key safety strategies? - page 2. | Bitcointalksearch.org

20kevin20

legendary

Activity: 1134

Merit: 1598

Quote from: ranochigo on August 22, 2020, 10:37:19 PM

Hmm. You're supposed to check the seed a few times after writing down, to be fair. Doesn't Ledger prompt you to read the seeds again to verify if you've written it down correctly? It shouldn't be that big of a problem if you're supposed to verify it again in the first place.

I can't remember if it did the last time I had to reset it, to be honest.. yet, the moment is still kinda stressful and puts me into some kind of paranoia mode until I get back to my wallets, lol.

Quote from: FXforfun on August 24, 2020, 04:25:34 AM

- Yourself: After the years you could forget where did you hide your keys. How to recompound a sophisticated method. Who remember the password that open the magic box that stores the instructions to recover the seed?

To be honest, this one sucks the most. I mean, methods that require a good remembering mind suck and could go wrong for example if you suddenly have an unfortunate loss of memory.

I created a very complicated method to hide my keys (not very safe, but takes hella lot to find out what the pattern is) on a paper years ago and recently found the paper containing just the hidden key. I have no idea anymore what the method I have used was. Fortunately, it's empty though..

FXforfun

jr. member

Activity: 48

Merit: 89

Hi,
Probably the perfect solution doesn't exist. There are a number of threats that could compromise your keys:
- Malicious people/software/devices: Hackers could steal your keys stored on any software or third party, Burglers could steal the piece of paper where you wrote down your keys. Ok, splitting your keys in several copies could work
- Yourself: After the years you could forget where did you hide your keys. How to recompound a sophisticated method. Who remember the password that open the magic box that stores the instructions to recover the seed?
- Death! Let's assume that you find the strategy to preserve the keys that best suits you. When you die, who will recover your bitcoins?? You need to allow easy access to your keys for the day you pass away, otherwise these would be buried and forgotten forever

o_e_l_e_o

legendary

Activity: 2268

Merit: 18711

Quote from: Yamifoud on August 23, 2020, 05:17:38 PM

I only use an online wallet but having 2FA factors will be good enough for me to secure my fund on there.

2FA only protects your account from being directly accessed by an attacker, and even then it's not infallible and can be bypassed, reset, transferred, or phished. 2FA does absolutely nothing to protect your coins from the third party shutting down, going bankrupt, exit scamming, freezing your account, seizing your coins, implementing sudden KYC or other privacy invading policies, and so on. Do yourself a favor and withdraw your coins to your own wallet.

Quote from: taufik123 on August 23, 2020, 05:43:55 PM

there's nothing to fear with hardware wallet updates.

Provided you have your seed phrase backed up. There have been instances of wallets resetting themselves when being updated.

Quote from: taufik123 on August 23, 2020, 05:43:55 PM

Do not enter your private key on ~~phishing~~ websites

Fixed that for you. Do not enter your private key on any website, ever.

taufik123

legendary

Activity: 2674

Merit: 1823

Rollbit.com | #1 Solana Casino

there's nothing to fear with hardware wallet updates. Even updating the device wallet firmware will be safer with even better security updates.
The main security wallet any other hardware device or wallet you have depends on how you use it. Do not enter your private key on phishing websites which will easily retrieve your private key.
Storing private keys must be done properly and safely, do not let them connect to the internet that you do not monitor.
You also need to have a secure and offline backup of the private key, which is especially necessary when you lose the primary private key.

You also have to always be vigilant and don't get caught with phishing websites or fake websites that will take over your wallet.

Yamifoud

hero member

Activity: 2828

Merit: 518

Quote from: PointHope on August 22, 2020, 09:34:11 AM

What are the best private key safety tips.

I just learned about the CASA app. But it has a monthly fee.

I recently had a scare with the ledger hardware wallet update and a windows 7 computer.
Got it sorted but made me plenty nervous.
I will go for months without checking, and generally uninstall the ledger app from my devices.

What other srategies can I consider?

You are just risking your keys to losing when you are using any third party. To keep your keeps much better to have saved it offline or just print it. I'd never think how you confidence using ledger wallet because a lot of people using that.

All the safety of your wallet and private keys will depend on you, in fact, I only use an online wallet but having 2FA factors will be good enough for me to secure my fund on there. If you are too careless with your keys, letting your computer used by another person or being bold enough to others, the possibility that you might lose control of your wallet. You don't need to spend more about keeping your keys, enough to start how you handle them.

hatshepsut93

legendary

Activity: 3024

Merit: 2148

Quote from: o_e_l_e_o on August 23, 2020, 01:30:23 PM

With this method, an attacker who gets their hands on your USB can do two things. First of all, they can deduce from the Electrum files and data that you are storing bitcoin, and execute a $5 wrench attack to access it. Or they can replace the Electrum files with malicious ones (I doubt very much you would verify the Electrum files each and every time you open Electrum) and steal your coins. Neither of these attacks are possible with a permanent OS which is fully encrypted.

USB with wallet files and Electrum can be encrypted too. It's pretty much the same, in both cases the attacker will see some encrypted files, and in both cases it might rise their interest, so a $5 wrench attack is equally likely. Steganography can be used to get deniability in case of these attacks, but if the attacker is good with technology, this might not work.

seramania

full member

Activity: 827

Merit: 100

Quote from: PointHope on August 22, 2020, 09:34:11 AM

What are the best private key safety tips.

I just learned about the CASA app. But it has a monthly fee.

I recently had a scare with the ledger hardware wallet update and a windows 7 computer.
Got it sorted but made me plenty nervous.
I will go for months without checking, and generally uninstall the ledger app from my devices.

What other srategies can I consider?

are applications like casa convincing ?? use hardware wallets such as nano ledgers or trezzors as the safest storage media. because currently both types of wallets are proven to provide the best and most relevant storage. so the safest is a hardware wallet at this time

PointHope

full member

Activity: 317

Merit: 110

Got some good tips, thanks.

I like how easy the Electrum wallet works.

I quiit using win7 and now win10.
But windows is becoming more annoying with the increasing intrusiveness.

I'll probably got back to using a Linux only machine, which I havent used for a while. The learning curve was kinda tough for a younger boomer like me.
I've read how the newer Linux versions are easier to use nowadays.

Twentyonepaylots

sr. member

Activity: 1918

Merit: 370

Quote from: ranochigo on August 22, 2020, 09:42:11 AM

What's wrong with Ledger? Hardware wallets are generally the safest that you can get if you're not a very tech-savvy person and it's practically idiot proof if you don't type your seeds into random places.

Totally agree, if we are talking about storing keys hardware wallets would be the topmost in the list. I like what you called it "idiot-proof" lol. But this thing might costs you around $100 to $200, if you don't have this you better storing your keys offline.

Quote from: ranochigo on August 22, 2020, 09:42:11 AM

Hardware wallets are designed to store the keys only within the device itself and you can connect it to compromised computers without much problem (ideally not).

And also don't be an idiot acquiring hardware wallet on a random seller in the internet, they will sell you in a lower price but the hardware wallet is tampered or worst has a malware use in stealing funds. Either you have it or not, the safest way is to have a common sense.

daneal stev

full member

Activity: 280

Merit: 135

According to my personal opinion, the best advice that you can follow to protect your keys is to create backup copies of these keys, print more than one copy on the papers, and hide these papers in different places that only you can access, in addition to that you should stay away from storing your keys inside browsers and the Internet In addition to staying away from storing it inside a computer or mobile phone

o_e_l_e_o

legendary

Activity: 2268

Merit: 18711

Quote from: hatshepsut93 on August 23, 2020, 11:47:56 AM

You can download Electrum, put it on a USB and run this version instead of the one that is pre-installed.

With this method, an attacker who gets their hands on your USB can do two things. First of all, they can deduce from the Electrum files and data that you are storing bitcoin, and execute a $5 wrench attack to access it. Or they can replace the Electrum files with malicious ones (I doubt very much you would verify the Electrum files each and every time you open Electrum) and steal your coins. Neither of these attacks are possible with a permanent OS which is fully encrypted.

Quote from: hatshepsut93 on August 23, 2020, 11:47:56 AM

With my first cold storage setups I tried Ubuntu and Mint, and I've ran into issues with drivers and lack of a Python installation on the latter.

Yeah, I'm not a big fan of Mint, but I've never had a problem with Ubuntu. You could always try Debian if you really like Tails, since that's what Tails is built on.

hatshepsut93

legendary

Activity: 3024

Merit: 2148

Quote from: pooya87 on August 22, 2020, 11:32:44 PM

but Tails comes with Electrum pre-installed on it so you can't verify Electrum's signature anymore as far as i know because it is already extracted.

You can download Electrum, put it on a USB and run this version instead of the one that is pre-installed. Or you can put it in Tails' persistent storage if you use it.

Quote from: pooya87 on August 22, 2020, 11:32:44 PM

besides isn't it harder to use persistence with Tails that is designed by default not to leave anything behind? and if you want to use it installed on a USB to be used as the cold storage then you need persistence.

To me the amnesia feature is actually the biggest appeal of Tails, because it helps mitigate a theoretical airgap-jumping malware. I always transfer the unsigned transactions first, then I insert my USB with Electrum and wallet files and sign the transaction. After that I broadcast a transaction with mobile version of Electrum by scanning its QR code. This way, my keys are even less exposed than with persistent storage.

Quote from: o_e_l_e_o on August 23, 2020, 08:34:40 AM

I agree. Since my cold storage device will never connect to the internet, then I do not need most of the things that Tails provides. A general OS with full disk encryption provides better usability and better security.

With my first cold storage setups I tried Ubuntu and Mint, and I've ran into issues with drivers and lack of a Python installation on the latter. Tails worked out of the box, and pre-installed Electrum is a bonus. It's true that you have to trust them with it, but you have to trust them on a bigger scale anyway - if OS authors wanted to steal coins, they would do it with or without malicious wallet software.

Lucius

legendary

Activity: 3234

Merit: 5637

Blackjack.fun-Free Raffle-Join&Win $50🎲

Quote from: PointHope on August 22, 2020, 09:34:11 AM

I recently had a scare with the ledger hardware wallet update and a windows 7 computer.
Got it sorted but made me plenty nervous.
I will go for months without checking, and generally uninstall the ledger app from my devices.

It's been a long time since Ledger doesn't support Windows 7, and it's no wonder you've had problems with the firmware update - you're happy if you've managed to complete it successfully. What you should do is leave that now obsolete OS, it has become a thing of the past and will only create problems for you with Ledger. If you want to continue using Windows I suggest you do an update to W10. Your private keys will be safe in your hardware wallet as long as you keep your backup safe.

Quote from: ranochigo on August 22, 2020, 10:37:19 PM

Hmm. You're supposed to check the seed a few times after writing down, to be fair. Doesn't Ledger prompt you to read the seeds again to verify if you've written it down correctly? It shouldn't be that big of a problem if you're supposed to verify it again in the first place.

Ledger has something called Recovery Check app, but it is always desirable to perform a good old method to reset the device after the initial setup, and check if the same addresses are created after recovery.

molsewid

hero member

Activity: 2170

Merit: 530

Quote from: PointHope on August 22, 2020, 09:34:11 AM

What are the best private key safety tips.

I just learned about the CASA app. But it has a monthly fee.

I recently had a scare with the ledger hardware wallet update and a windows 7 computer.
Got it sorted but made me plenty nervous.
I will go for months without checking, and generally uninstall the ledger app from my devices.

What other srategies can I consider?

My strategies you might consider. I wrote it down in my small notebook, and keep it in a safe place. Even if somebody found this, it's safe here because in our place I'm the only one who knows how to use it. If you want extra safety, create many seeds, shuffle other seeds in your main seed and remember the pattern of your main wallet seed.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18711

Quote from: ranochigo on August 22, 2020, 10:37:19 PM

Doesn't Ledger prompt you to read the seeds again to verify if you've written it down correctly?

After you've written down your seed, the Ledger device will make you input each word in order from a multiple choice selection to ensure you have it correct.

Quote from: pooya87 on August 22, 2020, 11:32:44 PM

but Tails comes with Electrum pre-installed on it so you can't verify Electrum's signature anymore as far as i know because it is already extracted.

Correct. The best you can do is to verify Tails and to trust that they verified the version of Electrum which is bundled with it, or to download and verify the Linux Appimage from https://electrum.org/#download and use that one instead.

Quote from: pooya87 on August 22, 2020, 11:32:44 PM

besides isn't it harder to use persistence with Tails that is designed by default not to leave anything behind?

It's not too difficult. There are instructions on how to turn on Persistent Storage for Electrum here: https://tails.boum.org/doc/first_steps/persistence/configure/index.en.html#bitcoin
Bear in mind that although the persistent storage is encrypted, it will be only be as secure as your encryption phrase, so if your USB stick is lost or stolen then your coins may be at risk.

Quote from: pooya87 on August 22, 2020, 11:32:44 PM

i personally find it better to use a general purpose OS (like Ubuntu) for this purpose rather than a specialized one.

I agree. Since my cold storage device will never connect to the internet, then I do not need most of the things that Tails provides. A general OS with full disk encryption provides better usability and better security.

joniboini

legendary

Activity: 2170

Merit: 1789

Quote from: oleg8791 on August 22, 2020, 11:14:38 PM

try to learn your key by heart and keep the printed out copy in a wall safe.

What do you mean by learn your key by heart? Memorizing the seed(s)? That's not a good choice. Even if you can remember the mnemonics with some tricks, nothing guarantee that you can remember it tomorrow. Printing the copy is better as you mentioned, as long as you store it securely. Buying a wall safe is probably a good idea but I won't put it open where people can see it as if you tell people "hey, there is something valuable here".

pooya87

legendary

Activity: 3472

Merit: 10611

Quote from: hatshepsut93 on August 22, 2020, 09:40:42 PM

If you are not afraid to tinker with software a little bit, I'd suggest trying to make your own cold storage setup. You will need an old PC or laptop that will be used to access your wallet, and this device must be kept offline forever. You'll need to just get a USB stick, install Tails on it and run an offline Electrum wallet to create your wallet and then sign transactions when needed. Detailed guide [ur=https://electrum.readthedocs.io/en/latest/coldstorage.html?highlight=usbl]here[/url]. Also make sure to verify the signatures on each software in this setup - the OS, the wallet, etc.

but Tails comes with Electrum pre-installed on it so you can't verify Electrum's signature anymore as far as i know because it is already extracted.
besides isn't it harder to use persistence with Tails that is designed by default not to leave anything behind? and if you want to use it installed on a USB to be used as the cold storage then you need persistence.
i personally find it better to use a general purpose OS (like Ubuntu) for this purpose rather than a specialized one.

oleg8791

newbie

Activity: 48

Merit: 0

Quote from: AB de Royse777 on August 22, 2020, 09:38:37 AM

Make a multisig wallat, 2/2
Print out each keys, two copies each.
Key A X 2
Key B X 2

Give the copy of Key A to a group of people, family A
Give the copy of Key B to a group of people, family B

Make sure these two group, family do not know each others, but they are common known to you and close to you of course.

You can have more than 2 copies of each key but it's safer when you have lesser copies. The reason for two copies each is just in case anything happen to one copy then you always have another copy as backup.

Wow, it sounds so interesting and sophisticated. IMO the easiest way: try to learn your key by heart and keep the printed out copy in a wall safe.

ranochigo

legendary

Activity: 3038

Merit: 4418

Crypto Swap Exchange

Quote from: 20kevin20 on August 22, 2020, 06:17:55 PM

Can relate to the "scare" part: had my Ledger update go wrong once, which resulted in a stressful search on how to fix that and had to fully reset of the device. The scariest part is having to re-introduce the seed and wondering if you have even written down the correct seed upon initialization.

Hmm. You're supposed to check the seed a few times after writing down, to be fair. Doesn't Ledger prompt you to read the seeds again to verify if you've written it down correctly? It shouldn't be that big of a problem if you're supposed to verify it again in the first place.

hatshepsut93

legendary

Activity: 3024

Merit: 2148

If you are not afraid to tinker with software a little bit, I'd suggest trying to make your own cold storage setup. You will need an old PC or laptop that will be used to access your wallet, and this device must be kept offline forever. You'll need to just get a USB stick, install Tails on it and run an offline Electrum wallet to create your wallet and then sign transactions when needed. Detailed guide here. Also make sure to verify the signatures on each software in this setup - the OS, the wallet, etc.

Topic: key safety strategies? - page 2. (Read 561 times)