Your bitcoin funds are your responsibility so you it follows that you should probably be taking your wallet security seriously too.
Security is a far-reaching and detailed topic in its own right, for which there are already many good resources on the web.
All Bitcoin wallets offer a wide range of security features, but it can be hard to know which of these offer protections that are valid for scenarios you can envisage finding yourself in. This last point is very important to consider. What's the point in going to the nth degree to secure your funds, if all you're ever likely to hold are a few Satoshis? (A Satoshi represents a one-hundred millionth of a single bitcoin). On the other hand, what's the point in not securing your funds if you wish to manage multiple bitcoin? (hopefully via one or more hardware wallets).
It's important to understand one of the fundamental differences between currencies such as bitcoin and the Dollars, Euro, Yen or Paeso that you may be familiar with: A traditional bank may be able to refund you should you lose funds via unauthorised persons discovering your internet banking password or via stealing or skimming your credit card. But with cryptocurrencies, the burden of security is on you. If you lose access to your Bitcoin wallet by losing the Seed Phrase (Used to generate the private keys that it securely maintains on your behalf), then you have lost that Bitcoin forever. You only need to Google "Lost Bitcoin" to read some saddening stories of thousands of US Dollars worth of bitcoin having been lost forever, due to poor security.
Depending on the frequency with which you wish to use bitcoin for payments and the amount you wish to hold in bitcoin, you may choose to be more or less security conscious and therefore select from a subset of the total range of security features offered by currently available wallets.
This security feature allows you to create what appears to be a genuine wallet with a genuine wallet balance, but is in fact only a facade, containing perhaps only a fraction of your total bitcoin funds. This confers a "plausible deniability" ability onto users in a "5 dollar wrench" attack scenario.
Pin On Wallet
This security feature allows users to set a secret PIN on the wallet itself, which needs to be manually entered into a wallet, before being able to use it or any of its features.
Pin On TX
This security feature allows users to set a secret PIN for each transaction, which needs to be manually entered into a wallet before being able to send any transactions.
A wallet with an encrypted password feature will simply store the password in question in an encrypted form on the device itself, therefore rendering a stolen device such as a smartphone, useless to a thief or attacker who isn't also in possession of the cryptographic keys used to perform the encryption itself.
Unlike most decimal currencies that are divisible only to two decimal places, and usually employing a separate currency denomination e.g. Dollars and Cents, or Pounds and Pence; bitcoin is divisible to eight decimal places, each unit of which is known as a Satoshi. This immediately allows for very fine-grained payments called "micropayments" and Dust is the word generally used to describe extremely small amounts of bitcoin, usually in the context of receiving change from a bitcoin transaction at around the 1000 Satoshi mark (0.00000001 Bitcoin).
Wallets offering a scrambled PIN feature will scramble the digits on any PIN-entry screen, to confound screen-reading and key logging malware that could be present on a mobile device. Whenever the PIN-entry screen is displayed, the keypad will arrange each digit differently each time.
2 Factor Authentication
A wallet that features two factor authentication (2FA) will require you to use at least 2 different means (factors) of verifying that you have permission to either open a wallet or create and send a transaction on that wallet. It depends on the wallet itself as to how exactly this feature is implemented.
Ordinarily almost every wallet you'll come across will prompt you to store a set of 12 or 24 words known as a "seed" or "seed phrase" or "wallet seed" the first time you use it. This seed is used by your wallet to derive a cryptographic key which in turn is used to generate unlimited payment addresses. If you lose your wallet or it's stolen, then a new wallet can be easily purchased or downloaded and the funds associated with the former can be re-instated within the latter.
This is n amazingly useful feature except that you need to keep the seed somewhere secure away from the wallet itself. Often this means writing it down on a piece of paper, stamping it on some sort of indestructible steel device or material and storing that somewhere safe like a lock box or bank vault.
With a Keyless wallet however there is no single private key stored in a single location. Instead the key is derived from multiple, geographically separate and cryptographically produced pieces and assembled from each piece whenever they're needed, e.g. when your wallet digitally "signs" transactions on your behalf when making a payment. Only a small handful of wallets implement private key management in this way and there are criticisms of the underlying system they usually use to achieve it.
A wallet with a Touch ID security feature allows it to authenticate either for a making a transaction or for opening the wallet itself, with the use of a finger or thumbprint. If you have a recent Apple or Android smartphone, you'll probably already be familiar with this feature.
A Login Countdown simply locks users out of a wallet app if a PIN code or password challenge has not been completed within a particular time-frame. If the countdown expires, users are required to re-do the process of authentication.
You can consider this a "feature of last resort". If wallet users find themselves under duress such as during an in-person attack of some kind, they can "brick" the wallet (rendering it as useful as a brick) by entering a special PIN. The wallet is then left completely unusable by an attacker or anyone else. Once in a place of safety, all users need to do to, to "rebuild" their wallet (and all the funds it managed) by downloading and installing a new wallet app and pass it their 12 or 24 word seed phrase.
Some wallet apps will only allow access to funds and wallet features after scanning your face. This is a highly secure way to access a wallet. However, you are providing personal data to the app when you do this and without knowing what the app actually does with the resulting data or image; as with any feature that requires personal information, you should do your own research first. A really good way to start is to also search for wallets that have been certified as "Reproducible". You can select this option from the "Wallet Features" menu in The Matrix.
Wallets with a remote-wipe feature allow users to send "commands" from a remote location to a Bitcoin wallet installed on a Smartphone for example. The command will completely delete the wallet from that particular phone if a particular text message is sent to a particular number. This is a useful security feature to have, but for it to be utilised, an attacker or thief does need to know the PIN (or face/touch-id) of your wallet first, to even be able to get into the wallet in the first place. A system of remote-wiping can therefore be seen as a useful backup security feature.
Wallets with a withdrawal limit will prevent Bitcoin funds transfers above a specified limit. For example, wallet users might configure a limit of 50,000 Satoshi (0.0005 Bitcoin) that is able to be withdrawn (sent) from that wallet. This is a useful security feature to have, but for it to be utilised, an attacker or thief does need to know the PIN (or face/touch-id) of your wallet first, to even be able to get into the wallet in the first place. A withdrawal limit can therefore be seen as a useful backup security feature.