MetaMask Security Tips: How To Keep Your MetaMask Wallet Safe

MetaMask is one of the most popular browser-based cryptocurrency wallets available. It’s completely free to use too! However, recently there has been many security hacks which have caused users to lose their hard earned tokens. In this guide, we will show you how to protect and keep your MetaMask wallet safe from attackers. Just follow these simple MetaMask safety tips!

metamask security tips

Table of Contents

What is MetaMask?

MetaMask is a web browser-based cryptocurrency wallet that allows you to store, transfer, and make purchases with cryptocurrency. You can also use it to interact with Web 3.0 applications. It also has a mobile-app version for those who prefer to use it on the go. The official website for MetaMask is

How To Install MetaMask?

For step-by-step instructions on how to install MetaMask and start using it, visit this guide.

Basic MetaMask Safety Tips

Here are 7 MetaMask safety tips to keep your wallet secure.

1) Never share your secret phrase

The MetaMask secret phrase is a 12-word phrase that is used to recover your wallet. If anyone else has it, basically they can control your MetaMask. As a general rule of thumb, never give your secret phrase to anyone. Even if they are claiming to be from MetaMask. If you want to be extra safe, write down your secret phrase on a piece of paper and keep it somewhere safe in your house.

2) Download MetaMask only from the official website

Only download MetaMask from the official website

Always check that the link redirects you to the exact same URL.

Only download Metamask from the official links on iOS or Google Play Store. Here are the links:

Download MetaMask on iOS
Download MetaMask on Android

3) Use a strong password for your wallet

Once you have installed MetaMask you will be prompted to set a password. This is the 2nd layer of defence. Use a strong password which is not easy to guess to protect your wallet locally or if someone steals your computer or has access to your computer they won’t be able access MetaMask. Use can use a strong password generator like this website.

4) Connect to only websites you trust

When interacting with Web3 applications and websites (for example. to mint an NFT) you have to connect your wallet to the website. Sometimes, especially for popular projects, hackers will attempt to impersonate another website (a process called phishing) in order to trick people into connecting to their website and interacting with the blockchain. When that happens, you can lose all of your cryptocurrency. Always double check the URL of the website you are connecting to before interacting with the website.

5) Turn on these recommended security settings

Security settings for MetaMask wallet browser extension:

  • Settings → Advanced → set Auto-Lock Timer to < 5 minutes
  • Settings → Advanced → turn off any experimental features
  • Settings → Advanced → select preferred ledger connection type if using a hardware wallet
  • Settings → Security & Privacy → turn on Show incoming transactions
  • Settings → Security & Privacy → turn on Use Phishing Detection
  • Settings → Security & Privacy → turn OFF Participate in MetaMetrics
  • Settings → Alerts → turn on all alerts
  • Settings → Experimental → turn off any experimental features

Security settings for MetaMask on mobile:

  1. Settings → Security & Privacy → set Auto-Lock Timer to < 30 sec
  2. Settings → Security & Privacy → recommend to use password/passcode instead of face ID but if your password is weak then face ID is preferable
  3. Settings → Security & Privacy → turn on Privacy mode
  4. Settings → Security & Privacy →clear privacy data, browser history and cookies at regular intervals
  5. Settings → Security & Privacy → turn OFF Participate in MetaMetrics
  6. Settings → Security & Privacy →Mobile app → change password specific to mobile

6) Lock or log out from MetaMask when not in use

When you are not at your computer or phone, it is recommended to lock MetaMask or log out in case of theft.

7) Use multiple MetaMask wallets

If you own a lot of expensive NFTs or have a lot of cryptocurrency, it is recommended to move some to different wallets in case one gets compromised. It is also recommended to get a hardware wallet like Ledger.

8) Switch off DMs in Discord

Discord is well known for bots, hackers, and scammers. As a best practice, switch off the ability for people to DM (Direct Message) you in Discord so that you won’t land on any phishing sites that will drain your ETH!

In Summary

We hope you found these safety tips useful! In today’s setting, there are more and more hackers out there with sophisticated methods to hack MetaMask wallets. It is always a good idea to do your research before interacting with a website or 3rd party to ensure that your MetaMask will not be compromised.