Author

Topic: Electrum passwords (Read 743 times)

full member
Activity: 336
Merit: 102
November 15, 2017, 05:17:13 PM
#25
The Oxynger one seems to be safe from almost anything. You can also combine it with another to make it 100% secure.
full member
Activity: 336
Merit: 102
November 15, 2017, 04:51:16 PM
#24
Good point !
I have found a very intersting comparative test on virtual keyboards safety tested against keyloggers, including those that can capture screenshots on mouse clicks. Please see here :
https://www.raymond.cc/blog/how-to-beat-keyloggers-to-protect-your-identity/

Some are pretty effective, but not perfect. The conclusion suggests that only those provided with some anitvirus programs are completely safe..


Electrum has its own virtual keyboard you can select in the plugin options but not sure how safe it is. The windows one I thought might be better. The point is not to type the whole password with the keyboard and just some characters.
member
Activity: 87
Merit: 11
November 13, 2017, 04:47:41 PM
#23
Good point !
I have found a very intersting comparative test on virtual keyboards safety tested against keyloggers, including those that can capture screenshots on mouse clicks. Please see here :
https://www.raymond.cc/blog/how-to-beat-keyloggers-to-protect-your-identity/

Some are pretty effective, but not perfect. The conclusion suggests that only those provided with some anitvirus programs are completely safe..
member
Activity: 87
Merit: 11
November 13, 2017, 04:46:04 PM
#22
Good point !
I have found is a very intersting comparative test on virtual keyboards safety tested against keyloggers, including those that can capture screenshots on mouse clicks. please see here :
https://www.raymond.cc/blog/how-to-beat-keyloggers-to-protect-your-identity/

The conclusion suggests that only those provided with some anitvirus programs are completely safe..
copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
November 13, 2017, 02:30:27 PM
#21
I was just wondering about this too. You should also run osk (type it in the start area) on windows to use the on screen keyboard desktop app to make it safer (just type some characters with the keyboard).

That's not safer. It's worse!

A hacker could see exactly what you're typing and key logging software may still defect it also.
member
Activity: 87
Merit: 11
November 13, 2017, 08:46:06 AM
#20
Hi !
Great idea, Ididn't even know this was available within Windows. That's what they use in banks websites. I'll try it.
full member
Activity: 336
Merit: 102
November 13, 2017, 08:16:08 AM
#19
I was just wondering about this too. You should also run osk (type it in the start area) on windows to use the on screen keyboard desktop app to make it safer (just type some characters with the keyboard).
member
Activity: 87
Merit: 11
October 21, 2017, 02:43:57 AM
#18
Thank you, HCP for your explanation ; it's cristal-clear.

I actually have "Option 2" as you say for my older wallet (default) and when I updated to the new version of Electrum, then created a new wallet, it was an "Option 3".
I will do what you say to add a password for the older wallet, to make it safer. Thanks a lot for taking the time to answer in detail.
HCP
legendary
Activity: 2086
Merit: 4363
October 20, 2017, 07:59:02 AM
#17
It's pretty simple... Electrum has THREE different password setups:

1. No Password - In this mode, the wallet file is unencrypted, and all the data inside it is unencrypted. It will never ask for a password

2. Password (NO wallet file encryption) - In this mode, the wallet file is still unencrypted, but sensitive info contained in the wallet file like private keys and/or seeds are encrypted using your password. The wallet will only ask for a password when you want to use the sensitive information... ie. to sign messages, sign transactions, export private keys, export your seed etc.

3. Password (Encrypt wallet file option checked) - In this mode, the wallet file is encrypted using the password set. You cannot open the wallet at all without entering the password, and you'll also need to enter the password to sign messages, send transactions etc etc.


You obviously have Option 2. in use... you have a password set, but the wallet file is NOT fully encrypted, so it doesn't ask you for the password when you first open the wallet. If you use "Wallet -> Password"... put in your old password, then enter a new password (it can actually be your old password if you want)... and then tick the box that says "Encrypt Wallet File".

This will fully encrypt your wallet file using your chosen password, and when you start Electrum (or open that wallet file) it will prompt for the password BEFORE it opens.
member
Activity: 87
Merit: 11
October 20, 2017, 06:37:44 AM
#16
I'm not sure it's a thing people commonly would want to do in the documentation as there was a reason they took it out of the latest version...

Sorry, I don't understand : I suppose other people have created a wallet in the older version as I did (without opening password), then updated, and wish to add an opening password.

I still find odd that, altough my goal is to modify an existing wallet (by adding an opening password), the dialogue windows says "New wallet", suggests a name (as it would for creating a new wallet), and on furthermore doesn't offer a scrolling list of existing wallets - which would be the common usual GUI when you wish to modify an existing object within a given software...
I hope you get my point. In other terms, the option "New/restore" doesn't seem to normally lead to "modify password", really.
copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
October 20, 2017, 06:16:40 AM
#15
Since the windows says "New wallet", this would probably create a new wallet called Wallet_2. I don't have a wallet named "Wallet_1" either. And if I enter one or the other of my existing wallets names, I am afraid that an empty (!) "new" wallet would replace the existing one...
I am surprised that the Electrum documentation doesn't explain this (how to add a password to an older wallet, after an update).


Oh, I assumed your wallet names would be "default_wallet" or "wallet_1". If you're worried about deleting something, then you should backup the "electrum_data" folder and the seeds.
And I'm not sure it's a thing people commonly would want to do in the documentation as there was a reason they took it out of the latest version...
member
Activity: 87
Merit: 11
October 20, 2017, 12:20:54 AM
#14
Since the windows says "New wallet", this would probably create a new wallet called Wallet_2. I don't have a wallet named "Wallet_1" either. And if I enter one or the other of my existing wallets names, I am afraid that an empty (!) "new" wallet would replace the existing one...
I am surprised that the Electrum documentation doesn't explain this (how to add a password to an older wallet, after an update).
copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
October 19, 2017, 06:54:37 PM
#13
I did use "default_wallet" as my first wallet, created with the older version of Ethereum.

When I go to "File>New/Restore", I get this :

I don't get Standard Wallet as you say. I would have expected to have a menu with my two existing wallets, and a third option "New wallet"...

I am not sure what to do ...

Enter "wallet_2" there? As you already have "Wallet_1". Then you might get the other settings but I'm not used to that version so I wouldn't be sure.
member
Activity: 87
Merit: 11
October 19, 2017, 03:56:17 PM
#12
I did use "default_wallet" as my first wallet, created with the older version of Ethereum.

When I go to "File>New/Restore", I get this :

I don't get Standard Wallet as you say. I would have expected to have a menu with my two existing wallets, and a third option "New wallet"...

I am not sure what to do ...
copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
October 19, 2017, 03:29:59 PM
#11
Thank you, TryNinja.
I noticed that the option "New password", asks you to enter the current one...I suppose that in this particular case I would leave the box emply ? Sound obvious, but just in case, I prefer to avoid stupid mistakes...

Are you on the right thing there?
Did you go to "file">"new/restore">"Standard Wallet">"I already have a seed"?
Then type the name of the wallet (e.g "wallet_3")
Put in the seed
Then it'll ask you for a new password.

EDIT: did you use default_wallet? that'll be the issue if so as it will want you to input the old password if you want to overwrite it. MAKE SURE YOU BACKUP ALL WALLETS BEFORE OVERWRITING ONE JUST IN CASE YOU LOSE SOMETHING IN THE PROCESS.
member
Activity: 87
Merit: 11
October 19, 2017, 12:38:04 PM
#10
Thank you, TryNinja.
I noticed that the option "New password", asks you to enter the current one...I suppose that in this particular case I would leave the box emply ? Sound obvious, but just in case, I prefer to avoid stupid mistakes...
legendary
Activity: 2758
Merit: 6830
October 19, 2017, 12:27:25 PM
#9
In the menu, the option"File" / "New/restore", which I used to create the second wallet, displays a small window asking for the name of the new wallet. If I want to restore the older wallet, I would type its seed in it ...? Is this correct, and would it restore the wallet corresponding to the seed, keeping all the history & keys ?
Yes. Everything will be the same. The only difference is that when you restore your wallet, there will be no password anymore. So you can just set up a new one and pretend that nothing happened.
member
Activity: 87
Merit: 11
October 19, 2017, 11:58:05 AM
#8
Thank you.

I actually didn't t want to remove the password, rather to add a password request to open the default wallet, as it is for the new wallet. But I realise that since it needs a pw for any transactions, and also to display the seed, it is still relatively safe. However I may restore it as you say.

In the menu, the option"File" / "New/restore", which I used to create the second wallet, displays a small window asking for the name of the new wallet. If I want to restore the older wallet, I would type its seed in it ...? Is this correct, and would it restore the wallet corresponding to the seed, keeping all the history & keys ?
copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
October 19, 2017, 10:53:16 AM
#7
Thank you NeuroticFish, for your very clear explanation. I actually used to use an older version of Electrum before I updated.

Jackg : since my Ethereum is 2.8.1, whilst latest version is 2.9.3, do you think that the new version will update the password rules for my default wallet ?

If you want the password removing then restoring it from the seed will get rid of the password when you open it.
If you want to add a password then doing the same in an even older version will allow you to add it. I think the first version I used was 2.8.3 and that didn't have passwords on to open the public part of the wallet.
member
Activity: 87
Merit: 11
October 19, 2017, 09:26:26 AM
#6
Thank you NeuroticFish, for your very clear explanation. I actually used to use an older version of Electrum before I updated.

Jackg : since my Ethereum is 2.8.1, whilst latest version is 2.9.3, do you think that the new version will update the password rules for my default wallet ?
copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
October 19, 2017, 09:17:34 AM
#5
Thank you for your reply. [to moderator: sorry for choosing the wrong forum section and thanks for moving my post to the rigth place]

I'm using Electrum 2.8.1.
It would seem safer to me to be asked for a password as soon as you open Electrum, since if not, lots of information, history details, number of BTC owned, are available even if you don't make a transaction.

You should be protecting this information anyway. And if the same password is used for both opening and sending the btc I think personally that that is less secure as your password is exposed more.
Also, you may want to consider updating your wallet software to the latest version.

And then NeuroticFish is probably right.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
October 19, 2017, 08:57:16 AM
#4
From what I remember, older versions of Electrum used to ask for password only on Bitcoin transactions and only if you've set that.
Newer Electrum, by default, password protects all the access from the beginning, but you can uncheck it when you create a new wallet and pay attention to the steps.
I think that this is where the differences in behavior come up and the confusion too. I guess that default wallet is made with older Electrum, so it needs password only for transactions. The new one (2), because of the new defaults, asks for password even for access. Wallet 2 is safer.
member
Activity: 87
Merit: 11
October 19, 2017, 08:52:03 AM
#3
Thank you for your reply. [to moderator: sorry for choosing the wrong forum section and thanks for moving my post to the rigth place]

I'm using Electrum 2.8.1.
It would seem safer to me to be asked for a password as soon as you open Electrum, since if not, lots of information, history details, number of BTC owned, are available even if you don't make a transaction.
copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
October 19, 2017, 08:34:29 AM
#2
Hello,

I am using Electrum for BTC, and Electron cash for BCH, after following the advice taken on this forum. Now I have two Electrum wallets : one "default", and another that I created to manage the BCH fork - lets' call it wallet-2. I am a bit confused with the password managment.

When I open Electrum, I can access the default wallet (almost empty) without entering my pw. A pw is only requested to open wallet-2 (containing my BTC). Is this normal ? Thank you.

If it's electrum you're talking about, I think there's a problem with a wallet? Mine doesn't ask for a password unless I want to sign a transaction. What is the OS and the version of electrum?
member
Activity: 87
Merit: 11
October 19, 2017, 07:40:45 AM
#1
Hello,

I am using Electrum for BTC, and Electron cash for BCH, after following the advice taken on this forum. Now I have two Electrum wallets : one "default", and another that I created to manage the BCH fork - lets' call it wallet-2. I am a bit confused with the password managment.

When I open Electrum, I can access the default wallet (almost empty) without entering my pw. A pw is only requested to open wallet-2 (containing my BTC). Is this normal ? Thank you.
Jump to: