Holding your coins on an exchange, even a reputable one, even with 2FA enabled, is risky. Someone could impersonate you and steal your funds within minutes, while you are sleeping. The exchange could get hacked. You will not get your coins back if that happens. Centralised Exchanges Are Terrible At Holding Your Money
The only sane way to store bitcoin / other crypto currencies is using a hardware wallet. Get yourself a Trezor or Nano Ledger S. A hardware wallet allows you securely receive and perform crypto-currency transactions even on a malware-infested computer.
During the setup of your hardware wallet, you’ll be asked to write down a 24 word (BIP39) passphrase (the “recovery seed”). Properly securing that passphrase is the most important step of the setup. This is the passphrase that you will stamp onto a plate of metal to preserve it for decades to come. Losing or destroying your hardware wallet would not affect you in any way, as long as you safeguard that recovery seed, you will still have access to your funds.
You must be the only person to see your recovery seed. Do not ask someone else to stamp it into metal for you.
NEVER enter your recovery seed into any electronic device, file, website, or even a password manager. The recovery seed will be shown to you ONCE on the screen of your hardware wallet, but never leaves its memory. It should never be typed onto a desktop computer / smartphone as those environments are vulnerable to hacking by malware. You may write it down on paper temporarily in a private location, until you have a chance to secure the materials for stamping on metal. Never write your seed onto an electronic device
You MUST practice recovery of your hardware wallet. Once you’ve written down, or stamped the recovery seed, wipe out your hardware wallet, then restore it to ensure you’ve copied the recovery seed correctly. Do this before you send large amounts of funds to the hardware wallet. And repeat this every time you duplicate your recovery seed onto a new medium. Don’t expect an “untested” recovery seed will save you the day you need it. Why you must test your recovery seed before sending large amount of funds
Recovery Seed storage
By default, the 24 word recovery seed is the only thing required to access private keys. On the Trezor, there is an option to have an additional password, but I didn’t enable this option. I don’t trust myself to remember this password 10 years down the line. Why I don’t trust myself to use a passphrase on Trezor
This means keeping your recovery seed plates out of sight is extremely important.
You can have another set of plates in a separate geographical area, in a trusted location, should you completely lose access to your main location. Some people suggest safety deposit boxes, however there’s some debate about how safe those are.
With this redundant approach, the only risk you're exposed to is theft of the plates by someone motivated enough (and knowledgeable enough) to extract the funds.
Titanium or Steel Plates
These steel plates are designed to have a BIP39 24 (or 25) word passphrase stamped onto them, using a letter punch kit, to allow recovery of crypto currency private keys. Whether for use with a software wallet, or a hardware wallet like the Trezor, having the recovery passphrase stamped onto corrosion-proof and fire-proof metal plates minimizes the risk of loss of private keys. You can see letter punching in action on this video, although with our plates we will punch the full BIP39 words using letters, not numbers: ColdTI Punching Video.