Pages:
Author

Topic: Bitcoin Wallet Security (Read 1273 times)

legendary
Activity: 1946
Merit: 1137
July 19, 2015, 08:08:01 AM
#28
i was thinking about that for a while, Core can come with a login and password instead of creating a passphrase for your wallet plus 2fa google authenticator

so in the event that your computer is compromised you still have the google protection
I think this feature is already available in electrum. but, it's only for 2 of 3 multi-sig addresses & we need always depend on trusted coin to make a transaction. And also we have to pay an extra fee for trust coin service.

Do you know any glitch of this 2fa service of electrum ?

i don't use electrum or any other spv, and i'm doing it right seeing how the last issue of invalid block was affecting most those clients, it's the reason why i want it on core

now that i think of multisig, the procedure to create one, should be made more simple and clear for newbies, without the need to go in the console, there should be a one click button

i think if the electrum server that you are connected to had bitcoin-core version 10 and up there was no problem. right?

and as for core, people like me who don't want to download around 40 GB of data and save it on their computer have no choice but use SPV wallets Sad

creating multisig with Electrum has clear explanation with pictures in it's wiki. i guess it is enough.
sr. member
Activity: 304
Merit: 250
PUSS Lover
July 19, 2015, 07:46:26 AM
#27
One of the biggest problems with bitcoin is security.

I would like to see developed a new Bitcoin Desktop wallet that gave the option to its users of enabling 2FA security.
The company who develops this will be surely a winner...
Am I wrong or is there someone already working on it?

It is already made mate. Its name is Coinbase and have the two factor authentication possibility to be enabled if you want. If I chose I cannot enter at my coinbase wallet without the code that must come to my cell phone. You have various options then to use. I sent you with pm the joining link if you would want to use this wallet.

Coinbase is an online wallet not desktop!

and when it comes to security of bitcoin wallets, all online wallets are at the far end of the list no matter how many 2FA they have. besides coinbase is worse thanblockchain.info IMO, because you don't even have access to your private keys and they can and do ban you for many reasons which will cut your access to your funds. not to mention if they stop their service and run away!
Coinbase is an online wallet, Blockchain and other online wallet also has 2FA.  Grin

But like as he says you don't have accses to your private keys, So 2FA as much as anything that you still use your wallet as controlled by others.  Cheesy

So what we need is a offline wallet that has a different 2FA as 2FA owned by google, Offline Wallet more secure because only you know about private keys and everything about your wallet.
Yes, offline wallet is 100% secured. My entire btc are stored in the deep cold storage.
legendary
Activity: 3248
Merit: 1070
July 19, 2015, 06:46:46 AM
#26
i was thinking about that for a while, Core can come with a login and password instead of creating a passphrase for your wallet plus 2fa google authenticator

so in the event that your computer is compromised you still have the google protection
I think this feature is already available in electrum. but, it's only for 2 of 3 multi-sig addresses & we need always depend on trusted coin to make a transaction. And also we have to pay an extra fee for trust coin service.

Do you know any glitch of this 2fa service of electrum ?

i don't use electrum or any other spv, and i'm doing it right seeing how the last issue of invalid block was affecting most those clients, it's the reason why i want it on core

now that i think of multisig, the procedure to create one, should be made more simple and clear for newbies, without the need to go in the console, there should be a one click button
sr. member
Activity: 304
Merit: 250
PUSS Lover
July 19, 2015, 06:38:51 AM
#25
i was thinking about that for a while, Core can come with a login and password instead of creating a passphrase for your wallet plus 2fa google authenticator

so in the event that your computer is compromised you still have the google protection
I think this feature is already available in electrum. but, it's only for 2 of 3 multi-sig addresses & we need always depend on trusted coin to make a transaction. And also we have to pay an extra fee for trust coin service.

Do you know any glitch of this 2fa service of electrum ?
Ale
newbie
Activity: 26
Merit: 0
July 19, 2015, 05:18:36 AM
#24
No coin is safe after it changes hands 3 times when bought directly from the miner with kyc/aml. There can be a point in time were authorities find out they've been used in illegal transactions, taint them, enforce bitcoin infrastructure in their juristiction to not accept them and effectively make the coins useless without anyone else knowing it before buying/accepting them.

This is the problem with bitcoin
legendary
Activity: 3248
Merit: 1070
July 19, 2015, 04:22:51 AM
#23
One of the biggest problems with bitcoin is security.

I would like to see developed a new Bitcoin Desktop wallet that gave the option to its users of enabling 2FA security.
The company who develops this will be surely a winner...
Am I wrong or is there someone already working on it?

It is already made mate. Its name is Coinbase and have the two factor authentication possibility to be enabled if you want. If I chose I cannot enter at my coinbase wallet without the code that must come to my cell phone. You have various options then to use. I sent you with pm the joining link if you would want to use this wallet.

Coinbase is an online wallet not desktop!

and when it comes to security of bitcoin wallets, all online wallets are at the far end of the list no matter how many 2FA they have. besides coinbase is worse thanblockchain.info IMO, because you don't even have access to your private keys and they can and do ban you for many reasons which will cut your access to your funds. not to mention if they stop their service and run away!

they are also very slow, centralized exchange as an online wallet are against what bitcoin is all about, security and decentralization

better get rid of this crap and aim at developing a decentralized exchange which you can run by your own desktop and can work as an offline wallet too if needed
legendary
Activity: 3472
Merit: 10611
July 19, 2015, 02:03:17 AM
#22
One of the biggest problems with bitcoin is security.

I would like to see developed a new Bitcoin Desktop wallet that gave the option to its users of enabling 2FA security.
The company who develops this will be surely a winner...
Am I wrong or is there someone already working on it?

It is already made mate. Its name is Coinbase and have the two factor authentication possibility to be enabled if you want. If I chose I cannot enter at my coinbase wallet without the code that must come to my cell phone. You have various options then to use. I sent you with pm the joining link if you would want to use this wallet.

Coinbase is an online wallet not desktop!

and when it comes to security of bitcoin wallets, all online wallets are at the far end of the list no matter how many 2FA they have. besides coinbase is worse thanblockchain.info IMO, because you don't even have access to your private keys and they can and do ban you for many reasons which will cut your access to your funds. not to mention if they stop their service and run away!
legendary
Activity: 1134
Merit: 1000
July 19, 2015, 01:14:09 AM
#21
One of the biggest problems with bitcoin is security.

I would like to see developed a new Bitcoin Desktop wallet that gave the option to its users of enabling 2FA security.
The company who develops this will be surely a winner...
Am I wrong or is there someone already working on it?

It is already made mate. Its name is Coinbase and have the two factor authentication possibility to be enabled if you want. If I chose I cannot enter at my coinbase wallet without the code that must come to my cell phone. You have various options then to use. I sent you with pm the joining link if you would want to use this wallet.
hero member
Activity: 882
Merit: 1006
July 19, 2015, 01:05:37 AM
#20
One of the biggest problems with bitcoin is security.

I would like to see developed a new Bitcoin Desktop wallet that gave the option to its users of enabling 2FA security.
The company who develops this will be surely a winner...
Am I wrong or is there someone already working on it?

Yes you can do that. If we just simply added 2FA to the wallet software that would be no good, it would be very simple to bypass. You need use multisig, a service like greenaddress holds one of the private keys for your multisig wallet and co-signs each transaction after you auth with them using 2FA. Electrum already has plugins for various services that do this.

The security of 2FA is often over-hyped and many people are using it as a sort of catch-all security measure which is insanely stupid. Instead of using strong passwords and good security practices, many people just turn on 2FA and assume they are now impossible to hack. Even if you do use 2FA you cannot prevent the malware from modifying your transaction. You might think you are sending to some bitcoin address but a sneaky piece of malware could very easily change that address to the hackers one without your knowledge. Existing 2FA systems cannot protect against that kind of thing.  TOTP 2FA which is what Google Authenticator and almost everything else uses was designed to try and figure out if the account owner is the person behind the keyboard, it wasn't really designed to prevent you from any kind of hacking or malware, if your computer is hacked or infected then it is useless, it does nothing to stop the hacker at all in that situation.
Exactly. Someone with access to the computer can go find the wallet file and brute force it to steal the private keys. 2fa will do nothing to stop that.

Using 2fa with a third party would work but requires you to trust said third party. You need to trust them to let you to spend your bitcoin otherwise they could lock the bitcoin up in the multi sig address. Also, what happens if they go out of business?

Normally how these services work is you set up a 2 of 3 multisig wallet, you keep one key on your PC, they keep one key and you keep the final key on paper. Should they refuse to co-sign or go out of business you can use your paper backup to regain access to your coins.
staff
Activity: 3458
Merit: 6793
Just writing some code
July 18, 2015, 11:37:17 PM
#19
One of the biggest problems with bitcoin is security.

I would like to see developed a new Bitcoin Desktop wallet that gave the option to its users of enabling 2FA security.
The company who develops this will be surely a winner...
Am I wrong or is there someone already working on it?

Yes you can do that. If we just simply added 2FA to the wallet software that would be no good, it would be very simple to bypass. You need use multisig, a service like greenaddress holds one of the private keys for your multisig wallet and co-signs each transaction after you auth with them using 2FA. Electrum already has plugins for various services that do this.

The security of 2FA is often over-hyped and many people are using it as a sort of catch-all security measure which is insanely stupid. Instead of using strong passwords and good security practices, many people just turn on 2FA and assume they are now impossible to hack. Even if you do use 2FA you cannot prevent the malware from modifying your transaction. You might think you are sending to some bitcoin address but a sneaky piece of malware could very easily change that address to the hackers one without your knowledge. Existing 2FA systems cannot protect against that kind of thing.  TOTP 2FA which is what Google Authenticator and almost everything else uses was designed to try and figure out if the account owner is the person behind the keyboard, it wasn't really designed to prevent you from any kind of hacking or malware, if your computer is hacked or infected then it is useless, it does nothing to stop the hacker at all in that situation.
Exactly. Someone with access to the computer can go find the wallet file and brute force it to steal the private keys. 2fa will do nothing to stop that.

Using 2fa with a third party would work but requires you to trust said third party. You need to trust them to let you to spend your bitcoin otherwise they could lock the bitcoin up in the multi sig address. Also, what happens if they go out of business?
hero member
Activity: 854
Merit: 1000
July 18, 2015, 09:42:48 PM
#18
2FA can be easily broken in 10 minutes I don't think it is a solution
hero member
Activity: 490
Merit: 500
~ScapeGoat~
July 18, 2015, 09:35:04 PM
#17
One of the biggest problems with bitcoin is security.

I would like to see developed a new Bitcoin Desktop wallet that gave the option to its users of enabling 2FA security.
The company who develops this will be surely a winner...
Am I wrong or is there someone already working on it?

2FA security is pretty old , but what if your PC is compromised with all sensitive data??
The best way is to store your Private key offline not on Computer:
various methods that i know are:

1.  paper printout
2.  a metal coin
3.  a tattoo on your body

Of all the above three the [3] one is pretty innovative to me Wink
hero member
Activity: 686
Merit: 500
July 18, 2015, 05:35:02 PM
#16
So i have an idea that we actually see in home security, before sending a transaction or unlock your wallet you get a courtesy phone call from a security agent asking you if you open your bitcoin wallet and if everything is alright in your home of place is taken the transaction in.
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
July 17, 2015, 05:45:08 AM
#15
One of the biggest problems with bitcoin is security.

I would like to see developed a new Bitcoin Desktop wallet that gave the option to its users of enabling 2FA security.
The company who develops this will be surely a winner...
Am I wrong or is there someone already working on it?

Blockchain.info uses 2FA, even tho it's not a proper local blockchain based Bitcoin wallet. Im actually surprised I can't think of any software based Bitcoin wallet that has 2FA. There must be a reason for it. Maybe liking your phone to your wallet compromises privacy??
It is not much secure than a password protected wallet. Blockchain.info store the encrypted keys on their server. The addition of 2FA basically allows the computer to only have the wallet downloaded when the 2FA is correct. Your wallet would still get compromised if their wallet file gets compromised and hashing algronithm is weak. This method would not protect against other vulnerability like weak RNGs.
legendary
Activity: 3556
Merit: 9709
#1 VIP Crypto Casino
July 17, 2015, 05:34:43 AM
#14
i was thinking about that for a while, Core can come with a login and password instead of creating a passphrase for your wallet plus 2fa google authenticator

so in the event that your computer is compromised you still have the google protection

Yep! Core should be like Trezor in the sense that if you haven't made a back up & your PC dies or gets stolen you can simply download the full blockchain again & enter a 12-24 word seed which reloads your bitcoin balance into the new client. I would be very happy & impressed if the developers could incorporate this.
full member
Activity: 171
Merit: 100
July 17, 2015, 04:38:52 AM
#13
One of the biggest problems with bitcoin is security.

I would like to see developed a new Bitcoin Desktop wallet that gave the option to its users of enabling 2FA security.
The company who develops this will be surely a winner...
Am I wrong or is there someone already working on it?

Yes you can do that. If we just simply added 2FA to the wallet software that would be no good, it would be very simple to bypass. You need use multisig, a service like greenaddress holds one of the private keys for your multisig wallet and co-signs each transaction after you auth with them using 2FA. Electrum already has plugins for various services that do this.

The security of 2FA is often over-hyped and many people are using it as a sort of catch-all security measure which is insanely stupid. Instead of using strong passwords and good security practices, many people just turn on 2FA and assume they are now impossible to hack. Even if you do use 2FA you cannot prevent the malware from modifying your transaction. You might think you are sending to some bitcoin address but a sneaky piece of malware could very easily change that address to the hackers one without your knowledge. Existing 2FA systems cannot protect against that kind of thing.  TOTP 2FA which is what Google Authenticator and almost everything else uses was designed to try and figure out if the account owner is the person behind the keyboard, it wasn't really designed to prevent you from any kind of hacking or malware, if your computer is hacked or infected then it is useless, it does nothing to stop the hacker at all in that situation.

I was using Google Authenticator but since there is no way to backup the stuff, i moved to Authy, i can sync with many devices
hero member
Activity: 882
Merit: 1006
July 17, 2015, 04:17:15 AM
#12
One of the biggest problems with bitcoin is security.

I would like to see developed a new Bitcoin Desktop wallet that gave the option to its users of enabling 2FA security.
The company who develops this will be surely a winner...
Am I wrong or is there someone already working on it?

Yes you can do that. If we just simply added 2FA to the wallet software that would be no good, it would be very simple to bypass. You need use multisig, a service like greenaddress holds one of the private keys for your multisig wallet and co-signs each transaction after you auth with them using 2FA. Electrum already has plugins for various services that do this.

The security of 2FA is often over-hyped and many people are using it as a sort of catch-all security measure which is insanely stupid. Instead of using strong passwords and good security practices, many people just turn on 2FA and assume they are now impossible to hack. Even if you do use 2FA you cannot prevent the malware from modifying your transaction. You might think you are sending to some bitcoin address but a sneaky piece of malware could very easily change that address to the hackers one without your knowledge. Existing 2FA systems cannot protect against that kind of thing.  TOTP 2FA which is what Google Authenticator and almost everything else uses was designed to try and figure out if the account owner is the person behind the keyboard, it wasn't really designed to prevent you from any kind of hacking or malware, if your computer is hacked or infected then it is useless, it does nothing to stop the hacker at all in that situation.
legendary
Activity: 1946
Merit: 1137
July 17, 2015, 04:10:50 AM
#11
there are ways to secure your wallet and bitcoin other than using 2fa.
like using the cold-storage which has many different ways to it.
from paper wallets to creating offline wallets on your pc.
hero member
Activity: 532
Merit: 500
July 17, 2015, 03:37:42 AM
#10
One of the biggest problems with bitcoin is security.

I would like to see developed a new Bitcoin Desktop wallet that gave the option to its users of enabling 2FA security.
The company who develops this will be surely a winner...
Am I wrong or is there someone already working on it?
2FA is not the solution. How to keep your private key offline is the key.
                                                                                               
legendary
Activity: 3472
Merit: 10611
July 17, 2015, 12:36:18 AM
#9
One of the biggest problems with bitcoin is security.

I would like to see developed a new Bitcoin Desktop wallet that gave the option to its users of enabling 2FA security.
The company who develops this will be surely a winner...
Am I wrong or is there someone already working on it?

the newer versions of Electrum has the option to enable two factor authentication. you can check out the Electrum wiki page for more information here:
http://electrum.orain.org/wiki/Two-factor_authentication


it is a service provided by TrustedCoin, it is with a remote server acting to co-sign transactions, adding another level of security in the event of your computer being compromised.

you also have your seed to restore your wallet in case you didn't have access to TrustedCoin for any reason.
Pages:
Jump to: