Pages:
Author

Topic: Here is why they say to store your seed "offline" (Read 583 times)

legendary
Activity: 1554
Merit: 1139
But saving your seeds offline is often said because from the moment you have them online, there is a risk that they will be stolen by hackers, and for that it doesn't matter if Amazon Drive stops its service on Dec. 31, 2023.
Of course, we've already made a point as to what kind of data that should be stored on the cloud and that is, the non sensitive data or files. In this regard, we don't hope to have users who will go ahead to upload or store there private keys and seed phrases online just because, you can access it anywhere and anytime in the world with any Internet device by simply logging on.

The major issues to this is hacking but I don't think that is the only. These files or data are stored for easy accessibility, recoverability, security and leveraging the storage space available on these servers. Now, shutting it down kind of takes all that away and one dumb enough to store there private keys or seed phrase online with hopes to recover and import wallet in the invent of a crash might have just lost everything.

If hacking makes you lose everything and shutting down a service has the same effect, then technically, we could say they are the same thing. Offer the same risk, just different means!
sr. member
Activity: 1190
Merit: 469
Online data storage is essential for any valuable data.

ok so if that's the case then it seems like you're suggesting seed words need to be stored online.

Quote
That is why, in order to prevent any scam effects, those seed words or other information that could be used to access your precious possessions shouldn't be stored on the cloud or with any online storage provider.
but now you contradict yourself by saying seed words shouldn't be stored in the cloud.

member
Activity: 364
Merit: 13
Online data storage is essential for any valuable data.
That is why, in order to prevent any scam effects, those seed words or other information that could be used to access your precious possessions shouldn't be stored on the cloud or with any online storage provider. It should be written down and preserved on paper in your closet, or even better, a safety deposit box.
jr. member
Activity: 126
Merit: 4
Cloud storage is certainly convenient, but it has nothing to do with the word "security." Too many people make a living hacking everything they can reach to blindly trust important data to be stored on the Internet, moreover, on a server, that you absolutely cannot control.
hero member
Activity: 3178
Merit: 661
Live with peace and enjoy life!
Storing all your important documents online will never be safe in the first place. The fact that you might give others the chances to access to your own important documents, that would be the start of being in danger as you might not recover them suddenly and lose everything what you have been safekeeping the whole time. Not your keys, not your coins. So don’t wait to happen it for you, always take caution in everything you do. It’s best to store them offline, at least you don’t have to worry if it will be hacked or not.
member
Activity: 994
Merit: 14
Apart from the fact that Amazon is shutting down cloud storage, it is very dangerous storing your seed phrases and other password online because these platform are suceptible to hackers. It is always advisable to keep your phrase offline.
sr. member
Activity: 1190
Merit: 469
So true! (personal experience)
I sent some of my wallets seeds to my Yahoo email address. After a year of inactivity they deleted all my emails and there is no way to recover them! And am sure more than 90% of Yahoo users aren't aware of this so-called feature.

When did that happen? I don't think they do that to everybody.

With that said, I do recall a long time ago where they had some data loss which caused peoples' email accounts to lose a bunch of emails
copper member
Activity: 1666
Merit: 1901
Amazon Prime Member #7
what about protonmail?  if you had to store it in the cloud would that be the best option?
Nope. If you must store something sensitive in the cloud (and I'm not sure that is ever actually the case) the only two acceptable options are either 1) don't do it, or 2) set up your own cloud server.
There is a "US Government" "region" in AWS that is used by various US government agencies, including the DOD. I don't think the nuclear launch codes are stored there, but I do understand that classified (and other sensitive) information is likely to be stored there.

So a "never" policy for using cloud services is probably not appropriate, but it is important to understand the risks involved. It is easy to make mistakes with permissions when using cloud services, although most cloud providers will alert you when you are doing something that is clearly undesirable, there is no guarantee that your cloud provider will catch all mistakes regarding permissions. It is similarly possible to make other mistakes that will result in either your cloud services being exposed to the general public or that may result in your information being exposed to someone you don't intend to have it exposed to.

In general, the appropriate customers for cloud services are governments and/or businesses. If you cannot be described as either of these and are using the cloud to store sensitive information, you are probably doing something wrong. Governments and businesses can hire professionals whose job it is to ensure that relevant settings are correct and that your private information will not be exposed to those who should not have access to it. They can also hire separate professionals to audit the above
hero member
Activity: 2814
Merit: 576
DGbet.fun - Crypto Sportsbook
It's not just the cloud actually. It is not recommended to store any piece of sensitive information online. Anything stored online could be illegally and legally accessed by anybody. And not only do you not have complete and sole control of your information, even the storage itself is not within your control. The authorities could conduct a search in a cloud storage. Furthermore, even encryption does not guarantee complete security.
That’s the fact when it comes to online storage, no one can guarantee it’s full security. Although it give us advantage to access it easily, but there is no full security on our accounts. So it’s better to store them offline that only yourself knows about it, than to keep it online and all eyes are on it.
legendary
Activity: 2744
Merit: 3096
Top Crypto Casino
It doesn't matter how reliable and trustworthy the storage service provider is, storing your wallet files/seeds/private keys (even encrypted) on someone else's computer/server is not the right way to store a back up of your wallet.

Any online service, be it free or paid, be it some tiny provider no one has heard of or some global giant like Google or Amazon, be it cloud storage or an email account, can close your account or lose or delete your data at any time for any reason and without warning
So true! (personal experience)
I sent some of my wallets seeds to my Yahoo email address. After a year of inactivity they deleted all my emails and there is no way to recover them! And am sure more than 90% of Yahoo users aren't aware of this so-called feature.
legendary
Activity: 2268
Merit: 18771
So what site can you use where you don't have to worry about an inactive account?
Your own hardware. That's it. That's the only place you can ever be sure that your account won't be inactivated or your data won't be deleted without your consent. Any online service, be it free or paid, be it some tiny provider no one has heard of or some global giant like Google or Amazon, be it cloud storage or an email account, can close your account or lose or delete your data at any time for any reason and without warning, not to mention the massive risk of theft or hacks you take by using any online storage.

It seems that no matter how many times you are told this you are absolutely dead set on risking everything by storing your seed phrase or other sensitive data on the cloud. Why?
hero member
Activity: 2254
Merit: 537
My passive income eBook @ tinyurl.com/PIA10
what sites do not delete your account if you don't log in after a certain amount of time?  What pay sites allow you to keep an account active without logging in for a long period?


gmail and yahoo ... do they close your account if you doni't sign in at least once a year or something?  So what site can you use where you don't have to worry about an inactive account? 

Used to until Google received backlash. Now the new policy took effect last year, whereby contents are deleted but not the access to the accounts themselves.

Quote
As of June 2021, Google may delete content in Gmail accounts that have become inactive. Your Gmail account is considered inactive when you haven't accessed it for more than 24 months (two years). If your account becomes inactive, you could lose the data that you stored in Gmail, such as messages, files, pictures, and videos. Still, you won't lose the account.

Source: https://www.lifewire.com/when-does-my-gmail-account-expire-1171894#:~:text=Google%20no%20longer%20deletes%20inactive%20Gmail%20accounts&text=As%20of%20June%202021%2C%20Google,24%20months%20(two%20years).
mk4
legendary
Activity: 2870
Merit: 3873
📟 t3rminal.xyz
what sites do not delete your account if you don't log in after a certain amount of time?  What pay sites allow you to keep an account active without logging in for a long period?


gmail and yahoo ... do they close your account if you doni't sign in at least once a year or something?  So what site can you use where you don't have to worry about an inactive account? 

Mostly, services that you pay subscriptions to.

But then again — quick reminder that this is not a very good idea for your bitcoin/crypto wallet backups.
full member
Activity: 1792
Merit: 186
what sites do not delete your account if you don't log in after a certain amount of time?  What pay sites allow you to keep an account active without logging in for a long period?


gmail and yahoo ... do they close your account if you doni't sign in at least once a year or something?  So what site can you use where you don't have to worry about an inactive account? 
sr. member
Activity: 1190
Merit: 469
what about protonmail?  if you had to store it in the cloud would that be the best option?

Proton Mail is pretty good, because they (claim to) do actual client-side encryption (i.e. they are unable to decrypt your data). The thing is, how do you verify that claim?


 if u go a certain length of time without logging in, they might delete your entire account (if you're a cheapskate and use their free plan). as well like all other services they reserve the right to decide if you are doing anything illegal (even if you're not a cheapskate) and if so, delete your entire account.
legendary
Activity: 2268
Merit: 18771
Though storing it using usb is not that safe because if you plan to access your account then you need to insert your usb and that usb is now exposed to the internet.
USB drives or other removable media can be relatively safely used for back ups if you only ever connect them to airgapped devices, and are aware of the risks regarding their fragility and lifespan.

Maybe Jeff Bezos has a backup for them but no guarantee.
If there is one person in the world I definitely trust with my seed phrase, it's Jeff Bezos. Tongue

what about protonmail?  if you had to store it in the cloud would that be the best option?
Nope. If you must store something sensitive in the cloud (and I'm not sure that is ever actually the case) the only two acceptable options are either 1) don't do it, or 2) set up your own cloud server.
hero member
Activity: 1064
Merit: 843
Any cloud storage is bad for everything, who still use such ways to store files this days? This is even why I dont invest money on any cloud storage crypto projects, because anything can happen at any time.
Lol, it's not only about cloud storage projects, but it same applies with other shitcoin projects that I can't mention one by one.

Those projects only promising their readers and investors if they will work at their best to become the best project that will beat Bitcoin, but when the price already ten times higher from the beginning, you will see many CEO will run away with investors money since they already achieve the money that they're aim before creating their project.
hero member
Activity: 2254
Merit: 537
My passive income eBook @ tinyurl.com/PIA10

This is a horrible thing. Every time I hear something like that, it makes me want to cry for a little while.


Not as bad as storing them on an exchange/ CeFi.

Learned a hard lesson from that one.
jr. member
Activity: 38
Merit: 18
Any cloud storage is bad for everything, who still use such ways to store files this days? This is even why I dont invest money on any cloud storage crypto projects, because anything can happen at any time.
copper member
Activity: 1666
Merit: 1901
Amazon Prime Member #7
Amazon is providing approximately 18 months notice they are shutting down their service. That is more than ample time for someone to make arrangements to store their backups elsewhere if they chose to store their backups online.
In this case, maybe. But there have been plenty of cloud providers in the past who have provided little to no notice, and there will be plenty more in the future.
The best practice is to store at least three copies of their seed, including one off-site, and including storing them via at least two mediums of storage, suddenly losing one copy should not affect their ability to spend their coin. If you lose access to one copy for whatever reason, you should still have two other copies. I would obviously repeat my warning about why storing your seed in the cloud is generally not a good idea in my previous post.
Pages:
Jump to: