I would like an 'expert' opinion on this.
In 2011 it was really silly to use the webwallets.
However, because blockchain.info (and others) never touches your private keys, is it still as much a risk as many here pretend?
(Provided you use a secure password, of course.)
Topic: how much BTC would you trust in a blockchain.wallet,how long should passord be?? - page 2. (Read 3033 times)
April 17, 2013, 05:47:23 PM
April 17, 2013, 05:42:11 PM
Best to think up your own four word passphrase though.
correct horse battery staple
5KJvsngHeMpm884wtkJNzQGaCErckhHJBGFsvd3VyK5qMZXj3hS
https://blockchain.info/address/1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T
correct horse battery staple
5KJvsngHeMpm884wtkJNzQGaCErckhHJBGFsvd3VyK5qMZXj3hS
https://blockchain.info/address/1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T
April 17, 2013, 11:55:23 AM
April 17, 2013, 11:47:28 AM
10 Bitcoins at most for me, then the loss wouldn't hurt so bad but honestly I don't trust the safety of anything that's on the internet, it's always safest offline.
April 17, 2013, 11:45:24 AM
I'll trust it for up to $50 worth of bitcoins, but I will never store any money on it. What's the point of that when you can run a lite/thin client on your desktop?
Trust it with as much value as you'd feel comfortable carrying around as physical cash in your wallet on a daily basis.
Password should be at least 30 random characters and generated by a password generator, which itself is protected by a high-entropy passphrase.
30 characters is extreme, unless you're trying to store thousands of dollars' worth of bitcoins. Password should be at least 30 random characters and generated by a password generator, which itself is protected by a high-entropy passphrase.
April 17, 2013, 11:39:26 AM
Well, mine was hacked, losing 1 bitcoin. USE TWO FACTOR AUTHENTICATION!
April 17, 2013, 11:24:49 AM
Trust it with as much value as you'd feel comfortable carrying around as physical cash in your wallet on a daily basis.
Password should be at least 30 random characters and generated by a password generator, which itself is protected by a high-entropy passphrase.
Password should be at least 30 random characters and generated by a password generator, which itself is protected by a high-entropy passphrase.
April 17, 2013, 11:16:28 AM
how much BTC would you trust in a blockchain.wallet, how should password be??
note assumes you have got all your private keys backup and encrypted everywhere
me, unsure at this stage (hence the thread) but it seems with say a 20 plus letter password it should be ok?
note assumes you have got all your private keys backup and encrypted everywhere
me, unsure at this stage (hence the thread) but it seems with say a 20 plus letter password it should be ok?
About as much as I'd want to spend that day before I getting home and top it off from my personall wallet.
Sigg
April 17, 2013, 09:35:47 AM
how much BTC would you trust in a blockchain.wallet, how should password be??
note assumes you have got all your private keys backup and encrypted everywhere
me, unsure at this stage (hence the thread) but it seems with say a 20 plus letter password it should be ok?
EDIT what hapens if you use 2 factor and then loose your phone?
EDIT 2: I guess the issue is, if some one got access to the server and relevant web sites, they could inject a JavaScript that just collects you password as you enter it, and javascript checker would be no good either as they would change that on the check site as well....as the BTC goes up so does impetus to do this some how goes up too...even of you had distributed javascript to be checked agiasnt, but even the a dodge on could be distributed......
at least this is my understanding of how the javascript check works and its limitations.
note assumes you have got all your private keys backup and encrypted everywhere
me, unsure at this stage (hence the thread) but it seems with say a 20 plus letter password it should be ok?
EDIT what hapens if you use 2 factor and then loose your phone?
EDIT 2: I guess the issue is, if some one got access to the server and relevant web sites, they could inject a JavaScript that just collects you password as you enter it, and javascript checker would be no good either as they would change that on the check site as well....as the BTC goes up so does impetus to do this some how goes up too...even of you had distributed javascript to be checked agiasnt, but even the a dodge on could be distributed......
at least this is my understanding of how the javascript check works and its limitations.
Jump to: