Topic: How do you protect your wallet and backup file? - page 2. (Read 3603 times)

So they can just steal my wallet file, and put it inside another wallet of their choise, like it doesn't have to be electrum, and then they are not able to spend/move my bitcoins right? If this is the case, I shouldn't be worried about the wallet file, and if someone steals it, they can't do anything with it because they dont have my password or seed?

But why is then everybody saying protect and backup your wallet etc..

Your suggestion of seucurity seems like a bit advanced to me, although I kind of understand what you mean.

But my wallet is on my external harddrive. If I set a password lock/encryption to the whole folder, it will make the security level go up a little bit, which is good I guess.

A few days ago I read a thread here which is now deleted, but the op linked to a website. And it said that I didn't have flash installed, so I was not thinking more than I should, and tried to download the file and install it. I already even had flash on my computer so I don't know why I did that. Later on I get a message on my screen saying electrum password expired! change it. And I didn't even had my external harddrive connected to my PC. And how they knew I used electrum, not sure. And then I realised it was some kind of trojan/malware, and I also looked in the thread and some more users confirmed this. So I deleted it and checked that my coins were safe on my computer at a later point, and they were.

But imagine if I had my external harddrive connected to my computer at that point, what could of happen? Could the malware just see my password and take my coins, or would it log me when I type my password, and then transfer the coins to themself? I guess it's better to have electrum on a external harddrive rather than on the computer it self. Becuase you could always check that your coins are safe in another computer, thats not infected with virus/trojan or malware, and then proceed to clean the computer.


Btw, I appreciate the time you take to help me understand this whole thing!

Yep.


Great.


Yes, without the password they can see your balance etc, information about the transactions you received. But without the password or(!) the seed, the coins can not be spend. The seed allows you to create a new wallet (without password) with the same private keys. The password unlocks the allready existing private keys.


In my personal opinion it is not helping if you encrypt the folder. The file is encrypted allready, if you wanted to add another layer, Id suggest you protect the system itself BIOS&boot password, fully encrypted disk or at least protect the user account that has access to the file by setting a userpassword if you dont have one allready.
All these methods would protect the folder as well as the file inside it indirectly, as anyone that would have access to your machine would need at least one of those passwords to operate it or time.
E.g. if you only set a userpassword this can be circumvented by booting from an external device and extract the data that way.
If you also have a boot & bios password, its not possible to boot from an external device, so an attacker would have to dismantle the machine and remove the harddisk. Once the harddisk is in another machine the file can be read.
If the harddisk is also encrypted, well sucks to try and steal your bitcoin. You are still vulnerable to viruses / keyloggers, social engeneering as well the 5$ wrench and drugs attack [1] however.
A encrypted folder would also buy you more time to notice something is wrong, but it would also result in manual steps. You would have to decrypt the folder with a tool, start electrum, do what you want to do, close electrum, encrypt the folder with a tool. While an encrypted disk can be handled by your OS automatically (besides entering the password ofc). I know this works perfectly fine on a linux machine and suspect its also possible for Windows and MacOS nowadays.



[1] https://xkcd.com/538/

Maybe I am not explaining to well, or I don't understand how it really works. I have my electrum wallet inside a folder named folder A. Inside folder A is another folder created by electrum. In that folder is my wallet file.

I just want to protect that wallet file and the folder it is stored in the best possible way.

But can someone who for example have access  to my wallet file, load up the file in another wallet and move my bitcoins to themself? Or do they still need my password I have for electrum?

I want to protect it just in case. And thats why I asked about some encryption or something like axcrypt or folder lock. But will the protection of the folder be necessary? Or how do you suggest to do it?

Not sure.


Yes, with electrum the seed is enough.


I cant answer that for all wallets. Some have seeds, some dont.


Usually thats no difference, but this depends on the wallet you are using. E.g. Multibit has a file for all private keys and an extra file for each individual private key.


I dont know what "password based" means. Electrum requires a password to unlock the private keys it needs to create a transaction for you.


Why?


What exactly do you think this would protect against? Either someone can access your private keys or not, the rest does not matter. Or at least it does not to me. I dont know you or your surroundings. I can only guess why it would be bad if someone that has hardware access to your machine and knows the passwords needed to boot, unlock the encrypted disk and log into your user account would also know how much bitcoin you have. If you have none of the mentioned security mechanisms allready its better and easier to set them up instead of "protecting" the folder, which is possible but most likely a pain in the ass regarding comfort.

I just got a notification about my password expiring for electrum. I didn't even had my external harddrive connected to my computer. Should I worry+

Also, if someone could answer my above questions it would be much appreciated!

So the seed is enough, just if I use electrum? Not with other wallets right, because not all have the option of seed? Should it then be good to save the private keys or just the wallet file?

I am using Electrum as a cold storage solution. But my wallet, is in a folder. And inside the folder, is the wallet file. Isn't electrum password based? Because you need to type a password when you want to transfer bitcoins to another address.

I want to password protect, or encrypt the whole folder, so before I access the folder, I will have to type a password or even two. That would make the security level go up a bit.

If your wallet is protected by a password that you type in, than a keylogger can grab it -- there's no way to protect against this. If you're worried about malware and keyloggers, you should be looking at solutions that aren't simply password-based, e.g.:

1. Web-based multisig wallets with two factor authentication, e.g. Greenaddress.it or BitGo.com.
2. Desktop-based multisig wallets, e.g. Armory or mSIGNA (and another trusted individual running the same).
3. Cold storage solutions, e.g. Electrum or Armory.
4. Hardware wallets, e.g. Trezor or Ledger (a.k.a. HW.1).

(Of course, each of these also has its downsides.)


The seed is enough.

Well I am. I was thinking more of protecting my self from a malware och keylogger. Thats why I wanted to encrypt my wallet file, and the whole folder where my wallet is stored.

I was thinking of Axcrypt but I've seen some good and some bad reviews about it, not sure.

I also saw something called folder lock, seems like a good encryption software. But not sure which one to use. I just need something simple and reliable. And I know that even with encryption, you can not store your wallet or wallet file 100% safe.

And just in case, is it worth to save the private keys somewhere, when using electrum? Or is just the seed enough.. because every page about how to save your wallet is mentioning that one should save the private keys.

Use your own machine (e.g. personal laptop noone else is using) and use full disk encryption.

So there is no risks with someone only being able to actually watch the wallet. Because without the password, its kind of useless, am I right?

I also want to make sure I can set protection to the folder where the wallet file is, is this possible? Because I don't want anyone to access the wallet file, except my self.

This is not supported in Electrum for technical reasons.

The password you enter at the creation of the wallet only protects for sending bitcoin and viewing the seed / private keys.

Looking at your balance can not be password protected for technical reasons.

I am woundering how you protect your wallet and backup file for electrum.

Whenever I click on my wallet, it opens directly and load the wallet file. However, I assume this is not safe. So how do I set a protection or encryption on the actual wallet? And how do you keep the backup file safe? I need a encryption for that, so each time I want to open the file, I will have to type a password.

I tried 7zip but it does not do the work as I want, because it just requires you to type your password one time, and thats it. I also tried AxCrypt, which I find kind of good but I am not sure about it at all because I don't find much about it on this forum, but I've seen some reviews for it on other websites and it seems like a few people are happy about it. Just want to know what encryption to use and why.

Help is appreciated!