Topic: Blockchain Security Questions - page 2. (Read 2308 times)

Might help to leave a hint that it's stored in your password database, just in case one day you forget


The reason you need a backup is in case something happens to the blockchain.info service, for example, they unexpectedly shut down or suffer data loss/corruption. If you don't keep regular backups then you are entirely at their mercy should something go horribly wrong.


The secret phrase is like a secret word that you can give to support in case you need help. It should have absolutely nothing to do with your password. It can be anything.

Thanks for the response.


Well i will make sure i dont forget the password.  Will put it in my password program that i have saved as well as backup.


But would you say its necessary to do a blockchain wallet backup?  I read this isn't necesssary with blockchain but if i used say multibit or electrum, then i should 100 percent do this.  Should i be fine not creating a backup of the blockchain wallet as long as i remember my password etc?  So this is the browser backup?


What secret phrase am i suppose to even put down?  You mean thats not related to password right?  So it could be i went to the outdoor or some useless phrase?
Thank you.

Nobody plans on forgetting their password. Always have some way of helping you remember it or some way of getting into your wallet in case you forget your passwords.

Most of the people who lost Bitcoin lost them because they forgot their password or lost their wallet file, not because they got hacked.

I believe second password with bc.info wallet is a password for actually sending funds. I would highly recommend using this.


I believe this stores a backup of your wallet in your browser. You should probably use this, though I would recommend having a better system for backing up your wallet.


I believe this is to help speed up support issues, such as if you lose your 2FA device. You should use this.


If you are not using the API, then don't enable it.


If you don't use Tor, you can if block Tor IP's if you want to. Though this is security by obscurity as anyone trying to hack your wallet will just chain a proxy/VPN onto Tor once they see it's blocked. Realistically this option provides no extra security at all.


The IP whitelist is a list of the only IP's allowed to access your wallet. This is a dangerous feature as if you are away from your PC or your ISP recycles your IP you won't be able to access your wallet. You should only turn this on if you REALLY know what you are doing, it is very easy to lock yourself out. This feature is really only for certain situations, such as if you are setting up a wallet for a website.

1.  Do you put anything for second password or password hint?  I make sure i know what my password is so there won't be an issue so i assume just don't even bother leaving a hint then?


2.  Do i check always keep browser backup?


3.  Do i put any secret phrase or leave it blank?


4.  Do i enable api access?


5.  Do i block TOR ip addresses?


6.  IP address whitelist... i see my current ip.  Do i just leave this blank?


7.  Should i restrict to whitelisted ip addreses only?  If i do.. then isn't that going to make it really safe?