Pages:
Author

Topic: How to best protect wallets (Read 2228 times)

kjj
legendary
Activity: 1302
Merit: 1026
December 17, 2013, 12:09:22 AM
#28
Don't use gmail (, hotmail, yahoo, whatever).

Don't use the same password everywhere.

Don't park your coins with third parties.

If you must violate #3, don't use third parties that use access to your email as a way to bypass their authentication.

Once you've mastered these, you can move on to advanced techniques like picking passwords that don't suck.
hero member
Activity: 518
Merit: 500
December 16, 2013, 06:44:56 AM
#27
Speaking of that, try PasswordSafe.  I got it from Bruce Schneier's site, and I like that program too. 

I use KeePassX. Everyone should use a good password management program.

I have old ass legacy passwords burned in my head that are short, and then a code that instructs me how to manipulate the classics (concatenation, hashes and shit) that is written and chilling on my harddrive, but doesn't mention the passwords themselves. 

Cool story bro.  Yeah I need software...but I don't trust a goddamm.

I love your ulimate level of paranoia. Keeps you safe. But paranoid as hell  Wink
newbie
Activity: 42
Merit: 0
December 16, 2013, 05:43:37 AM
#26
I am so glad I asked this question and thank everyone for their advice. Lots of useful thoughts and processes you all use, going to look into each of them and see what will suit me the best.

Thanks again!
sr. member
Activity: 406
Merit: 251
http://altoidnerd.com
December 16, 2013, 04:30:40 AM
#25
Speaking of that, try PasswordSafe.  I got it from Bruce Schneier's site, and I like that program too. 

I use KeePassX. Everyone should use a good password management program.

I have old ass legacy passwords burned in my head that are short, and then a code that instructs me how to manipulate the classics (concatenation, hashes and shit) that is written and chilling on my harddrive, but doesn't mention the passwords themselves. 

Cool story bro.  Yeah I need software...but I don't trust a goddamm.
hero member
Activity: 518
Merit: 500
December 16, 2013, 02:54:13 AM
#24
Speaking of that, try PasswordSafe.  I got it from Bruce Schneier's site, and I like that program too. 

I use KeePassX. Everyone should use a good password management program.
member
Activity: 60
Merit: 10
December 16, 2013, 02:50:32 AM
#23
Speaking of that, try PasswordSafe.  I got it from Bruce Schneier's site, and I like that program too. 
hero member
Activity: 518
Merit: 500
December 16, 2013, 02:42:36 AM
#22
Has anyone here used Armory for a wallet?

Yes, I'm using armory for quite a while now and I like it very much! I have a "watch-only" wallet on my desktop PC, which I can use to check my balance for incoming payments. I have little money in an online wallet from blockchain.info for the little expenses. If I have to pay something bigger, my desktop armory can create an offline transaction on an usb stick and I use an old umpc (xp tablet), which I keep offline, to sign the transaction. Then I put the usb stick back into my desktop PC to send the signed transaction.

So my private key was created offline and is kept on a machine, which I will never connect to the internet. Sounds pretty safe to me, I think it's like the upcoming trezor will work.

Yep. You've got it sorted.

The USB stick is kept "off-site" isn't it .........  Smiley
legendary
Activity: 924
Merit: 1000
December 16, 2013, 02:39:15 AM
#21
Has anyone here used Armory for a wallet?

Yes, I'm using armory for quite a while now and I like it very much! I have a "watch-only" wallet on my desktop PC, which I can use to check my balance for incoming payments. I have little money in an online wallet from blockchain.info for the little expenses. If I have to pay something bigger, my desktop armory can create an offline transaction on an usb stick and I use an old umpc (xp tablet), which I keep offline, to sign the transaction. Then I put the usb stick back into my desktop PC to send the signed transaction.

So my private key was created offline and is kept on a machine, which I will never connect to the internet. Sounds pretty safe to me, I think it's like the upcoming trezor will work.
hero member
Activity: 518
Merit: 500
December 16, 2013, 02:34:26 AM
#20
You know I thought the same thing, I didn't think I'd really be able to memorize long chains like that, but I found it to be pretty easy.  Yeah I am liking Armory a lot, it hasn't finished installing but it looks like I can import wallets into it.  There are over 500 people with more than 1 million in BTC so I'm sure they have taken precautions to protect their money.  In fact, there may be info on that on google if you searched hard enough.  I find so much every day about BTC I get overwhelmed!  Good luck!

Armory has good rep. Solid software. No problems there. Just saying its easier to remember 12 words than 20-25 random characters. Human memory is a very frail thing
member
Activity: 60
Merit: 10
December 16, 2013, 02:19:38 AM
#19
You know I thought the same thing, I didn't think I'd really be able to memorize long chains like that, but I found it to be pretty easy.  Yeah I am liking Armory a lot, it hasn't finished installing but it looks like I can import wallets into it.  There are over 500 people with more than 1 million in BTC so I'm sure they have taken precautions to protect their money.  In fact, there may be info on that on google if you searched hard enough.  I find so much every day about BTC I get overwhelmed!  Good luck!
hero member
Activity: 518
Merit: 500
December 16, 2013, 02:08:10 AM
#18
Has anyone here used Armory for a wallet?  I am using it now and it really seems rock solid and I feel very safe with it.  You can import wallets into it, and I have it on the desktop (takes a while to download and requires bitcoind & bitcoin-qt).    About passwords, you can start off with a really hard password that you write down, random characters, numbers, and make it at least 15 characters long.  After a few weeks, you will memorize that crazy random number, I've done it many times.  After you get used to the memorization, you can add additional characters and before you know it, you can type out a very long, for example 20 or 25-long character random password in a few seconds, and the longer random passwords are more secure.  At least it's a step in the right direction, I know it's not for everybody.

Armory has a good reputation I believe. But honestly, I'm not sure about remember 20-25 length "random" characters ... recipe for future disaster ........ mnemonic based brain wallets are the way to go
member
Activity: 60
Merit: 10
December 16, 2013, 01:55:33 AM
#17
Has anyone here used Armory for a wallet?  I am using it now and it really seems rock solid and I feel very safe with it.  You can import wallets into it, and I have it on the desktop (takes a while to download and requires bitcoind & bitcoin-qt).    About passwords, you can start off with a really hard password that you write down, random characters, numbers, and make it at least 15 characters long.  After a few weeks, you will memorize that crazy random number, I've done it many times.  After you get used to the memorization, you can add additional characters and before you know it, you can type out a very long, for example 20 or 25-long character random password in a few seconds, and the longer random passwords are more secure.  At least it's a step in the right direction, I know it's not for everybody.
hero member
Activity: 518
Merit: 500
December 15, 2013, 11:11:39 PM
#16
Do NOT use brain wallet. (This is when you use HASH(your favorite passphrase) as the private key to the bitcoin address) There are people with massive rainbow tables listening on the network.

Personally I have my coins in several different places.

Cold wallets: Funds spread across 10 different addresses, this is so that none of them look too big and attract attention, and if there was something wrong with my random numbers hopefully not all 10 addresses will be compromised. Generated offline on a linux live CD. Printed out (2 copies), sealed in envelops and kept in 2 different places. Printer used for the process was disconnected and powered off afterwards, and left for several days before being used again.

Warm wallets: Funds spread between 2 wallets on different machines, each encrypted with a different passphrase. 1 machine behind a NAT router, the other behind 2 NAT routers. 

Hot wallets, bitcoins for spending: Blockchain.info wallet 

I'm sorry, you misunderstand brain wallets. You do not use your "favorite passphrase". That would be stupid. You use 12 random words. I have seen the math, the entropy is huge. As for "listening on the network", I am not sure what you are talking about. You never broadcast these words.
full member
Activity: 182
Merit: 100
December 15, 2013, 10:11:09 PM
#15
Do NOT use brain wallet. (This is when you use HASH(your favorite passphrase) as the private key to the bitcoin address) There are people with massive rainbow tables listening on the network.

Personally I have my coins in several different places.

Cold wallets: Funds spread across 10 different addresses, this is so that none of them look too big and attract attention, and if there was something wrong with my random numbers hopefully not all 10 addresses will be compromised. Generated offline on a linux live CD. Printed out (2 copies), sealed in envelops and kept in 2 different places. Printer used for the process was disconnected and powered off afterwards, and left for several days before being used again.

Warm wallets: Funds spread between 2 wallets on different machines, each encrypted with a different passphrase. 1 machine behind a NAT router, the other behind 2 NAT routers. 

Hot wallets, bitcoins for spending: Blockchain.info wallet 
hero member
Activity: 518
Merit: 500
December 15, 2013, 09:43:01 PM
#14
Protection overall has to be of the utmost importance. You could discuss the server security aspect all day and have so much to do that you would not sleep. Its all about what you are comfortable with. My question is what wallet security is suitable and I think there have been some good options presented. Looking forward to seeing if there are any more to take into consideration Smiley

Encrypt your wallet with a STRONG password .... just don't store the password on a computer connected to the Internet!

On this: If one were to use such a tool to test a password's entropy, what goal shall we be setting for ourselves.  I believe this results in bits per character?

http://www.shannonentropy.netmark.pl/

The more bitcoins you have, the higher the entropy you need  Smiley
sr. member
Activity: 406
Merit: 251
http://altoidnerd.com
December 15, 2013, 09:15:10 PM
#13
Protection overall has to be of the utmost importance. You could discuss the server security aspect all day and have so much to do that you would not sleep. Its all about what you are comfortable with. My question is what wallet security is suitable and I think there have been some good options presented. Looking forward to seeing if there are any more to take into consideration Smiley

Encrypt your wallet with a STRONG password .... just don't store the password on a computer connected to the Internet!

On this: If one were to use such a tool to test a password's entropy, what goal shall we be setting for ourselves.  I believe this results in bits per character?

http://www.shannonentropy.netmark.pl/
hero member
Activity: 518
Merit: 500
December 15, 2013, 08:22:19 PM
#12
Protection overall has to be of the utmost importance. You could discuss the server security aspect all day and have so much to do that you would not sleep. Its all about what you are comfortable with. My question is what wallet security is suitable and I think there have been some good options presented. Looking forward to seeing if there are any more to take into consideration Smiley

Encrypt your wallet with a STRONG password .... just don't store the password on a computer connected to the Internet!
newbie
Activity: 42
Merit: 0
December 15, 2013, 04:41:11 PM
#11
Protection overall has to be of the utmost importance. You could discuss the server security aspect all day and have so much to do that you would not sleep. Its all about what you are comfortable with. My question is what wallet security is suitable and I think there have been some good options presented. Looking forward to seeing if there are any more to take into consideration Smiley
member
Activity: 60
Merit: 10
December 15, 2013, 04:35:15 PM
#10
You know while we're on this subject, and this may need to be moved to another area of the forum, but if for example I have Ubuntu and installed a server, doesn't that open me up to more risk?  Can't I just open up a GUI for the firewall and watch my ports?  What is the safest way to monitor traffic on your own network on Linux?  Just curious what others do.
newbie
Activity: 42
Merit: 0
December 15, 2013, 04:09:04 PM
#9
I think the TREZOR device will be a great security measure.  I can't wait to get one when they are available to order.   
I had to utilise Google to find out what they are all about but I think you are right. Protection is very important to me, thanks for the advice!
Pages:
Jump to: