses open standards under the Fast Identity Online (FIDO) Alliance.

    Check out our video explaining what is YubiKey, and its pros and cons.

    YUBIKEY REVIEW AND GUIDE: How to keep your Bitcoin and cryptocurrency SAFE

    What is YubiKey?

    FIDO works to reduce the reliance on passwords when securing internet accounts. YubiKey is a U2F-enabled hardware key developed by Yubico to secure web-based services. Businesses, individuals, and developers can use it.

    Yubikey
    YubiKey

    The key is available in different shapes and connectivity functionalities. While earlier versions only support physical insertions into USB ports on a host device, the YubiKey five series accommodates connection through near field communication (NFC).

    NFC allows interaction with the device without physically plugging it into a port. However, the key and the host device must be near each other.

    YubiKey Reviews on Amazon

    From the reviews left by buyers on Amazon and other platforms, it is evident that the key is a must-have for security-conscious internet users. In fact, over 80% of buyers left a five star score for the YubiKey.

    One of the reviewers recommended the Yubico YubiKey to developers, IT pros, and “security-minded users.” Furthermore, they praised its manufacturer for providing GUI-enabled YubiKey manager for those having a hard time on where to start.

    Others attributed their happiness to the key’s support for password managers such as LastPass. YubiKey users hail it for ease of use as a smart card and its compliance to the Health Insurance Portability and Accountability Act (HIPAA).

    Unfortunately, not everyone is happy with their hardware key. Although the negative reviews are minimal, some raise valid concerns.

    Among the main problems is documentation, which isn’t user-friendly. Additionally, a buyer on Amazon notes that the key “is still too complicated for the average consumer, as it’s not exactly a plug and play device.”

    How to Start Using YubiKey

    The process of enjoying world-class security on your online accounts starts with purchasing the hardware piece from a reliable platform. After receiving a key, visit Yubico’s website, and choose your key from the list.

    Specifying the purchase key from the list helps filter the services where it can be used to provide security. On the services list, select the account you need YubiKey’s hand in boosting its security.

    Each service is followed by step-by-step instructions on how to connect to the hardware security key.

    For example Binance lets you use your YubiKey with their cryptocurrency exchange. This means that your YubiKey is required for authentication before approving any transactions. Note however that Yubikey authentication is not supported on Binance’s Apps and mobile websites.

    How to set up your YubiKey on Binance

    • Login to your Binance account and click on your profile avatar.
    • Choose “Security” from the options, then “Setup.” On the 2FA section, click on “Security Key.” Note that it only provides the needed extra security layer when accessing the Binance.com website.
    • Read the note and hit “Continue anyway.”
    • Insert the key in any available USB port and press the button at the hardware’s center to activate it.
    • Activation needs to be done within one minute after inserting the key. However, it can be repeated if you miss this activation window.
    • Once activated, hit “Allow” to the message “Allow this site to see your security key.”
    • Next, verify your account. Note that Binance will need you to provide the authentication code from Google Authenticator if you had previously enabled this step.
    • Binance will then send you an email at the registered address for you to confirm the addition of a new 2-step verification method using something you physically have.
    • After verifying the email, you are done.

    Examples of YubiKey-Supported Services

    YubiKey works with a host of services such as cloud-based systems, password managers, email platforms, social media, gaming developer tools, cryptocurrency platforms, offline computers, among others.

    Examples of cloud-based systems compatible with the security key include Dropbox, DigiCert PKI Platform, DocuSign. Cryptocurrency platforms that support YubiKey include Binance, Coinbase, Kraken, Bitfinex, and Gemini.

    YubiKey bio
    Cloud-based systems compatible with YubiKey

    Social media platforms with inbuilt support for the hardware key include Facebook, Twitter, Instagram, and YouTube.

    For developers and offline computer users, YubiKey is enabled for popular services such as Github and Bitbucket for developers and can be used to login into Mac and Windows computers.

    Latest YubiKey Series

    The hardware piece is developed in sets, with keys in one batch having additional features than those in previous models.

    • Yubico YubiKey 5 Series – Keys in this group are compatible with conventional and new systems. It has enhanced passwordless, multi-factor, and 2F authentication. Also, it has a touch-to-sign button, can be inserted on USB-A and C ports, and has NFC capabilities.
    • Security Key Series – Its salient features include dual NFC and USB-A connectors. Additionally, hardware security pieces in this cluster are crush and water-resistant.
    • YubiKey FIPS Series – These are certified hardware security keys that can be used for regulated environments such as government institutions. This set weds different functionalities such as one time passwords (OTP), smart card technology, and U2F. Keys in this group have USB-A and USB-C compatibility.
    • YubiKey 5C NFC – It has support for NFC, USB-C, and provides a fast yet secure authentication process. This series has a longer list of supported operating systems and browsers than other versions.
    • YubiKey Bio – When released, this will be the latest Yubico YubiKey in the market. Its major selling-points are fingerprint recognition, enhanced security, minimal helpdesk calls, and PIN-based login.
    Coming soon: YubiKey bio

    Conclusion

    From the reviews, it’s clear the YubiKey hardware security key is effectively guarding users against account takeovers. However, which Yubico YubiKey is best suited for your needs depends on its cluster. The newer the series, the more the features and services it can provide.

    Despite some users citing complicated documentation, exerting effort to set this up can indeed give that extra layer of security that would keep your accounts safe and give you peace of mind.

    Disclaimer: Cryptocurrency trading involves significant risks and may result in the loss of your capital. You should carefully consider whether trading cryptocurrencies is right for you in light of your financial condition and ability to bear financial risks. Cryptocurrency prices are highly volatile and can fluctuate widely in a short period of time. As such, trading cryptocurrencies may not be suitable for everyone. Additionally, storing cryptocurrencies on a centralized exchange carries inherent risks, including the potential for loss due to hacking, exchange collapse, or other security breaches. We strongly advise that you seek independent professional advice before engaging in any cryptocurrency trading activities and carefully consider the security measures in place when choosing or storing your cryptocurrencies on a cryptocurrency exchange.

  • Ledger Stax: Next-Gen Crypto Wallet Designed by iPhone Co-Creator Tony Fadell

    Ledger Stax: Next-Gen Crypto Wallet Designed by iPhone Co-Creator Tony Fadell

    Ledger and Tony Fadell Unveil Stax Wallet

    Ledger, one of the top hardware wallet providers, has announced the launch of its new Ledger Stax wallet in partnership with Tony Fadell, co-creator of the iPod and iPhone. This is a significant initiative as Fadell being one of the world’s foremost tech engineer is stepping in to bring clarity and confidence to owning digital assets following the collapse of FTX.

    Pre-order your Ledger Stax Wallet here!

    buy now

    Key Features of Ledger Stax Wallet

    Fadell realized that existing hardware wallets are difficult to use for mass consumers. Therefore, he drew inspiration from his iPod design to bring a more user-friendly experience for wallet users.

    Ledger Stax resembles a small smartphone and has a monochromatic E ink display which covers the front and curves around the spine. That way users can easily view complete transaction details as well as their NFT collections even when the wallet is off. This works in conjunction with integrated magnets, allowing multiple Stax devices to stack, hence its name. This is particularly useful for Ledger owners who have different portfolios since they can look at the labels displayed on the spine, like books on a shelf.

    Stackable Ledger Stax wallets with displayable screen on the spine (Source: Ledger)

    Users can store more than 500 cryptocurrencies or NFTs on Ledger Stax. Developers are also planning to allow users to explore Web3 applications through the Ledger Live app. Users can connect the Ledger Live app on (1) laptops via secure USB-C or (2) smartphones via bluetooth. This new user interface will enable clear and intuitive interaction for all mainstream users.

    Ledger Stax also has good energy efficiency and supports wireless Qi charging. Its battery can last as long as few months with a single charge.

    How to Get Ledger Stax Wallet?

    Ledger Stax is now available for preorder at $279 and will begin shipping by the end of March 2023. It will also be available from select retailers such as Best Buy in the U.S. Those who purchase the wallet will also receive an Infinity Pass, which provides users with a free utility NFT.

    Additionally, a Ledger Stax NFT Bundle is available to mint on [Ledger] Market for 0.22 ETH to redeem a free Ledger Stax device. It also unlocks access to exclusive NFT artwork from Ledger’s network of hand-picked artists. However, Genesis Pass holders and PREMINT Collabs have special mint-priority, and there are only 10,000 bundles available.

    Key Takeaway

    “Not your keys, not your crypto” — there is a great risk of losing all your crypto if you park it on a centralized exchange. Hardware wallets are great self-custodial solutions because only you have control over your funds. But the problem is it can be quite daunting to operate one, especially for beginners.

    Ledger Stax will revolutionize this by bringing the familiar user experience of smartphones into hardware wallets. This is a big step towards a decentralized financial future as more people are opting for self-custodial solutions. If you are interested in other hardware wallets, feel free to check these out:

    Pre-order your Ledger Stax for only $279 and get it by end of March 2023!

    buy now
    What is the Ledger Stax wallet?

    The Ledger Stax wallet is a new hardware wallet developed in partnership with Tony Fadell, co-creator of the iPod and iPhone. It has a unique and innovative design in the style of high-end Samsung cell phones, and lets users view their NFT collections even when the wallet is off.

    When will the Ledger Stax be available for sale?

    Ledger Stax is now available for reorder at $279 and will begin shipping by the end of March 2023.

    What features does the Ledger Stax offer?

    The Ledger Stax wallet is an easy-to-carry device about the size of a credit card, which allows users to store more than 500 cryptocurrencies or NFT collections. It also features an E-Ink touchscreen for viewing NFT collections, and a battery that can last for weeks or even months with a single charge.

    Are there any incentives for purchasing the Ledger Stax?

    Yes, those who purchase the wallet will be eligible for various prizes, such as a “Magnet Shell” protective case and an NFT from the “The Art On Ledger Stax Collection.”

  • Ledger Nano S Review (2023): Do I need to upgrade?

    Ledger Nano S Review (2023): Do I need to upgrade?

    Ledger Nano S was first released in 2016 with more than 3 million units sold around the world. Ledger announced that they will retire the Nano S in June 2022. This is to let its new and improved version, the Nano S Plus, take its place going forward. Even though Nano S will stop production, firmware upgrades for it will keep rolling out in the future.

    The final (and special) edition was called Ledger Nano S Final Edition. It came with a POAP card that allows you to claim an exclusive NFT created by the artist “what is real?”. However, it is sold out.

    We recommend you get the upgraded Ledger Nano S Plus as it has added DeFi and NFT friendly features. Check out our review of the Nano S Plus here.

    The Ledger Nano S Plus retails for USD$79.

    CLICK BELOW TO BUY!

    buy now

    Key features of the Ledger Nano S

    • Top of the line security to keep your cryptocurrencies safe and secure from hackers.
    • Affordable price- suitable for beginners who want a cheap and reliable hardware wallet.
    • Unique staking features so you can EARN cryptocurrency whilst keeping them secure. Learn more about staking here.

    Staking and Earning

    Ledger Live allows for staking a growing number of coins, including ETH (Ethereum), SOL (Solana), ATOM (Cosmos) and DOT (Polkadot). Users can lock up their cryptocurrencies and in return they get interest. This feature expands Ledger into more than just a secure place to store your cryptocurrency. It can even help you grow your digital assets.

    Depending on the coin, staking can be done natively on Ledger Live, or through a dedicated wallet. For example Yoroi Lite for ADA (Cardano). Staking is done in 3 simple steps for coins that can be staked on Ledger Live.

    First, freeze your assets by logging onto Ledger Live. Choose the relevant account for the asset you wish to stake and click “earn rewards”. A popup window will appear. There you will be allowed to select the amount in your wallet you wish to freeze. Secondly, vote for your validator(s) who will be making the blocks on your network. The cryptocurrency earned by making these blocks will be redistributed to voters. Lastly, claim your rewards by clicking “Claim” in your relevant account. Rewards are claimable every 24 hours.

    Swapping

    Ledger has released a Ledger Swap feature which allows users to exchange their cryptocurrencies through Challengly, Wyre, Paraswap and 1inch. You send your cryptocurrency from your device to the exchange, which will then send you back the swapped cryptocurrencies.

    To swap you will need: Ledger device, Ledger Live, the app for the crypto you want to swap and receive, and the exchange app.

    Lending

    Ledger is working with Compound (COMP), Aave (AAVE) to allow users to lend DAI, USDT and USDC through their decentralised finance (DeFi) protocols. The purpose of doing this is that the lender could earn an interest on their loan. Ledger Live has also integrated with Alkemi Earn. This is a lending-borrowing protocol that utilizes a permissioned liquidity pool of digital assets comprising ETH, wBTC and stablecoins. The purpose of which is to generate yield for liquidity providers.

    There are numerous benefits when using Ledger to lend:

    Control: You have control and proof that the crypto you lend and generated interest belong to you. When you lend on Compound, you receive cTokens as proof of ownership of lent cryptocurrencies and generated interest. You can redeem your assets and interest by sending cTokens back to the smart contract.

    Security: cTokens are stored on your ledger hardware wallets.

    Convenience: Compound’s lending features are available directly through Ledger Live.

    You can lend crypto using Compound or Aave and Ledger Live in 3 simple steps. Firstly, on Ledger Live’s Manager, install the application for the cryptocurrency you want to lend and create an account. Secondly, enable your account to authorise Compound/Aave’s smart contract to interact with your account. Finally, select the amount of cryptocurrencies you want to lend and issue a transaction to Compound/Aave. Verify and approve the transaction on your device.

    Security Features

    Ledger Nano S Security Features
    Ledger Nano S features 2 hardware chips: ST31H320 & STM32F042

    One of the key reasons to buy Ledger hardware wallets is the firms reputation for security. Cryptocurrencies hardware wallets are like bank accounts – they contain full access to funds and need banking grade security. Ledger Nano S contains two hardware chips:

    • Secure ElementST31H320 (secure) is independently certified CC EAL5+ and stores the private key and signs transactions
    • Operating systemSTM32F042 chip is responsible for Ledger’s BOLOS proprietary Operating System.

    Secure elements are separate pieces of hardware (second layer of security). Secure elements have their own storage and limited functionality that hackers cannot breach.

    Even if hackers or malware compromise your computer, the Ledger will still keep your cryptocurrencies secure. Devices like the Trezor One and Trezor Model T have chosen not have secure elements. And so only have a single layer of security.

    The Nano X, Nano S Plus and Nano S are the only cryptocurrency hardware wallets to receive CSPN (First Level Security Certificate) certification. This is issued by the ANSSI (National Agency for Information Systems Security). The certification scheme evaluates multiple aspects of a device’s security. For example firewall, identification, authentication and embedded software by putting it through multiple attack scenarios.

    Similar to the Nano X, users can also protect their funds using a PIN code and passphrase. The PIN code is to generally unlock your device to use it. Whilst you can also set up wallets protected by a passphrase in addition to your primary PIN code.

    If someone threatens you to unlock your device, you can give them the PIN code to access wallets with fewer funds. Meanwhile, passphrase protected wallets contain the bulk of your crypto assets.

    Ledger firmware version 1.6: security enhancements

    With firmware version 1.6., the security of the Nano S has been further enhanced.

    • 24 words recovery phrase confirmation has been simplified and shortened. Now for each of the 24 words of the recovery phrase, users will only choose among 4 words. Therefore making it much easier to get through the process;
    • The Nano S now has the Control Center feature that was originally on the Nano X. Allowing for functions such as accessing settings, locking device or deleting applications possible directly on the device;
    • Added support for Bitcoin Taproot upgrade;
    • Added support for the seed derivation algorithm EIP-2333. Thus allowing you to securely sign a deposit contract transaction for Ethereum 2.0 on your device;
    Before the firmware update
    Before the firmware update. The power consumption is in a predictable pattern.
    Ledger firmware update result
    After the firmware update. The device consumes power in an unpredictable pattern and inverts the PIN code display.

    After the update, we find that being unable to enter PIN code digits in order anymore may be slightly inconvenient. However with cryptocurrencies, security always comes up top over convenience. And with the added partial screen inversion, we see that Ledger’s bounty program is not just a PR stunt. Ledger actually looked into submissions and made the security improvements even when the suggested hack was only hypothetical.

    Ledger Hack?

    In July 2020, Ledger confirmed they suffered a data breach. An unauthorised third party had accessed Ledger’s e-commerce and marketing database. (www.gamepur.com) Ledger collaborated with forensic firm Orange Cyberdefense and determined that the data breach affected around 292,000 customers and exposed approximately 20,000 customer personal records.

    Ledger had reported the matter to authorities and are working with Orange Cyberdefense to investigate.

    Subsequent the breach, users have reported receiving phishing emails and texts. These emails and texts ask users to download a new version of the Ledger software. Clicking the email link redirects users to a fake Ledger site. If users download the “update”, it asks for their Ledger’s recovery phrase but is actually malware. The attacker uses the entered recovery phrase to recover the user’s wallet and sends the user’s cryptocurrencies to the attacker’s wallet. For a full explainer on how the phishing attack works see the report from Kraken.

    phishing-email
    Phishing email sent from info@ledgersupport.io address (Image credit: Kraken)

    Therefore this incident was a “data breach” rather than a “hack”. More importantly, this breach had no link or impact on the Ledger hardware wallets or the Ledger Live app. Cryptocurrencies stored on the Ledger devices have never been at risk.

    Even before the firmware update, the Nano S scored full marks on security. We also note that the hack does not affect the Ledger device itself, so our scores remain unchanged.

    Security: 5/5

    Multi-Currency Support

    Supported Coins on Ledger Nano S
    Supported Coins on the Ledger Nano S

    Ledger has one of the most diverse support for different cryptocurrencies such as Algorand (ALGO), Solana (SOL) and Chainlink (LINK). With their open policy to development from project teams, the Ledger Nano S supports 1800+ different assets. Many of these assets like Vechain or NEO are not found on competitors like the Trezor Model T or KeepKey. Thus making Ledger the only hardware wallet available for many coins.

    One of the initial weaknesses of the Nano S was that it only fit 2-3 apps on the device. However Firmware Version 1.6 allowed users to install 5-11 apps (depending on the type of app installed). This will certainly answer the prayers of a lot of average cryptocurrency holders who generally hold around 5-10 different coins.

    If you need more apps, you can uninstall the ones you’re not using and reinstall them later. Uninstalling apps won’t delete coins and all account information will remain. The newly released Ledger Nano X fixes this problem by increasing the internal memory to 2 MB.

    Ledger’s firmware update directly addressed a significant weakness in the Nano S. Whilst it still can’t beat the Nano X in terms of multi-currency support, it is good enough for most traders. For this reason, we give our thumbs up and bumped the score up from 4/5 to 4.5/5 for multi-currency support.

    Multi-Currency Support: 4.5/5

    Hardware Design

    Ledger Nano S Screen
    Ledger Nano S compared with Nano X

    Ledger Nano S has two hardware buttons – located on the top of the device. These two buttons allows us to access menus (hold both buttons), make selections (press both buttons). And even input recovery phrases (use buttons to scroll). We found that entering PINs and recovery phrases to be tedious with only 2 buttons. Perhaps a touchscreen or additional buttons could have helped?

    With the update 1.6, the Ledger Nano S has an improved display UI. So, the device displays the full cryptocurrency address without the need to scroll. This allows for easier verification of the target destination. The Nano S uses a USB micro-B interface for charging and connecting to the PC.

    With its plans to continue its firmware upgrades in the future, clearly the Ledger will never fully abandon the Nano S.

    Hardware Design: 3.5/5
    Ease of Use: 4/5

    Why Use a Hardware Wallet

    With traditional currencies, you, the user, are the most important person. If you have ever lost your bank card, you can always go to the bank with some sort of identification and request for access back to your account.

    Cryptocurrencies, however, don’t care about the physical person but rather the private key associated with the wallet. You use the private key to verify the account and transactions. Anyone with access to the key can send funds, so you must keep it safe. Additionally, you cannot reverse cryptocurrency transactions.

    Hardware wallets can protect you against these things. They add an extra layer of security by storing the private key on the device itself. The only way to hack it would be to have physical access to the hardware wallet or the backup phrase.

    Ledger Nano S Worth it in 2023?

    In short, the answer is: not really. Ledger has retired the Nano S and even the Ledger S Final Edition. Both are no longer available for sale on the official site. This means that the only places where you’ll be able to buy them are 3rd party sellers or second hand. We highly advise against both options because someone might have tampered with the device.

    Mind you, Ledger will continue to support the Nano S’s firmware so it stays up-to-date. If you were lucky enough to buy the Nano S while it was still available, it is still worth using. Unless, you want the upgraded DeFi and NFT features. If not, your only choice is to get a Nano S Plus. Although this costs an extra 20USD, they did add upgrades to make it worth your while.

    The Ledger Nano S Plus retails for USD$79.

    CLICK HERE TO BUY!

    Learn how to properly setup your Ledger Nano S with our guide.

    Product Specifications (Technical Specifications)

    Ledger Nano S Product Specifications:

    Processors ST31H320 (secure) + STM32F042.
    Compatibility 64-bits desktop computer (Windows 8+, macOS 10.8+, Linux) excluding ARM Processors. Also compatible with smartphones (iOS 9+ or Android 7+) via OTG cable.
    Connector USB micro-B
    Security Certification CC EAL5+
    Size Size: 56.95mm x 17.4mm x 9.1mm
    Weight: 16.2g
    Supported Assets 1100+ Supported assets