Author

Topic: How do you encrypt/backup your wallet (Read 3264 times)

hero member
Activity: 518
Merit: 500
January 09, 2014, 06:20:32 AM
#26
Let's see to crack the wallet you need a copy of the encrypted wallet + the password

1. Offline backups mean to get the copy of the encrypted wallet you need to physically visit his residence/office and grab the backup disks.

2. Online backups mean you need to access his cloud account. You can take your sweet time doing this remotely. Phishing attacks would work in this scenario.

So IMO 1. is much better.

edit: To secure your wallet in your online storage you have to keep a strong password for you wallet file, your storage account *and* your email account because otherwise a thief could use the forgotten password link to get access to your storage account. To secure your offline backup you only need the password for your wallet file and the key to your safe deposit box/storage box whatever where you are keeping your backup media.

The problem with 1. is that if you don't store you physical USB (or w/e storage device) somewhere other than your home, if you home burns down or if you lose the backup then your kind of screwed if you do need to rely on your backup. With 2. the only way you actually lose your wallet is if you give out your password (provided it's a proper secure password - not something stupid like 1234) in which case if your dumb enough to give people your password then you deserve to lose your money. It's like if your dumb enough to give people all your bank details don't be surprised if people just empty out your account.

1. Create a super-strong encryption password, stick it in bank or with lawyer.
2. Back-up your wallet online, and tell your loved ones (a) how to access it, and (b) who has the password

No scheme is perfect, but that's reasonable.
hero member
Activity: 742
Merit: 502
Circa 2010
January 09, 2014, 06:05:39 AM
#25
Let's see to crack the wallet you need a copy of the encrypted wallet + the password

1. Offline backups mean to get the copy of the encrypted wallet you need to physically visit his residence/office and grab the backup disks.

2. Online backups mean you need to access his cloud account. You can take your sweet time doing this remotely. Phishing attacks would work in this scenario.

So IMO 1. is much better.

edit: To secure your wallet in your online storage you have to keep a strong password for you wallet file, your storage account *and* your email account because otherwise a thief could use the forgotten password link to get access to your storage account. To secure your offline backup you only need the password for your wallet file and the key to your safe deposit box/storage box whatever where you are keeping your backup media.

The problem with 1. is that if you don't store you physical USB (or w/e storage device) somewhere other than your home, if you home burns down or if you lose the backup then your kind of screwed if you do need to rely on your backup. With 2. the only way you actually lose your wallet is if you give out your password (provided it's a proper secure password - not something stupid like 1234) in which case if your dumb enough to give people your password then you deserve to lose your money. It's like if your dumb enough to give people all your bank details don't be surprised if people just empty out your account.
hero member
Activity: 518
Merit: 500
January 09, 2014, 05:46:38 AM
#24
Could someone clarify this for me: I've encrypted my wallet using BitcoinQT's built in feature. The password has ~150bits of entropy - can I safely store my encrypted wallet.dat in the cloud?

I would add a simple zip encryption too and call it pictures.

Archive encryptions used to be exceptionally weak and vulnerable in the past and zip encryption was particularly weak IIRC. Did anything change in that regard?

I personally use 7zip, which employs AES-256 encryption.
It should be strong enough when the password is long, right?

Not sure about other archive software though.

Yep, good as extra precaution. Just as long as you remember your password Smiley

Maybe it's overkill and just creates an unneeded extra step on my part but I'm going to make an archive with 7zip and then use boxcyptor on top that. Also it's stored on my google drive which requires 2 factor authentication through my phone on top of that password. Also the file name is changed to something that won't stand out so even if someone did get access to all the different passwords and my phone they still might have a hard time ever knowing to grab that file.

The tricky part is not inventing an amazingly layered protection scheme .... the tricky part is passing the wealth onto your loved ones should the worse come to the worse. We all need to think about that aspect as well. None of us is going to be here for ever unfortunately.
legendary
Activity: 3696
Merit: 1584
January 09, 2014, 03:50:02 AM
#23
All of this crap will only make it harder to a) make backups and b) restore from backups and c) recover backups should you ever forget your passwords. In the end you'll be dissuaded from making regular backups and you'll loose coins, so keep it simple. Use the built in encryption in bitcoin-qt and store your backups offline on removable media like USB drives. Sticking it online is asking for trouble.

Also remember to make new backups once every 100 transactions or you'll loose coins. Alternatively you could switch to electrum and only need to make one backup at the start.

Provided he uses a long password (20+) with numbers, different cases and symbols he should be fine with uploading it, as unless his pass is guessed or hit by a dictionary attack he should be fine with uploading it to an online storage site. Plus it means that if he has a fire or somehow loses all his USBs he can always download a copy of his wallet.

Let's see to crack the wallet you need a copy of the encrypted wallet + the password

1. Offline backups mean to get the copy of the encrypted wallet you need to physically visit his residence/office and grab the backup disks.

2. Online backups mean you need to access his cloud account. You can take your sweet time doing this remotely. Phishing attacks would work in this scenario.

So IMO 1. is much better.

edit: To secure your wallet in your online storage you have to keep a strong password for you wallet file, your storage account *and* your email account because otherwise a thief could use the forgotten password link to get access to your storage account. To secure your offline backup you only need the password for your wallet file and the key to your safe deposit box/storage box whatever where you are keeping your backup media.
hero member
Activity: 742
Merit: 502
Circa 2010
January 09, 2014, 03:39:36 AM
#22
All of this crap will only make it harder to a) make backups and b) restore from backups and c) recover backups should you ever forget your passwords. In the end you'll be dissuaded from making regular backups and you'll loose coins, so keep it simple. Use the built in encryption in bitcoin-qt and store your backups offline on removable media like USB drives. Sticking it online is asking for trouble.

Also remember to make new backups once every 100 transactions or you'll loose coins. Alternatively you could switch to electrum and only need to make one backup at the start.

Provided he uses a long password (20+) with numbers, different cases and symbols he should be fine with uploading it, as unless his pass is guessed or hit by a dictionary attack he should be fine with uploading it to an online storage site. Plus it means that if he has a fire or somehow loses all his USBs he can always download a copy of his wallet.
legendary
Activity: 3696
Merit: 1584
January 09, 2014, 03:20:16 AM
#21
Could someone clarify this for me: I've encrypted my wallet using BitcoinQT's built in feature. The password has ~150bits of entropy - can I safely store my encrypted wallet.dat in the cloud?

I would add a simple zip encryption too and call it pictures.

Archive encryptions used to be exceptionally weak and vulnerable in the past and zip encryption was particularly weak IIRC. Did anything change in that regard?

I personally use 7zip, which employs AES-256 encryption.
It should be strong enough when the password is long, right?

Not sure about other archive software though.

Yep, good as extra precaution. Just as long as you remember your password Smiley

Maybe it's overkill and just creates an unneeded extra step on my part but I'm going to make an archive with 7zip and then use boxcyptor on top that. Also it's stored on my google drive which requires 2 factor authentication through my phone on top of that password. Also the file name is changed to something that won't stand out so even if someone did get access to all the different passwords and my phone they still might have a hard time ever knowing to grab that file.

All of this crap will only make it harder to a) make backups and b) restore from backups and c) recover backups should you ever forget your passwords. In the end you'll be dissuaded from making regular backups and you'll loose coins, so keep it simple. Use the built in encryption in bitcoin-qt and store your backups offline on removable media like USB drives. Sticking it online is asking for trouble.

Also remember to make new backups once every 100 transactions or you'll loose coins. Alternatively you could switch to electrum and only need to make one backup at the start.
sr. member
Activity: 364
Merit: 250
January 09, 2014, 12:13:39 AM
#20
Could someone clarify this for me: I've encrypted my wallet using BitcoinQT's built in feature. The password has ~150bits of entropy - can I safely store my encrypted wallet.dat in the cloud?

I would add a simple zip encryption too and call it pictures.

Archive encryptions used to be exceptionally weak and vulnerable in the past and zip encryption was particularly weak IIRC. Did anything change in that regard?

I personally use 7zip, which employs AES-256 encryption.
It should be strong enough when the password is long, right?

Not sure about other archive software though.

Yep, good as extra precaution. Just as long as you remember your password Smiley

Maybe it's overkill and just creates an unneeded extra step on my part but I'm going to make an archive with 7zip and then use boxcyptor on top that. Also it's stored on my google drive which requires 2 factor authentication through my phone on top of that password. Also the file name is changed to something that won't stand out so even if someone did get access to all the different passwords and my phone they still might have a hard time ever knowing to grab that file.
hero member
Activity: 518
Merit: 500
January 08, 2014, 09:47:45 PM
#19
Could someone clarify this for me: I've encrypted my wallet using BitcoinQT's built in feature. The password has ~150bits of entropy - can I safely store my encrypted wallet.dat in the cloud?

I would add a simple zip encryption too and call it pictures.

Archive encryptions used to be exceptionally weak and vulnerable in the past and zip encryption was particularly weak IIRC. Did anything change in that regard?

I personally use 7zip, which employs AES-256 encryption.
It should be strong enough when the password is long, right?

Not sure about other archive software though.

Yep, good as extra precaution. Just as long as you remember your password Smiley
legendary
Activity: 2912
Merit: 1060
January 08, 2014, 04:03:12 PM
#18
Winrar
hero member
Activity: 533
Merit: 500
^Bitcoin Library of Congress.
January 08, 2014, 03:56:37 PM
#17
+1 for 7zip
legendary
Activity: 2912
Merit: 1060
January 08, 2014, 02:47:07 PM
#16
Yes aes zips are great. Plus it's just extra.
hero member
Activity: 543
Merit: 500
January 08, 2014, 11:45:42 AM
#15
Could someone clarify this for me: I've encrypted my wallet using BitcoinQT's built in feature. The password has ~150bits of entropy - can I safely store my encrypted wallet.dat in the cloud?

I would add a simple zip encryption too and call it pictures.

Archive encryptions used to be exceptionally weak and vulnerable in the past and zip encryption was particularly weak IIRC. Did anything change in that regard?

I personally use 7zip, which employs AES-256 encryption.
It should be strong enough when the password is long, right?

Not sure about other archive software though.
member
Activity: 115
Merit: 11
January 08, 2014, 10:13:04 AM
#14
Could someone clarify this for me: I've encrypted my wallet using BitcoinQT's built in feature. The password has ~150bits of entropy - can I safely store my encrypted wallet.dat in the cloud?

I would add a simple zip encryption too and call it pictures.

Archive encryptions used to be exceptionally weak and vulnerable in the past and zip encryption was particularly weak IIRC. Did anything change in that regard?
hero member
Activity: 518
Merit: 500
January 08, 2014, 08:43:59 AM
#13
Could someone clarify this for me: I've encrypted my wallet using BitcoinQT's built in feature. The password has ~150bits of entropy - can I safely store my encrypted wallet.dat in the cloud?

I would add a simple zip encryption too and call it pictures.

Renaming the file from wallet.dat for bitcoin-qt users is certainly a good idea. The wallet file has a different name with electrum anyway Smiley
legendary
Activity: 2912
Merit: 1060
January 08, 2014, 02:06:56 AM
#12
Could someone clarify this for me: I've encrypted my wallet using BitcoinQT's built in feature. The password has ~150bits of entropy - can I safely store my encrypted wallet.dat in the cloud?

I would add a simple zip encryption too and call it pictures.
hero member
Activity: 518
Merit: 500
January 07, 2014, 12:34:30 AM
#11
What options do you use to backup your wallet data and encrypt it.

I was looking into using trucrypt to encrypt the file and then store it in the could  but would like to hear about other methods, options as well.

Backup and encryption are really different topics.

ok let me clarify.  I have a copy of my wallet data file , I'd like to encrypt though so if anyone ever found it wouldn't be of use for them.  So basically, what apps/services do you guys use to encrypt files. Or are there any cloud storage services that do encrption when you upload a file.

I use electrum. encryption is built-in. You don't need anything external, just have to remember your passcode Smiley
full member
Activity: 557
Merit: 101
January 06, 2014, 03:45:56 PM
#10
Could someone clarify this for me: I've encrypted my wallet using BitcoinQT's built in feature. The password has ~150bits of entropy - can I safely store my encrypted wallet.dat in the cloud?
sr. member
Activity: 364
Merit: 250
January 06, 2014, 11:17:48 AM
#9
Bitcoin-qt has encryption built in. Just goto "Settings" and make sure you use at least 15 characters (numbers and symbols help strength a lot).

Make sure you use a phrase you wont ever, EVER forget.

Once the wallet is encrypted, your coins are completely safe. Even if someone gets their hands on it, its useless to them.

Make sure you back it up, copies on flash drives stored in physically distinct locations are best, but if its encrypted very well, you could put it in an email or cloud storage, so it cant ever be lost.

Correct me if I'm wrong, but that only means you have a password to use it. If someone obtains that key through malware or other means then it's no longer safe.  Am I missing something ?
hero member
Activity: 1036
Merit: 500
January 06, 2014, 09:20:37 AM
#8
Bitcoin-qt has encryption built in. Just goto "Settings" and make sure you use at least 15 characters (numbers and symbols help strength a lot).

Make sure you use a phrase you wont ever, EVER forget.

Once the wallet is encrypted, your coins are completely safe. Even if someone gets their hands on it, its useless to them.

Make sure you back it up, copies on flash drives stored in physically distinct locations are best, but if its encrypted very well, you could put it in an email or cloud storage, so it cant ever be lost.
member
Activity: 115
Merit: 11
January 06, 2014, 08:52:04 AM
#7
Truecrypt is for encrypting whole filesystems I think.

For encrypting single files, I am using gpg.
sr. member
Activity: 364
Merit: 250
January 06, 2014, 08:27:00 AM
#6
boxcryptor works great.. and even lastpass (secure notes) will work fine for this.

thanks! checking out boxcryptor now
full member
Activity: 233
Merit: 101
January 06, 2014, 08:15:51 AM
#5
boxcryptor works great.. and even lastpass (secure notes) will work fine for this.
sr. member
Activity: 364
Merit: 250
January 06, 2014, 08:12:49 AM
#4
What options do you use to backup your wallet data and encrypt it.

I was looking into using trucrypt to encrypt the file and then store it in the could  but would like to hear about other methods, options as well.

Backup and encryption are really different topics.

ok let me clarify.  I have a copy of my wallet data file , I'd like to encrypt though so if anyone ever found it wouldn't be of use for them.  So basically, what apps/services do you guys use to encrypt files. Or are there any cloud storage services that do encrption when you upload a file.
hero member
Activity: 518
Merit: 500
January 06, 2014, 07:58:27 AM
#3
What options do you use to backup your wallet data and encrypt it.

I was looking into using trucrypt to encrypt the file and then store it in the could  but would like to hear about other methods, options as well.

Backup and encryption are really different topics.
newbie
Activity: 15
Merit: 0
January 06, 2014, 07:34:26 AM
#2
Multibit has built in wallet encryption using bip38 from the file menu. This is the obvious choice. Any secure not cloud based encryption program like truecrypt will work fine. Ease of use is an issue and cold storage should be considered using armory.
sr. member
Activity: 364
Merit: 250
January 06, 2014, 07:13:35 AM
#1
What options do you use to backup your wallet data and encrypt it.

I was looking into using trucrypt to encrypt the file and then store it in the could  but would like to hear about other methods, options as well.
Jump to: