Author

Topic: Idea to improve bitcoin wallet security that is simple for the average person (Read 1211 times)

legendary
Activity: 1120
Merit: 1000
ALWAYS encrypted long password at least 10 letters with upercase and lowercase
Besides; NEVER trust a high amount of bitcoins to an online service
if you have to keep a good amount as a cold storage you should use a paper wallet created in an offline pc
newbie
Activity: 55
Merit: 0
Long Custom Passwords are usually sufficient.
sr. member
Activity: 336
Merit: 250
DLISK - Next Generation Coin
I was thinking it would be a good idea to make the bitcoin client require that you make an 8-10 digit pin which encrypts the wallet once, and then a password to encrypt the encrypted wallet for double protection and user friendliness, a bit like some online banking services.

What do you think?
You should not be forced to encrypt your wallet until you are ready to do so. If you are forced to encrypt it as soon as you create your wallet you might not be ready to think of a password and set something that you forget, this would essentially be the same as your bitcoin being stolen (from your perspective). It would be better to leave your wallet with small amounts of bitcoin unencrypted until you are ready to think of and set a password.

Also limiting a password to between 8 and 10 digits is bad as it gives an attacker a much smaller number of possible combinations as to what it may be.
newbie
Activity: 57
Merit: 0
doesn't electrum do this? every time you need to do something that uses your private key it asks for a password. not sure if that means it is encrypting the private key with the password though, or if its just to proceed to the next step
legendary
Activity: 4410
Merit: 4788
I was thinking it would be a good idea to make the bitcoin client require that you make an 8-10 digit pin which encrypts the wallet once, and then a password to encrypt the encrypted wallet for double protection and user friendliness, a bit like some online banking services.

What do you think?

sometimes the risk of encryption is the risk of corruption(data)

its fine for small amounts of data, but large files encrypted twice doubles the risk.

there are already cases where people have corrupted wallets due to encryption by encrypting the wallet and then encrypting their hard drive. thats why people have multiple backups and also store privkeys on paper.

for many people they have a password they can remember and just sha256 it. and then use that hash as the password. (nice long entropy) rather than just the password thy can remember. that way its simple to remember but making that password have better entropy.

im not saying encrypting an encrypted wallet is any less secure, but wen peoples funds are involved.. they need to backup in several formats and in several locations incase one gets damaged, there is no single solution that is guaranteed
legendary
Activity: 1834
Merit: 1008
I was thinking it would be a good idea to make the bitcoin client require that you make an 8-10 digit pin which encrypts the wallet once, and then a password to encrypt the encrypted wallet for double protection and user friendliness, a bit like some online banking services.

What do you think?
Jump to: