Make this an habit | Bitcointalksearch.org

Ever-young

sr. member

Activity: 1288

Merit: 231

Hire Bitcointalk Camp. Manager @ r7promotions.com

Quote from: Churchillvv on May 31, 2024, 02:10:52 PM

Perhaps it's a good thinking but one thing you must remember is that hijackers/scammers/hackers are one of the most intelligent people and your gesture is not what will prevent them from hijacking it.

If you want to prevent compromise you should do your things offline and whatever hot wallet you use should be know or have the awareness that it could be targeted one day hence reduce the rate of trust or dependant on it. you can only keep a few dollars and or bitcoin in it or you should only use the for quick usage and not storing your assets for long.

You are absolutely correct, scammers can be very intelligent, smart and also cunning, if someone is not careful, we might fall into their trap.

That is why we should be very careful and also be smart, when it comes to an unknown app or any unknown link and before doing anything, we can ask questions or do research to be sure of it first and even if we are sure, we should try to invest with small amount we can afford to lose incase things doesn't fall in place as we have plan.

Publictalk792

sr. member

Activity: 448

Merit: 354

Quote from: johnsaributua on June 05, 2024, 06:59:33 PM

Your concern in the device especially the keyboard is reasonable because all sources can start from there, but the keyboard is a very important part, as long as you don't use the clipboard by not copying and pasting carelessly, I think it's safe so far, because it doesn't leave a mark on any device (type manually). I often try. Even if it is possible to copy and paste because of the rush of time, it is better to type a few letters manually (for private keys) maybe 3-7 letters / numbers and phases I input manually and save on paper. Indeed, along with the times the mobile app allows random and similar choices to appear, this makes it easier but I prefer to do it manually. Indeed, the digital footprint is real especially if it has been infiltrated by irresponsible people. But it can be minimised as best as possible. because behind a busy routine certainly requires good and strong security.

You are right to worry about keeping your devices safe especially when using keyboards. But if we are careful and do not copy and paste important information it's likely safe. It is good idea to type important information like private keys yourself even if it just few letters or numbers. While apps may offer easy options typing things ourself is better. It is true that using devices can leave trail that others can see especially if our device has been hacked. But if we are careful and take steps to keep our information safe we can reduce risk and keep our devices secure even when we are busy.

johnsaributua

sr. member

Activity: 812

Merit: 257

PredX - AI-Powered Prediction Market

Your concern in the device especially the keyboard is reasonable because all sources can start from there, but the keyboard is a very important part, as long as you don't use the clipboard by not copying and pasting carelessly, I think it's safe so far, because it doesn't leave a mark on any device (type manually). I often try. Even if it is possible to copy and paste because of the rush of time, it is better to type a few letters manually (for private keys) maybe 3-7 letters / numbers and phases I input manually and save on paper. Indeed, along with the times the mobile app allows random and similar choices to appear, this makes it easier but I prefer to do it manually. Indeed, the digital footprint is real especially if it has been infiltrated by irresponsible people. But it can be minimised as best as possible. because behind a busy routine certainly requires good and strong security.

moneystery

full member

Activity: 868

Merit: 202

but not all wallets have this feature, moreover it is more complicated to choose various words given by the application and some viruses can spy on your screen. so it is more secure to use a separate device for your crypto wallet, iphone can be one of the recommendations for a secure device to be able to store your crypto wallet and iphone has good security against hacking.

Zanab247

full member

Activity: 1358

Merit: 207

Catalog Websites

I guess beginners have learned something new from this your trend, because that is the system I use to recover my seeds phrase whenever I discovered that my coins are no longer safe in my wallet.

Beginners can make it their habits, and it will help them not to be wasting their time in typing the seed phrase for long time because the alphabet will make it easy for them to select the seeds phrase words accordingly without mistake and it will help them to recover their money easily.

Ensure you always write your seed phrase down, and do everything possible to make sure they are in a safe place, so that when something bad happen to your computer, it will be easy for you to use this strategy to recover your money.

Cadaver20

sr. member

Activity: 1582

Merit: 264

Next Generation Web3 Casino

I do this often. But I do it not out of caution but out of laziness. Instead of writing a full word, if we write one or two characters, the suggestion comes from there, it is easy to select the word. And that's why I do it. But I didn't know the security involved. Thanks to the OP for alerting us. No matter how beneficial it is, there is no possibility of harm if we practice it.

Outhue

sr. member

Activity: 686

Merit: 403

Quote from: Knight Hider on May 31, 2024, 08:21:17 AM

Quote from: Outhue on May 31, 2024, 08:04:59 AM

Even if your keyboard is spying on you this will prevent it from happening.

If your keyboard is spying on you, you should not use the device.

You have no idea, what's not spying on you on smartphones this days? Even the official OS that comes with your phone is watching, if your keyboard is storing up your words you won't know mate, its just a precaution advice.

Cryptomultiplier

full member

Activity: 952

Merit: 232

Quote from: Belarge on June 02, 2024, 03:05:36 AM

Quote from: Jegileman on May 31, 2024, 02:38:10 PM

I have come across this several times and I think this feature is in almost all the wallets I have used. I think the word phrase that are used to generate these seed phrases are known words to all these standard wallets. I use to imagine how typing just two letters of the words will pop out many words and see the one you’re actually looking for to fill in immediately.

I don’t know the connection this will have to the keyboards and how safer it is to use this method to avoid hack or scam, but it doesn’t definitely prevent anything to my understanding because of how hacking and scamming are now advance beyond what you could think of today. The idea is good and would be much better if it really helps to stop hacking into the persons computer.

Everyone is finding their way to ensure they've a smooth running operational service in the system and not indulge in complex activity that will ruined them. Today comes with promising futures and we should become stable and strive for greatness. Hacks from anonymous source will keep scouting and surfing for victims, more reason we should be careful and never doubt our chances of exploring in the system. Our private key phrases should be kept in disclosed sectors inother to prevent exposure.

I sincerely understand your concern as this has been mine as well, but the truth is that, using a smart keyboard is sure to eliminate the risk of hack or scam, so long as one is able to be consistent with their crypto currency investment and HODLing and is able to avoid saving the key words on the keypad.
Even with the memories of previous login , a private key for more than one hot wallet should be confusing enough for hackers and scammers to lay hold of.

Porfirii

legendary

Activity: 1932

Merit: 2354

The Alliance Of Bitcointalk Translators - ENG>SPA

It is almost the same case as with banking applications which send you a code via SMS to login and you can either type it with the keyboard or simply tap it number by number. If you type them you are vulnerable to keylogger infection, so it is much safer to tap them.

I think that most of us behave that way with our applications, but I don't think many people was aware of this method to write safely your seed phrase.

Quote from: suzanne5223 on May 31, 2024, 02:47:17 PM

Quote from: Outhue on May 31, 2024, 08:04:59 AM

<...>

The idea seems nice but it still doesn't provide any security from spies. Yes, your keyboard won't know the full words but the spy can predict the remaining letter using the exact strategy you adopted or using the recovery seeds list.
The best solution is to prefer your device to any form of attack or spy and not use a mobile wallet for a huge crypto fund.

Well, the proposed one is not an infallible solution as we all know that smartphones are more vulnerable, but it's still better than nothing. Although your contribution should be appreciated.

Lucius

legendary

Activity: 3234

Merit: 5637

Blackjack.fun-Free Raffle-Join&Win $50🎲

Quote from: Mia Chloe on May 31, 2024, 09:33:42 AM

I understand you are trying to help Outhue but tapping the words when the suggestion pops up isn't much of a big deal but the fact is that it's a very mere level of security. If your device is infected with with a phishing malware by a hacker they can still get your seed phrase in that situation easily.
~snip~

There is of course a way for someone to expose their seed through phishing if they use an online wallet or download a fake crypto wallet - but what the OP is talking about is something completely different. Entering a seed into a legitimate wallet on a device infected with some type of malware can also be fatal, so every device should be checked with AV/antimalware software before such actions.

In addition, every desktop or mobile wallet is a risk in itself, which means that you do not store more in them than what you can afford to lose.

Belarge

full member

Activity: 560

Merit: 100

Eloncoin.org - Mars, here we come!

Quote from: Jegileman on May 31, 2024, 02:38:10 PM

I have come across this several times and I think this feature is in almost all the wallets I have used. I think the word phrase that are used to generate these seed phrases are known words to all these standard wallets. I use to imagine how typing just two letters of the words will pop out many words and see the one you’re actually looking for to fill in immediately.

I don’t know the connection this will have to the keyboards and how safer it is to use this method to avoid hack or scam, but it doesn’t definitely prevent anything to my understanding because of how hacking and scamming are now advance beyond what you could think of today. The idea is good and would be much better if it really helps to stop hacking into the persons computer.

Everyone is finding their way to ensure they've a smooth running operational service in the system and not indulge in complex activity that will ruined them. Today comes with promising futures and we should become stable and strive for greatness. Hacks from anonymous source will keep scouting and surfing for victims, more reason we should be careful and never doubt our chances of exploring in the system. Our private key phrases should be kept in disclosed sectors inother to prevent exposure.

taufik123

legendary

Activity: 2716

Merit: 1855

Rollbit.com | #1 Solana Casino

Quote from: Cricktor on June 01, 2024, 11:40:39 AM

-snip-
Pay attention to the keyboard apps you use on your mobile device for your wallet. Some of those keyboard apps use cloud services for spell checking or to make better suggestions for auto-completion. You don't want such things for your mobile wallet.
-snip-

Like today's built-in Keyboard app that uses Gboard,
you can also turn off the Data collection feature of the keyboard used in the privacy settings.

But more important than all is the security of the device used and how careful the user is in using the device.
Many smartphone devices are infected with malware due to user error,
so all data is intercepted and eventually everything is controlled by hackers.

Cricktor

hero member

Activity: 714

Merit: 1010

Crypto Swap Exchange

If you really have to setup a hot wallet on a mobile phone, I don't recommend this wallet to control large amounts of value. Your mobile phone is likely a device with which you do a lot of internet, social media and mobile games shit. Not the best prerequisites for security in my opinion.

Pay attention to the keyboard apps you use on your mobile device for your wallet. Some of those keyboard apps use cloud services for spell checking or to make better suggestions for auto-completion. You don't want such things for your mobile wallet.

Use strictly privacy honoring keyboard apps that are preferably open-source without any fancy stuff that might leak details of your wallet you would never want to be leaked.

The clipboard for copy/paste on a mobile device is usually visible for all apps on that mobile device. Think about it in terms of security if you copy/paste your wallet's recovery words.

A mobile wallet app that doesn't care about a secure input method used for sensitive data isn't worth to be installed.

jrrsparkles

sr. member

Activity: 2520

Merit: 280

Hire Bitcointalk Camp. Manager @ r7promotions.com

Quote from: Outhue on May 31, 2024, 08:04:59 AM

As you can see from the image, you don't need to type out Guard or Guitar, all you need to type using your keyboard is the first and second alphabet, select the rest using the wallet words guesses to complete the words.

Your keyboard won't know the full words as many words start with the letter G and U, and also other words.

Make this an habit.

This doesn't increase the security at all, maybe if the spyware doesn't know the exact word but just as you said it narrowed down the possible word to 6 instead of 2048 and if you do for all the 12 words it just take less than 2 minutes to brute force the seeds and take away everything.

Make sure the keyboard you're using is not contain any spyware or better use the virtual keyboard like we see in Electrum which is nothing but the floating keyboard so no one able to find the keystrokes unless your entire screen is captured by the spyware.

suzanne5223

hero member

Activity: 2660

Merit: 651

Want top-notch marketing for your project, Hire me

Quote from: Outhue on May 31, 2024, 08:04:59 AM

Extra security precaution is not bad at all, if you are with me on this one then let's go.

For all hot wallet users, this advice is a plus and if you carefully think about it you will see how helpful this can be..

We are used to importing Recovery seeds typing typing the words using the keyboard on our phones but how about using the screen to fill the complete words instead?

Even if your keyboard is spying on you this will prevent it from happening.

[snip]

As you can see from the image, you don't need to type out Guard or Guitar, all you need to type using your keyboard is the first and second alphabet, select the rest using the wallet words guesses to complete the words.

Your keyboard won't know the full words as many words start with the letter G and U, and also other words.

Make this an habit.

The idea seems nice but it still doesn't provide any security from spies. Yes, your keyboard won't know the full words but the spy can predict the remaining letter using the exact strategy you adopted or using the recovery seeds list.
The best solution is to prefer your device to any form of attack or spy and not use a mobile wallet for a huge crypto fund.

Jegileman

sr. member

Activity: 434

Merit: 199

I have come across this several times and I think this feature is in almost all the wallets I have used. I think the word phrase that are used to generate these seed phrases are known words to all these standard wallets. I use to imagine how typing just two letters of the words will pop out many words and see the one you’re actually looking for to fill in immediately.

I don’t know the connection this will have to the keyboards and how safer it is to use this method to avoid hack or scam, but it doesn’t definitely prevent anything to my understanding because of how hacking and scamming are now advance beyond what you could think of today. The idea is good and would be much better if it really helps to stop hacking into the persons computer.

Churchillvv

member

Activity: 66

Merit: 5

Eloncoin.org - Mars, here we come!

Perhaps it's a good thinking but one thing you must remember is that hijackers/scammers/hackers are one of the most intelligent people and your gesture is not what will prevent them from hijacking it.

If you want to prevent compromise you should do your things offline and whatever hot wallet you use should be know or have the awareness that it could be targeted one day hence reduce the rate of trust or dependant on it. you can only keep a few dollars and or bitcoin in it or you should only use the for quick usage and not storing your assets for long.

Zaguru12

hero member

Activity: 868

Merit: 952

Quote from: PX-Z on May 31, 2024, 01:04:57 PM

Most mobile wallet have this feature, but not for desktop, IIRC electrum desktop wallet doesn't have such feature or maybe i'm wrong, i can't remember the last time i used electrum to import seed.

Yes most wallets usually have this feature reason been that they use the BIP39 custom seed phrase so they take suggestions from its wordlist, the likes of electrum wallet both desktop and mobile do not have this feature maybe because they use there own custom seed phrase. To me it’s not a bad feature but it’s still normal because most of the keylogger problems we hear of are mostly from people that uses custom keyboards rather than the wallets default keyboard and if it is so then even if you don’t get cut from seed phrase import you might still be caught when probably copying addresses.

Quote from: Aanuoluwatofunmi on May 31, 2024, 10:36:23 AM

Using any hot wallet itself has already bridge the security measure we could give to our coins because its one of the simplest ways we can easily loose them, they are connected to the internet and that alone is a loophole for achieving a maximum security practice to an extent.

But yuh know that you can actually use hot wallet in an airgapped device and make it a cold wallet. Most at times the bridge is how you handle your wallet backups. But surely any wallet connected to the internet is at risk

PX-Z

hero member

Activity: 1554

Merit: 880

pxzone.online

Quote from: Hatchy on May 31, 2024, 08:16:23 AM

This is a normal thing for most standard wallets. When you want to import your seed pharse, you don't actually need to type in the full words. You wallets automatically recognizes the words from the first two letters and gives you a suggestion from the list of 2048 BIP-39 Seed Recovery Phrase Words.

Most mobile wallet have this feature, but not for desktop, IIRC electrum desktop wallet doesn't have such feature or maybe i'm wrong, i can't remember the last time i used electrum to import seed.

I know such feature is to avoid words from being misspelled and not from actually hacking. Regardless if only the keyboard has keylogger, it should be considered that the device is already infected and not safe storing any kind of info especially using online wallets.

alastantiger

sr. member

Activity: 574

Merit: 310

Quote from: Outhue on May 31, 2024, 08:04:59 AM

As you can see from the image, you don't need to type out Guard or Guitar, all you need to type using your keyboard is the first and second alphabet, select the rest using the wallet words guesses to complete the words.

Your keyboard won't know the full words as many words start with the letter G and U, and also other words.

Make this an habit.

I have learned something new today despite reading the comments from other members. I think that ensuring that your security software on your device is the recent version also adds a layer of security to this as well. Are a rule of thumb we should make it a habit to stay up to date with the latest security information and hackers strategies.
Some people may not like this as as they think they have a better one, I say it doesn't matter. There are different ways to go about this and if this is the most preferred option for the individual assuming there are no security loopholes then use it.

Upgrade00

legendary

Activity: 2114

Merit: 2248

Playgram - The Telegram Casino

Quote from: Outhue on May 31, 2024, 08:04:59 AM

Your keyboard won't know the full words as many words start with the letter G and U, and also other words.

There are only so many words which can be used. The BIP39 word list consists of 2048 words, only so many of those starts with "gu". Those six words highlighted are the only ones on the list starting with those two letters, so the hacker would have narrowed it down to six possible options.
This will still be a near impossible task to accomplish if the hacker has 5 or 6 guesses for the entire 12 word phrase. There are multiple sequences in which it can be arranged.

I recommend using a wallet with a virtual keyboard.

Baghdad

jr. member

Activity: 31

Merit: 7

Simply here to correct the use of “an" for a consonant "h" is wrong. Initially thought that it was a typo, but was amazed to see it again at the bottom line of his writing. The first sound determines whether a or an would be used before some word. Honor is a better example.

Aanuoluwatofunmi

sr. member

Activity: 672

Merit: 416

stead.builders

Quote from: Outhue on May 31, 2024, 08:04:59 AM

Extra security precaution is not bad at all, if you are with me on this one then let's go.

For all hot wallet users, this advice is a plus and if you carefully think about it you will see how helpful this can be

Using any hot wallet itself has already bridge the security measure we could give to our coins because its one of the simplest ways we can easily loose them, they are connected to the internet and that alone is a loophole for achieving a maximum security practice to an extent.

Quote from: Outhue on May 31, 2024, 08:04:59 AM

We are used to importing Recovery seeds typing typing the words using the keyboard on our phones but how about using the screen to fill the complete words instead?

All are the same to me, i see no difference as long as it was suggested to you on the screen for use, they can attack through the use of keyboard, the device you're using may store the words you input on the screen.

Mia Chloe

sr. member

Activity: 448

Merit: 560

Crypto Casino and Sportsbook

I understand you are trying to help Outhue but tapping the words when the suggestion pops up isn't much of a big deal but the fact is that it's a very mere level of security. If your device is infected with with a phishing malware by a hacker they can still get your seed phrase in that situation easily. Some malwares are even able to mirror your device's screen and if that happens tapping the suggestions can't save such person from losing funds.
In fact key loggers can also be very dangerous too. Coins are not 100% safe weather online or offline just that they are safer online than offline. Offline coins can still be stolen via burglary or theft. The fact is that as long as the coins exist, the threats also exist simultaneously it now depends on the hodler's ability to keep his funds safe.

cryptoaddictchie

legendary

Activity: 2254

Merit: 1377

Fully Regulated Crypto Casino

Good instinct but what does it help if your device was already compromise. I think the scammer would still figure it out anyway.

To be more careful is to protect your device from harmful sites or links. You can do the normal one like copy paste or written off complete words if you arent worried of potential breach. By this you are telling that somethings wrong on your keyboard or device since you are acting as if there is.

Knight Hider

member

Activity: 239

Merit: 59

a young loner on a crusade

Quote from: Outhue on May 31, 2024, 08:04:59 AM

Even if your keyboard is spying on you this will prevent it from happening.

If your keyboard is spying on you, you should not use the device.

Hatchy

sr. member

Activity: 336

Merit: 365

The Alliance Of Bitcointalk Translators - ENG>PID

This is a normal thing for most standard wallets. When you want to import your seed pharse, you don't actually need to type in the full words. You wallets automatically recognizes the words from the first two letters and gives you a suggestion from the list of 2048 BIP-39 Seed Recovery Phrase Words. So you don't have to write out every thing. Some red flag wallets allows you to copy and paste words instead, which I think is going to put your funds at risk as they might be exposed to spywares, unknown to you.

tranthidung

legendary

Activity: 2310

Merit: 4085

Farewell o_e_l_e_o

Quote from: Outhue on May 31, 2024, 08:04:59 AM

As you can see from the image, you don't need to type out Guard or Guitar, all you need to type using your keyboard is the first and second alphabet, select the rest using the wallet words guesses to complete the words.

Your keyboard won't know the full words as many words start with the letter G and U, and also other words.

Make this an habit.

As I know, not all wallets will have a feature to give you a list of possible seed word when you type a first, second characters of the word. So even this practice is good, it can not apply for all wallets.

I am also doubtful about this method can help anything, because if your device is infected, maybe your keyboard, your activities on screen can be spied already by hackers' tools. So typing or choosing a word from a drop down list, is similar.

I am not a security expert, just my guess, and your method can work if hackers don't install many tools with multiple tasks on your device.

Outhue

sr. member

Activity: 686

Merit: 403

Extra security precaution is not bad at all, if you are with me on this one then let's go.

For all hot wallet users, this advice is a plus and if you carefully think about it you will see how helpful this can be..

We are used to importing Recovery seeds typing typing the words using the keyboard on our phones but how about using the screen to fill the complete words instead?

Even if your keyboard is spying on you this will prevent it from happening.

As you can see from the image, you don't need to type out Guard or Guitar, all you need to type using your keyboard is the first and second alphabet, select the rest using the wallet words guesses to complete the words.

Your keyboard won't know the full words as many words start with the letter G and U, and also other words.

Make this an habit.

Topic: Make this an habit (Read 276 times)