Pages:
Author

Topic: Important advice: store your keys on a secure medium, not online in a cloud (Read 265 times)

hero member
Activity: 2926
Merit: 657
No dream is too big and no dreamer is too small
Storing online is always a bad decision. Know that everything you store online is own by the system itself, not by us. That's why in terms of seed phrases or keys, secure it in an offline storage, certainly not online, or else you'll gonna wake up one day seeing the other person has already access your file or wallet. Just learn to avoid it by all means.

My suggestion is just hid your seed phrase or keys somewhere that you think others won't be suspicious. Or just bury it, but it will also be at risk when there is flood or fire nearby.
hero member
Activity: 2408
Merit: 584
People, in search of the best places to save their seed phrases and passwords that are important to them, sometimes go crazy, regularly hiding them or rewriting them from place to place. Such worry will only confuse you. Just write down your important phrases without fuss and save them somewhere you think fire or water cannot reach them. Of course, let your copies be in reasonable quantities; you shouldn’t accumulate them on every corner.
Some people do crazy stuff with their seed phrases and private keys, I have even heard people engraving their private keys in silver plates so that they are safe from natural disasters such as floods or maybe humidity, small organisms eating them because it's possible with papers, but as you said, I think it's unnecessary for anyone to do anything like that as long as they have multiple copies of their private keys and seed phrases and have them kept in pretty safe places where only they can access them, they should be good.

We often see in our lives that when we try very hard to protect something, something tends to happen to that thing but when we don't push things too hard, nothing seems to happen. So, it's better that we protect these things in normal ways without doing unnecessary things.
sr. member
Activity: 728
Merit: 421
In as much as our private keys are very much important, it is good we keep them safe and not allow anybody to have access to it because it grants one access to your assets. So in that case, you would need to be very careful how you store your private keys to

Do.not use google cloud for storing such as it is not advisable to do so. If your google account gets compromised, it automatically grants the hackers access to your assets through your hack mail or google account.

The best way to do so is to write down your keys on a sheet of paper or jotter specifically for key phrase. After writing it down, you store or keep it in a place where only you can access it whenever you need it... Duplicate it and store other places so that you lose them even if you forget a particular place where you kept them. Other places can help you recover them if you forget where you kept the initial.
legendary
Activity: 2576
Merit: 1860
If I may add, many of us are into writing down our backups on ordinary pieces of paper and have the tendency to keep them in a hidden storage without checking on them every now and then. There's considerable risk in this practice because it might not last that long. It might not be readable after a few years of storage. Not to mention that it also won't survive fire and flood. 

So if you're planning for a steel backup, Jameson Lopp's storage reviews might be a lot of help: https://jlopp.github.io/metal-bitcoin-storage-reviews/.
legendary
Activity: 1890
Merit: 1537
Perhaps this topic has been discussed many times before, but since it is important, it may remind people not to be negligent in storing their keys. Indeed, it is best to avoid storing keys in the cloud, on CEX, in chats, anywhere connected to the internet, or through third parties, as a screenshot on your phone, etc. These seeds are the primary key to your personal bank, so everyone should store their keys securely offline without neglecting the matter and consider the factors, natural damages, and living conditions.

Each person has his own way, whether by writing them on several pieces of paper and testing the ink or on one of the stainless metal items or saving it as a document in one of the small-sized fire-resistant storage that requires a password to open or on multiple USB drives. Every person who stored the seed and his keys and wrote them down must use them to open his wallet to ensure their accuracy.  Never disclose the location of these keys to strangers, and periodically check the safety of your storage methods.
sr. member
Activity: 490
Merit: 346
Let love lead
I was wondering... do you think that it would be a good idea to apply the 3-2-1 backup strategy for your keys?

It's actually a good strategy and it can't be overemphasized. We most times only talk about keys being compromised probably if being stored online or being exposed to the Internet. But then, our keys which had been stored offline locally might also be damaged or lost due to physical phenomenon. In countries where natural disasters is a thing, storing keys in different locations should be a good strategy as one cannot be too prepared for what might happen next. The 3,2,1 strategy is a good one and I myself also recommend using it.
Personally, I still have my own reservations on  storing your keys offline only. Just as online keys can be compromised, offline storage can too in the event of natural disasters , environmental unrest or robbery.

Visiting areas of offline storage periodically is very good to ascertain the validity of the data. I recommend this process, but in another form. Its good to use encryptions whenever you store your data. You can use PGP for the encryption (although I do mine personally from a private server and only get to store the secret key I used for the encryption for later decryption and not my actual seed phrases because I don't trust third party softwares), get to store the encrypted files with this format online,

Coming to offline storage, be sure to flip, and, or add some letters more to specific phrases, increase the number of phrases or just rearrange them how you can remember so you buy more time in the event of your phrases and, or keys getting into the wrong hands.

NB: I don't use JWT for my encryptions since it can  be decrypted by anyone online.
hero member
Activity: 2212
Merit: 805
Top Crypto Casino
As someone that hasn't been hacked personally but have seen people I have close relations and ties with get hacked, I have the following to add to OP's effort:
  • Don't save your passwords to browsers like Google saved passwords, Firefox sync or icloud from Apple. When it gets hacked, all your passwords are basically on display. Terrible idea.
  • Use a password manager: If you need to store passwords, use a password manager. Even better, you can use Bitwaden. It's an open source password managers that allow you to store in vaults. Remember to use a strong password and add 2FA  authentication for your vaults.
I wouldn’t recommend using a third party to store passwords. While I understand the convenience of using a password manager, the fact is that password managers can be hacked, remember when LastPass got hacked and users lost millions worth of their crypto. If you can’t store your passwords the old fashioned way and you want a password manager, go for one that’s is offline and open source.

Well said, SatoPrincess. I have never learnt of any offline password manager. I would appreciate if you could mention some. And yes, password managers can be hacked same way with how password saved with browser password managers can be hard. The general concensus I've seen across the board is that a dedicated password manager >>> browser password managers. The reason I like Bitwaden is because it is open source which means more eyes can see the codes before new updates are added. On the plus side, Bitwaden has 2FA authentication. A strong password + 2FA seem like the standard. In any case, I'm open to learn if there are more better ways to manage passwords that balances security and convenience.
hero member
Activity: 1722
Merit: 895
When saving your keys, it is very important to select a good medium, where your coins will be stored on. As we know, keys are most important for us to keep access to our coins, so we should carefully consider where we store our keys at.

Good mediums to store your keys at can be an offline paper, where you keep it in a safe location and protect it against light, humidity and fire and you will be safe to still have access to it for a very long time.
It is an important choice to keep private keys so that the assets we have are much safer stored in the place used. Storage media can be offline and it depends on how someone can keep the key well. If you are someone who likes to hold assets in the long term, then storing private keys is an option that must be carried out properly. Personally, I do not store private keys in the cloud like Google Drive or Dropbox because I think it is not very safe and still has loopholes to be broken into.

I prefer the offline version because it is much safer and more convenient for me, but after all, everyone has a different understanding of storing their private keys. So this issue must be a priority because it is very important to maintain the confidentiality of the private key so that the assets we have can be more secure.
hero member
Activity: 1050
Merit: 592
God is great
I was wondering... do you think that it would be a good idea to apply the 3-2-1 backup strategy for your keys?

For those not familiar with this strategy, it consists in three copies of your data, in two different media, and one of them off-site. As this info is critical, more copies will minimise the risk of losing the keys, but also increase the chances that some will fall into the wrong hands, especially if you keep one copy off-site.
Having three copies of data is not bad if it can be well managed by users but sometimes it can be risky because normally as humans a lot of things go through our minds that can enable us to forget or not to have a good attention of where these three copies of data is kept, but people are different though, for some person they would prefer a copy of data because it will be easy to be keep it safe and some people will also want to have more copies because they feel having just one is not safe for them and anything can happen.  

The most important thing is that whatever way we choose to keep data of our private keys and passwords,  it should be a style or strategy that one will be able to handle very well with care.
legendary
Activity: 2072
Merit: 4265
✿♥‿♥✿
People, in search of the best places to save their seed phrases and passwords that are important to them, sometimes go crazy, regularly hiding them or rewriting them from place to place. Such worry will only confuse you. Just write down your important phrases without fuss and save them somewhere you think fire or water cannot reach them. Of course, let your copies be in reasonable quantities; you shouldn’t accumulate them on every corner.
hero member
Activity: 1204
Merit: 802
Leading Crypto Sports Betting & Casino Platform
As someone that hasn't been hacked personally but have seen people I have close relations and ties with get hacked, I have the following to add to OP's effort:
  • Don't save your passwords to browsers like Google saved passwords, Firefox sync or icloud from Apple. When it gets hacked, all your passwords are basically on display. Terrible idea.
  • Use a password manager: If you need to store passwords, use a password manager. Even better, you can use Bitwaden. It's an open source password managers that allow you to store in vaults. Remember to use a strong password and add 2FA  authentication for your vaults.
I wouldn’t recommend using a third party to store passwords. While I understand the convenience of using a password manager, the fact is that password managers can be hacked, remember when LastPass got hacked and users lost millions worth of their crypto. If you can’t store your passwords the old fashioned way and you want a password manager, go for one that’s is offline and open source.
hero member
Activity: 1526
Merit: 555
Do not do anything fancy with your seed.

Simple keep it in an old good piece of paper. Make another backup, keep them in separate places if you can. Hide them. That is all you need.

No need for fancy materials or crazy methods...

Correct, do not overthink, the thing with crypto investors specially newbies though is that they think everything will be safe like putting it in cloud. The first rule of thumb is simply don't put it in the internet, like in you cloud account, your email.

Just used the old and traditional, write it down and make multiple backs up, hide it in a place that you only know.
hero member
Activity: 826
Merit: 583
I was wondering... do you think that it would be a good idea to apply the 3-2-1 backup strategy for your keys?

For those not familiar with this strategy, it consists in three copies of your data, in two different media, and one of them off-site. As this info is critical, more copies will minimise the risk of losing the keys, but also increase the chances that some will fall into the wrong hands, especially if you keep one copy off-site.
Yes, in my opinion it would be a good staretgy but it also depends on your locations if it's safe to store a copy at such locations so it all depends on each individual if such locations are easy and safe to store copies of our keys at.

The logic is very easy, when you are trying to save something valuable and important. Of course you will store it in a safe place. There's no harm in storing it in several places, the most important thing is to consider the one with the least risk of leakage.

If you have a private work space that would be better. So it will be out of reach of other people even if it is small children in your house. it's good enough to store keys manually or physically.
but I have confidence, there are still many crypto users who store their keys on devices such as Google Drive or other devices.
hero member
Activity: 602
Merit: 442
A Proud Father of Twin Girls 👧 👧
Do not do anything fancy with your seed.

Simple keep it in an old good piece of paper. Make another backup, keep them in separate places if you can. Hide them. That is all you need.

No need for fancy materials or crazy methods...
This is one straight to the point answer without beating around the bush.
Don’t joke with your keys as it is always stated in cryptocurrency that “Not Your Key, Not Your Coin” and the consciousness of this only should make you never want to you with your keys.

Another thing is that when writing your key down, always be case sensitive and note where there is capital letter and where there are lower cases (this is to help you avoid complications)

Please no need storing your keys online either in gmails or iCloud’s as there have been cases of people losing some whopping sum of their coins to theft and cloud compromise.

Your coin should be held with prestige and as such you should possibly get a good safe(physical safe) for your coin.
legendary
Activity: 2044
Merit: 1018
Not your keys, not your coins!
It's not your keys, it's not your bitcoin.

By this vital principle, you can guess how to back up your wallet seed phrase, your Bitcoin private keys.

Backup in whatever mean that gives access to your Bitcoin wallet seed phrase, private key, and your bitcoins to only you, no other else (companies or people). If your backup method satisfies this vital principle, it's good.

Surely Cloud storage is not a way to use.

How to back up a seed phrase
Why is seed spitting a bad idea?
Security checklist (chainsec.io)

Cloud storage is a kind of online account.

Reminder: do not keep your money in online accounts
hero member
Activity: 3024
Merit: 745
🌀 Cosmic Casino
Don’t store your keys too messy / always have a strategy to store your keys

It is important to keep an overview of your keys between your normal passwords and where you send it. Don’t mess it up because a mess is always a difficulty, when you are searching a certain password or keys and it is always recommended to have a good overview and a good saving strategy, where you will be able to find your passwords and keys again.
I've read some strategies that they're not going to put their seed words/phrases in a particular order. That's kind of messy and we're not always memory wizards. I agree that we should not be messy with how we store our keys because this is lifesaving to us. We won't be keeping these assets for long if this means nothing to us. Another crazy idea that I've seen about memorizing it entirely, well those that have sharp memory won't even do this and I guess even the sharpest minds and memories will have some mental blockage in due time and when you need it most, you'll never be able to remember it so, be wise with where and how you keep or store your keys.
sr. member
Activity: 728
Merit: 271
Online is not a safe place to store our wallet keys, be it an online vault or what they chose to name it. Storing your keys online is similar to storing your coins in a CEX, it can be hacked any time or any unforeseen actions might set in.

Writing down your keys and storing in a safe locations is hell of a great strategy to go safe. Since it's going to be for a long time of storage it's fundamental to make sure whatever means of writing that the ink is an indelible ink that can last for long as possible without fading off and even the to be written on must be a durable one. 

If you have your keys written on a paper, avoid storing in a cold or damp location for it not to be affected by moist which could cause damage to the clarity of your phrases.
hero member
Activity: 2212
Merit: 805
Top Crypto Casino
As someone that hasn't been hacked personally but have seen people I have close relations and ties with get hacked, I have the following to add to OP's effort:
  • Don't save your passwords to browsers like Google saved passwords, Firefox sync or icloud from Apple. When it gets hacked, all your passwords are basically on display. Terrible idea.
  • Use a password manager: If you need to store passwords, use a password manager. Even better, you can use Bitwaden. It's an open source password managers that allow you to store in vaults. Remember to use a strong password and add 2FA  authentication for your vaults.
  • Always write down your seed phrase. If your seed phrase is ever stored on a cloud storage, consider it compromised.

One time, a friend's icloud was hacked and they got access to his mails and passwords. Even worse, he saved multiple seed phrases as email "drafts". All got compromised in the end.
sr. member
Activity: 630
Merit: 298
I was wondering... do you think that it would be a good idea to apply the 3-2-1 backup strategy for your keys?

For those not familiar with this strategy, it consists in three copies of your data, in two different media, and one of them off-site. As this info is critical, more copies will minimise the risk of losing the keys, but also increase the chances that some will fall into the wrong hands, especially if you keep one copy off-site.

Yeah I think redundancy is should be a thing of concern, backing up seed phrases in many locations to me only exposes it more, three back ups are ok at different locations. Anything above that number will simply cause redundancy.

Other advice again OP is don’t do too much trying to save your seed phrase, things like designating certain symbols to the words instead of the actual words is tricky to me, using colours too like what some people use to indicate some words is also another bad method again. Keep the back up simple and normalize adding passphrase to the seed phrase and storing it separately
hero member
Activity: 1260
Merit: 765
Top Crypto Casino
Shit happens sometimes,  because if securing your wallet offline saves the most I think many could have not lost some of they coins due to careless handling of the wallet keys offline,  but hard it been that those wallet are stored in online server it could have been easily traced coins.

This happened to me some time ago when I stored on $60 worth of bitcoin on a blockchain wallet, and stored my wallet keys through paper writing,  I didn't store them online and I lost the paper so I couldn't recover the bitcoin.
Pages:
Jump to: