Pages:
Author

Topic: Best Online Wallet? - page 2. (Read 21732 times)

sr. member
Activity: 373
Merit: 250
September 18, 2012, 10:55:28 PM
#36
As long as you have your private key saved away safe and sound you're all good, am I correct?
sr. member
Activity: 240
Merit: 250
September 18, 2012, 05:28:11 PM
#35
thanks guys. blockchain seems kool. never made an in person transfer or mobile etc. before

don't know what yubikey is...?

A YubiKey is a small USB device which is essentially a keyboard that types in a whole lot of characters when activated.  Those characters are different every time you activate it and are known as a one-time password (OTP).  After you have associated a specific YubiKey with your account, all the passwords your key generates will be recognized as coming from your specific YubiKey.  The website you do the authentication on actually has no idea whether or not your OTP is valid or not by itself.  It has to request verification from Yubico's servers.  So, it's basically a way to use very simple two-factor authentication which is very, very secure.  YubiKeys themselves are very small (I keep mine in my wallet) and rugged.  There aren't a ton of services which use them currently, but I seek those services out.  LastPass is an example of a service where the use of a YubiKey is an extremely good idea, but you can also use it with Gmail/Google's two-factor authentication (with some additional software) and various other sites and services.

shooting in the wild here...do you know what can be done after you accidentally hit your yubikey with a hammer rendering it disfunctional

It's quite sturdy and has no battery or moving parts, so it may not do anything depending on how hard you hit it and the angle (they've survived being run over by cars apparently).  Anyway, if that happens, you can just request whatever service you're using cancel your 2-factor authentication, which they usually do by confirming via an email address associated with your now-locked account.
420
hero member
Activity: 756
Merit: 500
September 18, 2012, 03:11:20 PM
#34
thanks guys. blockchain seems kool. never made an in person transfer or mobile etc. before

don't know what yubikey is...?

A YubiKey is a small USB device which is essentially a keyboard that types in a whole lot of characters when activated.  Those characters are different every time you activate it and are known as a one-time password (OTP).  After you have associated a specific YubiKey with your account, all the passwords your key generates will be recognized as coming from your specific YubiKey.  The website you do the authentication on actually has no idea whether or not your OTP is valid or not by itself.  It has to request verification from Yubico's servers.  So, it's basically a way to use very simple two-factor authentication which is very, very secure.  YubiKeys themselves are very small (I keep mine in my wallet) and rugged.  There aren't a ton of services which use them currently, but I seek those services out.  LastPass is an example of a service where the use of a YubiKey is an extremely good idea, but you can also use it with Gmail/Google's two-factor authentication (with some additional software) and various other sites and services.

shooting in the wild here...do you know what can be done after you accidentally hit your yubikey with a hammer rendering it disfunctional
sr. member
Activity: 240
Merit: 250
September 18, 2012, 08:56:09 AM
#33
thanks guys. blockchain seems kool. never made an in person transfer or mobile etc. before

don't know what yubikey is...?

A YubiKey is a small USB device which is essentially a keyboard that types in a whole lot of characters when activated.  Those characters are different every time you activate it and are known as a one-time password (OTP).  After you have associated a specific YubiKey with your account, all the passwords your key generates will be recognized as coming from your specific YubiKey.  The website you do the authentication on actually has no idea whether or not your OTP is valid or not by itself.  It has to request verification from Yubico's servers.  So, it's basically a way to use very simple two-factor authentication which is very, very secure.  YubiKeys themselves are very small (I keep mine in my wallet) and rugged.  There aren't a ton of services which use them currently, but I seek those services out.  LastPass is an example of a service where the use of a YubiKey is an extremely good idea, but you can also use it with Gmail/Google's two-factor authentication (with some additional software) and various other sites and services.
420
hero member
Activity: 756
Merit: 500
September 18, 2012, 01:49:02 AM
#32
thanks guys. blockchain seems kool. never made an in person transfer or mobile etc. before

don't know what yubikey is...?
full member
Activity: 179
Merit: 100
September 15, 2012, 11:31:03 PM
#31
IMO, it has to be blockchain.info:

cool interface
nice way of tracking transaction and bitcoin adresses
very flexible send options

high security:
- private keys get decrypted only on the client side in a (usually) sandboxed browser
- two factor authentication (yubikey, google authenticator)
- browser addons which check the validity of the javascript code sent from blockchain.info

automatic encrypted wallet backup sent via e-mail, also dropbox support

brain wallet support

iphone app

minus:
no android app

+1

And another +1
member
Activity: 70
Merit: 10
September 13, 2012, 08:17:27 AM
#30

This thing is wicked. Helps when your on the road and would rather leave the laptop at home. Smiley
sr. member
Activity: 240
Merit: 250
September 09, 2012, 05:20:20 PM
#29
Another +1 for blockchain.info

I know we shouldn't trust anyone, but as far as usability goes I think blockchain.info is the best out of any I've tried so far, nice features.

Just keep an offline wallet for the majority of your coin and you'll be good.

You can export your Blockchain.info wallet and import it into MultiBit if anything happens to the website.  That's pretty cool Smiley
full member
Activity: 168
Merit: 100
September 09, 2012, 11:12:54 AM
#28
Another +1 for blockchain.info

I know we shouldn't trust anyone, but as far as usability goes I think blockchain.info is the best out of any I've tried so far, nice features.

Just keep an offline wallet for the majority of your coin and you'll be good.
sr. member
Activity: 240
Merit: 250
September 09, 2012, 08:39:17 AM
#27
I still don't know the answer.  Mt.Gox YubiKeys definitely don't use OTP, but if someone knows about regular YubiKeys straight from Yubico, please let me know.

Yubico yubikeys do full OTP validation, only MT.Gox keys do not (because they are locked to Mt.Gox)

Line 2263: https://github.com/blockchain/My-Wallet/blob/master/WalletServlet.java

Awesome, thanks!
hero member
Activity: 728
Merit: 500
September 09, 2012, 07:50:20 AM
#26
mtgox wallet has the problem that you are unable to play satoshidice like games
Thats not a problem but a benefit!

no its a huge problem
if you only look at satoshidice its ok (as long as you expect ANY new user to be careful enough to not try)

but i think its a very good feature of bitcoin to see the addresses money came from. so you have a chance to send funds back.

with an mtgox wallet this is not possible. if you send back the money mtgox itself gets it (afaik: could also be that you send the funds to a random mtgox user)

You can always go to your transaction history and find the transaction number. Using that you can track who sent it to you easily. If you want proof send me some coins to my mtgox and I'll send it back to the same address.
hero member
Activity: 910
Merit: 1005
September 09, 2012, 07:40:42 AM
#25
I still don't know the answer.  Mt.Gox YubiKeys definitely don't use OTP, but if someone knows about regular YubiKeys straight from Yubico, please let me know.

Yubico yubikeys do full OTP validation, only MT.Gox keys do not (because they are locked to Mt.Gox)

Line 2263: https://github.com/blockchain/My-Wallet/blob/master/WalletServlet.java
sr. member
Activity: 240
Merit: 250
September 08, 2012, 04:15:02 AM
#24
I haven't found a definitive answer as to whether or not standard YubiKeys use OTP on blockchain.info.

And ... ?

I still don't know the answer.  Mt.Gox YubiKeys definitely don't use OTP, but if someone knows about regular YubiKeys straight from Yubico, please let me know.
legendary
Activity: 2506
Merit: 1010
September 08, 2012, 01:23:53 AM
#23
I haven't found a definitive answer as to whether or not standard YubiKeys use OTP on blockchain.info.

And ... ?
sr. member
Activity: 240
Merit: 250
September 07, 2012, 11:11:35 AM
#22
IMO, it has to be blockchain.info:

high security:
- two factor authentication (yubikey, google authenticator)

Just to clarify that.  The yubikey mode that is supported is for their static password, not the One Time Password (OTP) which protects against a replay attack.

Are you sure about that?  My YubiKey sends OTPs and I use it with Blockchain.info.

EDIT: My YubiKey is not an Mt.Gox key/VIP key.  It appears that at least the Mt.Gox YubiKeys do not use OTP, but I haven't found a definitive answer as to whether or not standard YubiKeys use OTP on blockchain.info.
hero member
Activity: 496
Merit: 500
September 07, 2012, 09:42:35 AM
#21
but i think its a very good feature of bitcoin to see the addresses money came from. so you have a chance to send funds back.

There's isn't actually a "from" in Bitcoin. On very simple transactions you may be able to make an educated guess, but it should not be relied upon as an address to which you can send a refund. If you need to send a refund, get a refund address from your customer.
legendary
Activity: 1428
Merit: 1000
September 07, 2012, 05:29:22 AM
#20
mtgox wallet has the problem that you are unable to play satoshidice like games
Thats not a problem but a benefit!

no its a huge problem
if you only look at satoshidice its ok (as long as you expect ANY new user to be careful enough to not try)

but i think its a very good feature of bitcoin to see the addresses money came from. so you have a chance to send funds back.

with an mtgox wallet this is not possible. if you send back the money mtgox itself gets it (afaik: could also be that you send the funds to a random mtgox user)
legendary
Activity: 1015
Merit: 1001
September 07, 2012, 05:26:20 AM
#19
mtgox wallet has the problem that you are unable to play satoshidice like games
Thats not a problem but a benefit!
full member
Activity: 142
Merit: 100
Hello there!
September 07, 2012, 05:04:56 AM
#18
+1 for Blockchain.info
hero member
Activity: 910
Merit: 1005
September 07, 2012, 04:55:32 AM
#17
Just to clarify that.  The yubikey mode that is supported is for their static password, not the One Time Password (OTP) which protects against a replay attack.

This is only true of Mt.Gox yubikeys. Regular yubico yubikeys does full OTP validation.
Pages:
Jump to: