> For the complete documentation index, see [llms.txt](https://docs.kastle.cc/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.kastle.cc/kastle-wallet-help-center/security/security-essentials.md). # Security Essentials [Kastle](https://kastle.cc/) gives you **full control over your Kaspa assets** — and with that comes full responsibility.\ Follow these best practices to keep your **Kaspa Wallet** and funds safe from loss or compromise. *** ### TL;DR – Quick Security Checklist 1. **Recovery/Seed phrase = everything** → Write it offline, never share, never store online. 2. **Set a strong PIN + enable biometrics** for double protection. 3. **Turn on Auto-Lock** so your wallet locks itself when idle. 4. **Back up your recovery phrase immediately** after creating your wallet. 5. **Always update** Kastle, your browser, and your phone OS. 6. **Connect only to official dApps** (via verified X/website) and read what you sign. 7. **Use safe networks/devices** → avoid public Wi-Fi and untrusted extensions. 8. **Separate funds** → small balance for daily use, hardware/cold storage for savings. *** ### Know What Matters Most * Your **seed phrase (recovery phrase)** is the ultimate key to your wallet. * Anyone with it can take your funds — keep it **safe, offline, and private**. *** ### Back Up Your Recovery Phrase Immediately After creating a new wallet, **back it up right away** following the steps in our guide [here](/kastle-wallet-help-center/security/backup-your-secrets.md).\ Write it down or store it securely offline — never take a screenshot or save it to the cloud. *** ### Protect Access with PIN, Biometrics & Auto-Lock * Set a **strong PIN** and never share it. * Enable **biometric authentication** (fingerprint or face ID) for extra protection. * Keep **Auto-Lock** on to automatically lock the wallet after inactivity. These features prevent unauthorized access if your device is lost or left unattended. *** ### Be Careful When Connecting to dApps * Use only **official project links** — ideally through verified X profiles or websites. * Double-check URLs to avoid clones or phishing sites. * When signing contracts on L2s, **always review what you’re approving** before confirming. *** ### Keep Software Updated * Always use the latest version of Kastle. Updates often include important security fixes. * Keep your phone, browser, and OS updated too. *** ### Avoid Risky Networks & Devices * Avoid managing funds on **public Wi-Fi**. If necessary, use a trusted VPN. * Only install Kastle from official sources: **Chrome Web Store**, **App Store**, or **Google Play**. * Do not use **rooted or jailbroken** devices for storing crypto. *** ### Separate Daily & Long-Term Funds * Use a **small balance** in Kastle for regular transactions and dApps. * Keep larger holdings in a **hardware wallet or cold storage** for maximum safety. *** ### Watch Out for Phishing & Scams * Kastle support will **never** ask for your seed phrase or PIN. * Ignore DMs, pop-ups, or emails claiming to be official. * Always verify links before connecting your wallet. *** ### If You Suspect Compromise * Move your funds immediately to a **new wallet**. * Reset your **PIN and biometrics**. * Revoke **suspicious dApp approvals** through Kastle or a trusted explorer. *** ### Important Final Reminder Kastle is a **non-custodial Kaspa Wallet**.\ This means **we cannot recover your wallet, seed phrase, or lost funds** if you lose access.\ Always back up your recovery phrase and follow these best practices — **your security is in your hands.** --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.kastle.cc/kastle-wallet-help-center/security/security-essentials.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.