Bitcoin Forum>Other>Beginners & Help
Author

Topic: Security for long term storage - can you evaluate this proposal? (Read 641 times)

Muhammed Zakir
hero member
Activity: 560
Merit: 509
I prefer Zakir over Muhammed when mentioning me!
Security for long term storage - can you evaluate this proposal?
June 28, 2017, 12:45:30 PM
#11
Quote from: theta on June 28, 2017, 08:54:09 AM
The issue I have with paper wallet is that it can get lost/destroyed in a fire/stolen, etc.

Create a few copies and store them in different locations. As for locations, store them in/at where you least use. E.g. Inside of a wall clock.

Quote from: theta on June 28, 2017, 08:54:09 AM
Same with any hardware backup (hardware wallet, hard drive, laptop) that stays in one physical location.

Like paper backups, you can create a few digital backups too! A few USB or CD or even floppy disk etc...

Quote from: theta on June 28, 2017, 08:54:09 AM
I personally trust the cloud much more to ensure that the data will be there several years down the line.

You are essentially entrusting your seed to others. And what make you sure that it is safe as long as you store them in a cloud? What happens if something happens to their hardware? Or maybe their service in no longer available? Or they are hacked? Or worst, they check your files? Of course, most of the cloud make backups, files are encrypted and they have done everything they can to make it better. But nothing is certain...

Paper backup vs digital backup vs cloud backup vs - One is not better than another. All has their own advantages and disadvantages and the main thing is, it depends on the person and the way they does it.

Quote from: theta on June 28, 2017, 08:54:09 AM
As for remembering which file contains what, I guess it would have to be relatively easy (for a person, not for a hacker bot) to understand it. If it's a photo of me holding a piece of paper that says "dog", then it's the word dog, etc etc. If there are 12 files in a folder, it should be fairly easy to reconstruct the 12 words, and offer a higher protection than a single file that contains the private key.

You can add irrelevant photos in that same folder and using related photos rather than exact representation of words, such as "dog food" instead of "dog", improves security. Adding photos and splitting them into different folders make it even better.

You may now think, "if it is done as you said, how can we differentiate between pictures of words of mnemonic and irrelevant pictures?" To counter this, put a "dot", "underscore", "shapes - circle, square, rectangle,..." or inconspicuous characters like semicolon in an inconspicuous place of your photos. You can use it just like using different colors described below. Don't forget to adjust colors and opacity/transparency of shapes to match background!

Quote from: theta on June 28, 2017, 08:54:09 AM
Although I do accept that all this may not be necessary as strong encryption will be enough.

You can also use other methods. For example, put your seed in a huge number of words with different colors jumbled together. Don't use "1 color per word" rule here because you will have to remember which color to find words. It may get very confusing! Rather, use 15 or so colors, and use 3-5 colors for seed and remaining for other colors. Just repeat colors! You can also increase number of colors according to number of words you put together. There are lot of designs online. It is not hard to create one.

theta
full member
Activity: 164
Merit: 100
Re: Security for long term storage - can you evaluate this proposal?
June 28, 2017, 08:54:09 AM
#10
The issue I have with paper wallet is that it can get lost/destroyed in a fire/stolen, etc.
Same with any hardware backup (hardware wallet, hard drive, laptop) that stays in one physical location.
I personally trust the cloud much more to ensure that the data will be there several years down the line.
As for remembering which file contains what, I guess it would have to be relatively easy (for a person, not for a hacker bot) to understand it. If it's a photo of me holding a piece of paper that says "dog", then it's the word dog, etc etc. If there are 12 files in a folder, it should be fairly easy to reconstruct the 12 words, and offer a higher protection than a single file that contains the private key.
Although I do accept that all this may not be necessary as strong encryption will be enough.
autistaorange
newbie
Activity: 14
Merit: 0
Re: Security for long term storage - can you evaluate this proposal?
June 27, 2017, 02:03:55 PM
#9
Quote from: lizardbtc on June 24, 2017, 03:26:46 AM
What if you lose the password of that zip file? I mean you can host even your wallet.dat file (can rename it or even encrypt it within a video/song/image if your password is long enough it would be hard to break the file).

Other things you could do personally I am also a lover of these BIP39 seeds cuz with them I can keep multiple addresses and not just for bitcoin!:
  • You take some poem and take every first word of a sentence and see if it can generate the keys from those words.
  • You take some book like harry potter and starting from the page X to an page X+11 you take every first/last word of the page and see if you can generate the keys. (or from every 5th row etc.)
  • Or even generate the keys and engrave them onto a metal plate that you will keep with yourself

There are a lot of ways you just need to be creative!

By storing them online you still trust the 3rd party that their servers won't fall apart. Maybe don't save all in one zip but rather put them on multiple locations divided.

Great ideas.  So would you memorize the book and page number?  It may be better to go with something that's not physical.  What if you lose the book or your spouse/parent throws it away (lol).  That way you could like google the declaration of independence or something and know it starts at line XYZ. 
autistaorange
newbie
Activity: 14
Merit: 0
Re: Security for long term storage - can you evaluate this proposal?
June 27, 2017, 01:49:33 PM
#8
Quote from: theta on June 24, 2017, 03:18:35 AM
What I would ideally want is a secure way of storing the bitcoins online (so I am not vulnerable to physical theft or damage to my property). So how about the the following:
I create a wallet and the 12 word recovery phrase. Then I create various files that contain these words separately. For example I write a couple of the words on a piece of paper, then take a photo of that paper. I record a video of myself saying or spelling a couple of other words. I put a couple more in a spreadsheet, etc. Then I put all these files in a folder and zip it with a password, and then save that zip in a usb stick and on a cloud service.

What would you say about something like that?

This idea sounds complicated.  You could store in a multiple bank security deposit boxes.  Store either paper wallets or flash drives in there.  If flash drive, have it password protected. 

if you're printing paper wallets, make sure it's not a public printer.  Preferably a "dumb" printer, an old school one.
MNDan
full member
Activity: 287
Merit: 101
Re: Security for long term storage - can you evaluate this proposal?
June 24, 2017, 11:31:10 PM
#7
Get a Ledger Nano S. Of your 24 word seed, give half of the words to your significant other and half to your parents/closest relatives. Keep your passphrase to yourself (your main stash should be passphrase-protected) with a copy of it in a safety deposit box at a bank in the event of your untimely death. Profit.

BTW - the most likely way (by far) to lose coins is to have some crazy scheme like the one you came up with for securing them, then being unable to unravel it.
pooya87
legendary
Activity: 3472
Merit: 10611
Re: Security for long term storage - can you evaluate this proposal?
June 24, 2017, 10:47:36 PM
#6
how about hiding it in plain sight Smiley
someone once had a good suggestion. he hid his seed inside his physical phone book! you randomly put a number in with a name in front of it. that name can be your seed with some kind of code in the number in front of it that represents the order of this. like simply ending it with the order .....01, ....02, ....12
if your phone book is large enough and contains many numbers and names and is physical there is no chance of anyone ever knowing what is happening.
Cruxer
full member
Activity: 184
Merit: 100
Bitcoin FTW!
Re: Security for long term storage - can you evaluate this proposal?
June 24, 2017, 08:26:36 PM
#5
Quote from: theta on June 24, 2017, 03:18:35 AM
So how about the the following:
I create a wallet and the 12 word recovery phrase. Then I create various files that contain these words separately. For example I write a couple of the words on a piece of paper, then take a photo of that paper. I record a video of myself saying or spelling a couple of other words. I put a couple more in a spreadsheet, etc. Then I put all these files in a folder and zip it with a password, and then save that zip in a usb stick and on a cloud service.

you sound little bit crazy no offence Cheesy
this is no solution at all, too complicated and after you wrote about cloud with zip and password this is weakest point for sure, use true encryption not zip file password

im using just cold storage/paper wallet, simplest, clean, free and without this much complexity
you discarded that way too fast
klaaas
hero member
Activity: 1568
Merit: 544
Re: Security for long term storage - can you evaluate this proposal?
June 24, 2017, 05:24:20 PM
#4
Andreas M. Antonopoulos answered this question, check it out. Bitcoin Q&A: Hot vs. cold wallets

A picture as a wallet maybe ? Open source software - replacing hardware wallets with image
Mike Mayor
hero member
Activity: 966
Merit: 535
Re: Security for long term storage - can you evaluate this proposal?
June 24, 2017, 05:14:12 PM
#3
Wow the above poster has great ways. I would never rely on my memory though. It wouldn't work at all. That's the problem for me. I back mine up to an external HDD. One of those small 2.5" ones. It is inside a tough case even though it doesn't mean to be and it's stored in a separate safe that's well hidden since it's not suppose to be opened often. I also have paper wallet in my usual safe as well as hidden between or inside one or two of my comics. Temprary backup I use two flash sticks. One to back up the other. Then on my harddrive too. Finally I have my main wallet which is Bitcoin and it's a paper wallet I have given to a family member to keep in their safe so o think I'm very very secure. Also in case I die my family have instructions on what to do.
lizardbtc
full member
Activity: 448
Merit: 109
Re: Security for long term storage - can you evaluate this proposal?
June 24, 2017, 03:26:46 AM
#2
Quote from: theta on June 24, 2017, 03:18:35 AM
Let's say we want to safely keep bitcoin for the long term. Most of the solutions available have issues:

- Online wallet: trust issue, and hacking risk
- Paper wallet: it can be lost or destroyed or stolen
- Brain wallet: it can/will be lost or eventually die
- Offline wallet on dedicated computer: computer can be damaged, lost or stolen
- Leaving them in an exchange: hacking risk and trust issue

What I would ideally want is a secure way of storing the bitcoins online (so I am not vulnerable to physical theft or damage to my property). So how about the the following:
I create a wallet and the 12 word recovery phrase. Then I create various files that contain these words separately. For example I write a couple of the words on a piece of paper, then take a photo of that paper. I record a video of myself saying or spelling a couple of other words. I put a couple more in a spreadsheet, etc. Then I put all these files in a folder and zip it with a password, and then save that zip in a usb stick and on a cloud service.

What would you say about something like that?

What if you lose the password of that zip file? I mean you can host even your wallet.dat file (can rename it or even encrypt it within a video/song/image if your password is long enough it would be hard to break the file).

Other things you could do personally I am also a lover of these BIP39 seeds cuz with them I can keep multiple addresses and not just for bitcoin!:
  • You take some poem and take every first word of a sentence and see if it can generate the keys from those words.
  • You take some book like harry potter and starting from the page X to an page X+11 you take every first/last word of the page and see if you can generate the keys. (or from every 5th row etc.)
  • Or even generate the keys and engrave them onto a metal plate that you will keep with yourself


There are a lot of ways you just need to be creative!

By storing them online you still trust the 3rd party that their servers won't fall apart. Maybe don't save all in one zip but rather put them on multiple locations divided.

theta
full member
Activity: 164
Merit: 100
Re: Security for long term storage - can you evaluate this proposal?
June 24, 2017, 03:18:35 AM
#1
Let's say we want to safely keep bitcoin for the long term. Most of the solutions available have issues:

- Online wallet: trust issue, and hacking risk
- Paper wallet: it can be lost or destroyed or stolen
- Brain wallet: it can/will be lost or eventually die
- Offline wallet on dedicated computer: computer can be damaged, lost or stolen
- Leaving them in an exchange: hacking risk and trust issue

What I would ideally want is a secure way of storing the bitcoins online (so I am not vulnerable to physical theft or damage to my property). So how about the the following:
I create a wallet and the 12 word recovery phrase. Then I create various files that contain these words separately. For example I write a couple of the words on a piece of paper, then take a photo of that paper. I record a video of myself saying or spelling a couple of other words. I put a couple more in a spreadsheet, etc. Then I put all these files in a folder and zip it with a password, and then save that zip in a usb stick and on a cloud service.

What would you say about something like that?
Bitcoin Forum>Other>Beginners & Help
Jump to: