Here is why they say to store your seed "offline" - page 2.

mk4

legendary

Activity: 2870

Merit: 3873

Paldo.io 🤖

Quote from: jerry0 on July 30, 2022, 07:47:27 PM

what about protonmail? if you had to store it in the cloud would that be the best option?

Probably better than most options, but still — no. Seriously, just grab a hardware wallet/s, write down the backup, and hide that backup.

Tbh if you're asking about options with cloud storage, you're probably not capable of securing your backup in a digital manner proficiently.

PowerGlove

hero member

Activity: 510

Merit: 4005

Quote from: jerry0 on July 30, 2022, 07:47:27 PM

what about protonmail? if you had to store it in the cloud would that be the best option?

Proton Mail is pretty good, because they (claim to) do actual client-side encryption (i.e. they are unable to decrypt your data). The thing is, how do you verify that claim?

Even if you do a point-in-time security audit on their code, nothing prevents them from "accidentally" including some JavaScript into your session that leaks your encryption key to them.

Good security is (partially) about reducing the number of things that you have to trust not to let you down. With that in mind, learning how to do things for yourself (if you're able) is recommended.

jerry0

full member

Activity: 1750

Merit: 186

what about protonmail? if you had to store it in the cloud would that be the best option?

hatshepsut93

legendary

Activity: 3024

Merit: 2148

When people talk about storing private keys "online", they generally don't mean cloud storage. They mean hot wallets or custodial wallets. And the reason why many choose to store their coins "offline", aka use cold storage is because they are in full control of their coins and the coins are exposed to a much smaller number of threats when compared to other methods.

sheenshane

legendary

Activity: 2492

Merit: 1232

Any valuable data is a crucial component when storing it online.
That's why those seed phrases or any information that can be leaked to your valuable belongings shouldn't store in the cloud or any online storage provider to avoid such possible consequences of scam. It should be on a piece of paper and kept in your closet or much better a safety vault.

Good thing that the Amazon cloud services provider announced this which is they also care about their reputation and I think 18 months is enough time for users to retrieve their files and important data out of that cloud service.

Stalker22

legendary

Activity: 1526

Merit: 1359

Quote from: o_e_l_e_o on July 30, 2022, 05:07:22 AM

I have read about more than one instance of a user storing a seed phrase or private key in the drafts of some email provider...

This is a horrible thing. Every time I hear something like that, it makes me want to cry for a little while.

larry_vw_1955

sr. member

Activity: 1190

Merit: 469

Quote from: ?? on ??

While i agree there's lots of time before their service shut down, i have small concern about how they notify their customer. According to the news, currently they only use email to notify their customer. I expect most people only open their email when they need to register or recover their online account, unless their job regularly use email. Additionally, it's likely their email buried with lots of promotional content unless they opt out from it manually.

Which is why in these types of situations there are going to be people with Amazon Drive accounts that lose their data. Say they went on a 2 year vacation when they come back, their data is gone! Maybe Jeff Bezos has a backup for them but no guarantee.

nakamura12

hero member

Activity: 2268

Merit: 669

Bitcoin Casino Est. 2013

It would be much better if you have quoted some important notes why storing your private keys or seed phrase offline is the best choice and why it is much safer compared to storing it online or using usb or hard drive. Though storing it using usb is not that safe because if you plan to access your account then you need to insert your usb and that usb is now exposed to the internet. You wouldn't know that your computer is infected with malware that is possible to steal your wallet.

dkbit98

legendary

Activity: 2212

Merit: 7064

Quote from: o_e_l_e_o on July 30, 2022, 02:50:29 AM

Do you know what cloud storage actually is? Someone else's computer. Why would you store your seed phrase on someone else's computer? Do you know who can access that computer? Do you know how good that computer's security is? What if that person stops letting you access their computer? An incredibly stupid thing to do.

But it's safe and encrypted right? Right??
Or maybe you could be a presidents son that stores your whole weird life on iCloud and than someone hacks it and posts everything in public. Cheesy

It's crazy to store anything or any sensitive information on any cloud service, and it's even more crazy to keep bitcoin seed words and passwords there.
Best option for seed words is to keep them offline on paper or metal, and for everything else it's not that hard to set up your own self-hosted ''cloud''.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18711

Quote from: RockBell on July 30, 2022, 06:50:19 AM

Wow I love this thank you for this enlightenment am usually use to saving my phrase and passwords on my emails but now am not taking chances I word clear everything and save they offline properly.

Great that you are now going to secure your seed phrases properly, but simply deleting everything from the cloud storage is not sufficient. Again, think of cloud storage as someone else's computer. If you say to them "Delete this file" and they say "Ok, I've deleted it", you have absolutely no proof whatsoever that the data is actually deleted. And even if it is deleted, it probably isn't properly shredded and could be recovered. And even if it is shredded, it is probably backed up on more than one other server somewhere and could still be accessed.

Instead, you should consider whatever seed phrases or private keys you had stored online permanently compromised. Create some brand new wallets with the seed phrases backed up only via non-electronic means (i.e. pen and paper), and then transfer all your coins out of your old wallets in to these new ones.

RockBell

sr. member

Activity: 952

Merit: 391

Underestimate- nothing

Quote from: PowerGlove on July 29, 2022, 07:53:05 PM

Not just your seed phrase / private keys, but any data you really care about is too risky to exclusively store in the "cloud". Always make sure you have local copies of important stuff.

Also, never store anything sensitive without encrypting it first. There are data breaches all the time, and this can easily lead to your bitcoin disappearing and your accounts being hacked.

TLDR: The only thing cloud storage is good for is (client-side) encrypted backups. But if you don't know exactly what you're doing, just avoid it altogether.

Wow I love this thank you for this enlightenment am usually use to saving my phrase and passwords on my emails but now am not taking chances I word clear everything and save they offline properly.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18711

Quote from: Fivestar4everMVP on July 30, 2022, 03:36:29 AM

Take for example, there is no way a company as big as Amazon would want to shut down a service without announcing it first and giving their customers who use that service time to transfer their documents to another company that provides the same service(like they just did in this case).

I have read about more than one instance of a user storing a seed phrase or private key in the drafts of some email provider, who have shut down without warning. Amazon might have given a warning, but many won't.

Quote from: Fivestar4everMVP on July 30, 2022, 03:36:29 AM

So the major reason why storing seeds and private keys online is frowned at is because of hack, most especially for newbies who don't know how to use strong passwords for their account security, and some also do not know how to use 2FAs, such account can easily be hacked, so this is why it is better to keep your seed phrases offline for better security.

This isn't the most likely attack either. Even if I used a truly random password of 500+ characters along with a hardware key 2FA, I would still never store anything valuable on the cloud (i.e. someone else's computer). You have absolutely no idea how good their security is, if your data is transferred securely, stored securely, how many times it is copied, in how many servers all around the world it is stored, where these servers are, who can access these servers digitally, who can access these servers physically, and so on. Even if your account is not hacked there are a million ways that your data could be stolen or lost.

larry_vw_1955

sr. member

Activity: 1190

Merit: 469

Quote from: o_e_l_e_o on July 30, 2022, 02:50:29 AM

Quote from: PrimeNumber7 on July 30, 2022, 12:42:28 AM

Amazon is providing approximately 18 months notice they are shutting down their service. That is more than ample time for someone to make arrangements to store their backups elsewhere if they chose to store their backups online.

In this case, maybe. But there have been plenty of cloud providers in the past who have provided little to no notice, and there will be plenty more in the future.

That's right. This Amazon situation is the best case scenario you see in these type of situations where the service provider decides to pull the plug.

Quote from: Fivestar4everMVP

You are exactly wrong in your subject, that Amazon is shutting down their service has nothing to do with why peeps shouldn't store their seed or private keys online.

It's one of the reasons. Just highlighting that you can't trust online cloud storage providers at all. As well, not all of them are as nice as Amazon. As o_e_l_e_o pointed out.

To say nothing of how shady cloud storage providers can just close your account and delete all your files without your permission and not have to explain why. it happens.

Quote

The reason why it is said never to store your seed or private keys online is due to how easy it might be to get hacked...

That's one of the reasons.

But back to this Amazon situation. There will most likely be people that don't migrate their data away from Amazon Drive for a variety of reasons. One of them being they never knew the service was shutting down. Yes, isn't that hard to believe? But its' true.

Fivestar4everMVP

legendary

Activity: 2422

Merit: 1083

Leading Crypto Sports Betting & Casino Platform

Quote from: larry_vw_1955 on July 29, 2022, 07:23:04 PM

To all the newbies: https://www.geekwire.com/2022/amazon-is-shutting-down-its-cloud-storage-service-amazon-drive/

You are exactly wrong in your subject, that Amazon is shutting down their service has nothing to do with why peeps shouldn't store their seed or private keys online.
The reason why it is said never to store your seed or private keys online is due to how easy it might be to get hacked, and not because of the service itself shutting down.
Take for example, there is no way a company as big as Amazon would want to shut down a service without announcing it first and giving their customers who use that service time to transfer their documents to another company that provides the same service(like they just did in this case).
So the major reason why storing seeds and private keys online is frowned at is because of hack, most especially for newbies who don't know how to use strong passwords for their account security, and some also do not know how to use 2FAs, such account can easily be hacked, so this is why it is better to keep your seed phrases offline for better security.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18711

Do you know what cloud storage actually is? Someone else's computer. Why would you store your seed phrase on someone else's computer? Do you know who can access that computer? Do you know how good that computer's security is? What if that person stops letting you access their computer? An incredibly stupid thing to do.

Quote from: PrimeNumber7 on July 30, 2022, 12:42:28 AM

Amazon is providing approximately 18 months notice they are shutting down their service. That is more than ample time for someone to make arrangements to store their backups elsewhere if they chose to store their backups online.

In this case, maybe. But there have been plenty of cloud providers in the past who have provided little to no notice, and there will be plenty more in the future.

passwordnow

hero member

Activity: 3136

Merit: 591

Leading Crypto Sports Betting & Casino Platform

If you are aware of the risks that storing anything important such as seeds or private keys online then it's your call. Basically, you have an idea on how to keep those things confidential despite being not recommended in doing so. I've known people that have been doing that but of course, not for their keys but for some important login details and information which eases them from their tasks and businesses. It could be done for crypto-related stuff but if you're also aware of those breaches that have happened, you'll never do this when you're aware that a hacker might find and crack it. As for Amazon, the point is actually good, what if the cloud storage you're using suddenly collapsed or announces an immediate closure but for someone who understands the importance of keeping your keys safely through the manual way of writing it down, this is out of choice.

PrimeNumber7

copper member

Activity: 1652

Merit: 1901

Amazon Prime Member #7

Quote from: larry_vw_1955 on July 29, 2022, 07:23:04 PM

/

Amazon is providing approximately 18 months notice they are shutting down their service. That is more than ample time for someone to make arrangements to store their backups elsewhere if they chose to store their backups online.

With that being said, there are plenty of reasons to not store your backups in the cloud or online, such as the potential for the service provider having a security breach, your account being hacked via various means, or your account password being reset via phishing.

Even if your private keys are encrypted, an adversary would have an unlimited number of attempts to decrypt your private keys, until you become aware of the breach and move your coin.

worle1bm

full member

Activity: 1834

Merit: 166

Even if Amazon has decided to shut down it's cloud storage then also you should not be storing your seeds over there and only offline ways should be used for it.If some bad actor or hacker gained access to your keys or seeds through cloud then your funds will be gone so why use these ways in first end.It is advisable never to have digital copy of them and you are saying about Amazon services which can easily involved in data leak so don't trust them at all.

mk4

legendary

Activity: 2870

Merit: 3873

Paldo.io 🤖

That's just one thing, but people are against storing your backup digitally(or worse, on the cloud) mostly because of potential breaches. Writing your backup down on a piece of paper or etched on a steel sheet automatically removes the risk of hacking.

Poker Player

legendary

Activity: 1372

Merit: 2017

Well no, I do not agree with the title of the thread. That amazon is going to shut down its cloud service has nothing to do with what is usually said about saving your seeds offline.

Amazon is going to stop providing a service and if you store things in that cloud, you will have to find another service if you want to continue storing them in a cloud.

Saving things in a cloud has its advantages and should always be done with information that is not too sensitive, as mentioned above.

But saving your seeds offline is often said because from the moment you have them online, there is a risk that they will be stolen by hackers, and for that it doesn't matter if Amazon Drive stops its service on Dec. 31, 2023.

Topic: Here is why they say to store your seed "offline" - page 2. (Read 574 times)