Author

Topic: Can anyone move my BTC using an old backup and old password of a wallet? (Read 760 times)

member
Activity: 71
Merit: 10
Thank you all.
I've now changed the addresses like you suggested.

So if I got it right, the lesson to take is, if anyone ever has access to a wallet backup, it's unsafe forever.
legendary
Activity: 3682
Merit: 1580
(QT client, Multibit, Electrum, etc...)

These are different wallets with different mechanisms for generating addresses. With deterministic wallets like armory and electrum all past, present and FUTURE addresses are derived from a single seed. If an old backup is stolen they can grab all the coins including ones sent to existing and new addresses in the future.

With QT it has 100 unused addresses by default in its pool and coins sent to any of those hundred as well as other used addresses can be stolen.

Multibit also creates new addresses non-deterministically but I don't know it well enough to help you.
hero member
Activity: 742
Merit: 502
Circa 2010
Ah, I get it. So, they can spend my coins that where already in the wallet at the time of the backup / or before I changed the password (that part I didn't get straight), but they cannot spend the new coins that arrive there.

Thank you. The old wallet was hacked actually and they took some coins :/ ... but I have a miner still sending coins there (I'm going to change it after a few blocks) and I was afraid they could also get my new stuff.

Thanks again.

If someone has compromised your wallet it means they have control over your private keys of those addresses and thus any BTC in there currently and any BTC that goes there in the future as well. If I were you I'd redirect my miner away to another address asap as all you are doing is giving free BTC away.
hero member
Activity: 533
Merit: 500
^Bitcoin Library of Congress.
Ah, I get it. So, they can spend my coins that where already in the wallet at the time of the backup / or before I changed the password (that part I didn't get straight), but they cannot spend the new coins that arrive there.
This is wrong.  They can get coins from any address the wallet had at the time of the backup including the address in your keypool.  This includes coins sent to these addresses after the backup.
legendary
Activity: 1540
Merit: 1002
i might be wrong but they can spend all your coins on that wallet. im pretty sure im right as the password is only local and not on the blockchain. thats why people with encrypted wallets often get screwed when someone steals there old unencrypted backup. im 99.9% sure im right
full member
Activity: 126
Merit: 100
CAUTION: Angry Man with Attitude.
Have you ever though of using a Paper Wallet or is it the same problem Embarrassed lol
member
Activity: 68
Merit: 10
"Imagination is more important than knowledge"
It's possible. If there are some unspent outputs on old keys included n that backup.
To be 100% sure the old backup cannot be used to steal some (or all) of your money, just create the new one and send all the coins to it. But keep the old one in case someone send you bitcoins to one of the old addresses.

There is no need to save the the old wallet or address.
Just dump the private key on old wallet and import to the new one.
member
Activity: 112
Merit: 10
If you change password, there is no use. Still they have access to your wallet.
member
Activity: 71
Merit: 10
Ah, I get it. So, they can spend my coins that where already in the wallet at the time of the backup / or before I changed the password (that part I didn't get straight), but they cannot spend the new coins that arrive there.

Thank you. The old wallet was hacked actually and they took some coins :/ ... but I have a miner still sending coins there (I'm going to change it after a few blocks) and I was afraid they could also get my new stuff.

Thanks again.
hero member
Activity: 482
Merit: 502
It's possible. If there are some unspent outputs on old keys included n that backup.
To be 100% sure the old backup cannot be used to steal some (or all) of your money, just create the new one and send all the coins to it. But keep the old one in case someone send you bitcoins to one of the old addresses.
legendary
Activity: 1600
Merit: 1014
Hi,
this might seem a very simple question but I can't find a straight answer to it.

Imagine someone has access to an old backup of my wallet (QT client, Multibit, Electrum, etc...) and that this person has also the original password of that wallet.

That password has changed now, but can someone move my BTC with the old data?

Yes. Changing your password on the new wallet doesn't change it on the backup. Secure your Bitcoins by moving them to a new address which only you control immediately in such a case.
member
Activity: 71
Merit: 10
Hi,
this might seem a very simple question but I can't find a straight answer to it.

Imagine someone has access to an old backup of my wallet (QT client, Multibit, Electrum, etc...) and that this person has also the original password of that wallet.

That password has changed now, but can someone move my BTC with the old data?
Jump to: