Pages:
Author

Topic: Options for Securing your Bitcoin wallet - page 3. (Read 13579 times)

legendary
Activity: 1722
Merit: 1000
Satoshi is rolling in his grave. #bitcoin
This is one long but very useful post.
I have a lot of reading and safety measures to take.

So far I have my wallet stored on off-line (never used) equipment and on usb.

Is that not safe enough?

Odd of both usb broken and equipment failed at the same time is small but non-zero.

So what do you suggest?
Paper wallets?
Multisig paper wallets maybe? (for extra security)

What would be a fail-proof solution in your guys opinion?

There is no such thing as a fail proof solution. If you're not dealing with some great amounts of bitcoins, i would just recommend paper wallets.
There's no point in having bank-alike security/safety for amounts of a couple of thousands USD at best. You're overthinking it.

cheers
hero member
Activity: 658
Merit: 501

So what do you suggest?
Paper wallets?
Multisig paper wallets maybe? (for extra security)

What would be a fail-proof solution in your guys opinion?

You are somewhat secure.

As long as all the devices are secure and you backup your HD seed or another wallet backup in another usb stick and store that in a secure location offsite and encrypted with a high entropy unique password than the only risk you may have is the original machine being compromised (unlikely as long as you took a few precautions) or you forget your passphrase.

This is where using either mutisig or Shamir’s 2-of-3 Secret Sharing Scheme comes into play because it protects you from both physical theft, hardware failures, or you developing amnesia and forgetting the passphrase.

It is also a good idea to split up your balances so not all of it is saved in one device in case it gets exploited and all your private keys stolen in one transaction. With paperwallets this is easier done.
sr. member
Activity: 462
Merit: 250
This is one long but very useful post.
I have a lot of reading and safety measures to take.

So far I have my wallet stored on off-line (never used) equipment and on usb.

Is that not safe enough?

Odd of both usb broken and equipment failed at the same time is small but non-zero.

So what do you suggest?
Paper wallets?
Multisig paper wallets maybe? (for extra security)

What would be a fail-proof solution in your guys opinion?
full member
Activity: 153
Merit: 100
This is one long but very useful post.
I have a lot of reading and safety measures to take.

So far I have my wallet stored on off-line (never used) equipment and on usb.

Is that not safe enough?

Odd of both usb broken and equipment failed at the same time is small but non-zero.
sr. member
Activity: 462
Merit: 250
This is one long but very useful post.
I have a lot of reading and safety measures to take.

So far I have my wallet stored on off-line (never used) equipment and on usb.

Is that not safe enough?
hero member
Activity: 658
Merit: 501
I used poloniex exchange and enable GA(very important), it's safe and reliable, I have used there over 1 year.(maybe longer I am not sure)

Although poloniex was hacked long time ago, they didn't run away with customers' funds, it's the best altcoin exchange.

This is poor advice and likely a mistaken post. Exchanges are merely tools to temporarily use to exchange between coins or currencies and never a secure option to safeguard your savings.

Even well regulated insured exchanges are insecure against multiple forms of theft such as "legal" theft under litigation and asset forfeiture, fraud and terrorism suspicions freezing your funds, and tax theft to name a few.  

Really? I used it for over 2 years, and never been hacked, I have stored there over 100btc, Google authenticator is secure enough, to make wallet secure, GA is neccessary.  Grin

I know some cases who lost a few bitcoin(0.X btc) in local wallet, it's not secure at all. Trojans may destroy local wallets and steal bitcoin.

And we are also all very well aware of the thousands of users who lost everything with hot wallets and exchanges that get "hacked".
Your advice is very odd considering what has happened over the last 3 years where more was stolen with exchanges and hot wallets than any other way. poloniex has multiple red flags as well and thus even more suspected than exchanges like coinbase.

Do you work for, work with , or have some special financial relationship with poloniex ?
hero member
Activity: 840
Merit: 1000
I used poloniex exchange and enable GA(very important), it's safe and reliable, I have used there over 1 year.(maybe longer I am not sure)

Although poloniex was hacked long time ago, they didn't run away with customers' funds, it's the best altcoin exchange.

This is poor advice and likely a mistaken post. Exchanges are merely tools to temporarily use to exchange between coins or currencies and never a secure option to safeguard your savings.

Even well regulated insured exchanges are insecure against multiple forms of theft such as "legal" theft under litigation and asset forfeiture, fraud and terrorism suspicions freezing your funds, and tax theft to name a few.  

Really? I used it for over 2 years, and never been hacked, I have stored there over 100btc, Google authenticator is secure enough, to make wallet secure, GA is neccessary.  Grin

I know some cases who lost a few bitcoin(0.X btc) in local wallet, it's not secure at all. Trojans may destroy local wallets and steal bitcoin.
legendary
Activity: 2282
Merit: 1050
Monero Core Team
Hey I'm using windows 8.1 RT and I cant download anything from outside except the store and the Store Doesn't have any Bitcoin related Applications! Now how do I setup a cold wallet? Sad

You can't. Windows 8.1 RT can best be described as a Portable Orwellian Telescreen. Only those applications authorized by Big Brother (Microsoft and the MPAA) are permitted and Bitcoin is not one of them. I would recommend a computer running GNU/Linux for anything related to Bitcoin.
sr. member
Activity: 322
Merit: 250
I have to say none of this scheme are simple enough, at the same time, secure enough.
We need something more simple and easy to use.
hero member
Activity: 658
Merit: 501
Hey I'm using windows 8.1 RT and I cant download anything from outside except the store and the Store Doesn't have any Bitcoin related Applications! Now how do I setup a cold wallet? Sad

All the information is listed in the first post. I would suggest you get a laptop that doesn't run windows RT either(No one should subject themselves to RT). In the meantime you will need to use a different computer or get a mycelium entropy. If you are really paranoid you may have to temporarily store your bitcoins in a multisig hot wallet service(4 examples referenced) until you can get the right resources to secure the bitcoins yourself.
hero member
Activity: 518
Merit: 501
Error 404: there seems to be nothing here.
Hey I'm using windows 8.1 RT and I cant download anything from outside except the store and the Store Doesn't have any Bitcoin related Applications! Now how do I setup a cold wallet? Sad
hero member
Activity: 658
Merit: 501
One Question:

What do you recommend?

There isn't one recommendation as people should use multiple wallets and be willing to weigh risk/convenience.

What I do now -
Spending - Use Mycelium HD wallet(with pin) on my android with 200 usd of bitcoin max. HD seed backed up physically in safe.
Spending - Use Bitcoin QT wallet on my primary computer with 200 usd of bitcoin max with a completely unique and high entropy password. There are many security practices that need to be done with primary computer.
Savings - Entropy with Shamir’s 2-of-3 Secret Sharing Scheme for my cold storage savings where 1 key is encrypted in my password manager, the second key is laminated in my safe, and the third key is laminated and secured in an offsite location.


What is slightly less secure but acceptable for many-
Spending - Use Mycelium HD wallet(with pin) on my android with 200 usd of bitcoin max. HD seed backed up physically in safe.
Spending - Use Bitcoin QT wallet on my primary computer with 200 usd of bitcoin max with a completely unique and high entropy password. There are many security practices that need to be done with primary computer.
Savings - offline computer with clean fresh linux install that never touches any external HD / memory/ network that the primary computers touch and with no extra software installed and just used to store your bitcoins. It is better to physically disable your network wifi card but acceptable to simply not connect to the network unless needing to download the blockchain.

Or using a hardware wallet, or using multiple paper wallets/coins with different ballances on them and properly secured(if they are created securely.

In other words you need to read the information in the first post and use cold storage for security of your savings.
hero member
Activity: 518
Merit: 501
Error 404: there seems to be nothing here.
One Question:

What do you recommend?
hero member
Activity: 658
Merit: 501
I won't go into the exact details, but I have a couple of BIP38 encrypted paper wallets - so if they're lost or stolen it isn't a big deal (as long as you're password is of sufficient complexity). Because I don't actively have any need to move large amounts of coins I don't run a cold storage system with offline signing, but my advice would be an offline version of Armory making use of a Linux distro (confirm SHA and MD5 sums) which you can use to sign transactions. As usual keep everything encrypted in the case of physical theft.

Good advice but has the downfall of human error with some people with bad memories who forget the passphrase to unencrypt their private keys.

The other way is to use either Shamir’s 2-of-3 Secret Sharing Scheme or mutisig to secure your backup of cold storage where all you have to do is remember the physical location of the keys.

Entropy uses Shamir’s 2-of-3 Secret Sharing Scheme
http://asicminer-shop.de/Mycelium-Entropy
hero member
Activity: 742
Merit: 502
Circa 2010
I won't go into the exact details, but I have a couple of BIP38 encrypted paper wallets - so if they're lost or stolen it isn't a big deal (as long as you're password is of sufficient complexity). Because I don't actively have any need to move large amounts of coins I don't run a cold storage system with offline signing, but my advice would be an offline version of Armory making use of a Linux distro (confirm SHA and MD5 sums) which you can use to sign transactions. As usual keep everything encrypted in the case of physical theft.
legendary
Activity: 1736
Merit: 1023
Paper wallets seem to work well for me for now. Interested in possibly getting a hardware wallet down the line but will have to see.

The idea of using the TI89 was interesting, hadn't seen that one. The comments on reddit mentioned some possible security concerns with it, but it also seems like it'd be an annoying process lol.
hero member
Activity: 658
Merit: 501
I used poloniex exchange and enable GA(very important), it's safe and reliable, I have used there over 1 year.(maybe longer I am not sure)

Although poloniex was hacked long time ago, they didn't run away with customers' funds, it's the best altcoin exchange.

This is poor advice and likely a mistaken post. Exchanges are merely tools to temporarily use to exchange between coins or currencies and never a secure option to safeguard your savings.

Even well regulated insured exchanges are insecure against multiple forms of theft such as "legal" theft under litigation and asset forfeiture, fraud and terrorism suspicions freezing your funds, and tax theft to name a few.  
hero member
Activity: 840
Merit: 1000
I used poloniex exchange and enable GA(very important), it's safe and reliable, I have used there over 1 year.(maybe longer I am not sure)

Although poloniex was hacked long time ago, they didn't run away with customers' funds, it's the best altcoin exchange.
hero member
Activity: 658
Merit: 501

http://motherboard.vice.com/read/how-to-make-a-bitcoin-address-with-a-ti-89-calculator

12-sided dice and a TI-89 Calculator to create a bitcoin address.

https://www.reddit.com/r/Bitcoin/comments/3107me/demo_bitcoin_diceware_on_a_ti89_graphing/cpxj4v9

Pros;

    The RNG is improbable to be weak.
    The RNG is impossible to be backdoored.
    Privkey never enters a networked system.
    Privkey cannot linger in memory or hardisk (there's none).
Cons;

    Very obscure.
hero member
Activity: 658
Merit: 501
Good post on hardware wallets - https://bitcointalksearch.org/topic/overview-bitcoin-hardware-wallets-secure-your-coins-899253 

I updated the hardware wallet section.
Pages:
Jump to: