storing wallet backup in the cloud? - page 2.

randy8777

legendary

Activity: 896

Merit: 1000

Quote from: Soros Shorts on March 29, 2015, 09:51:22 PM

Quote from: fonenumba on March 29, 2015, 07:24:21 PM

As long as the PGP private key is kept in a safe place storing your private keys in the cloud (while PGP encrypted) should be safe. Although if you are going to be securing something with your PGP key then you might as well backup your private keys in the same place that you keep your PGP key (ideally on an offline computer). If you are going to need a backup of your private keys, then you would probably need a backup of your PGP key as well so securing it this way is somewhat of a catch 22 - although you could encrypt it with a passphraise, although this is less secure

In practice it makes a difference where you might store your PGP key vs. your wallet.dat because the PGP key is static but the wallet.dat keeps changing and backups need to be made periodically. For example, you can store a cold (unencrypted) copy of your PGP key in a safety deposit box and use a very strong passphrase to encrypt the active copy without having to worry too much about forgetting the passphrase because you could always run to the bank in the event that you do forget. However, it probably is not convenient to run to your safety deposit box every night with your updated wallet.dat each time your private keys change.

can you explain how a wallet.dat gets outdated? isn't it automatically checking the blockchain to display your final balance?

CryptKeeper

legendary

Activity: 2044

Merit: 1055

Quote from: bitmarket.io on March 29, 2015, 05:37:26 PM

Quote from: CryptKeeper on March 29, 2015, 03:09:13 AM

The wallet.dat of bitcoin core is already encrypted with a strong algorithm.
If you use a decent password you are safe to put your wallet.dat on a cloud service like dropbox.
A decent password should be 15 characters or longer, containing uppercase, lowercase, digits and special characters. Don't use anything written in a book or which can be found in an internet resource. Even if you change a few characters in such phrase, it will not be safe enough.

So you are saying if I encrypt my wallet from Bitcoin Core I do not need to PGP encrypt the backup file? That makes it convenient because I did indeed encrypt my bitcoin wallet from bitcoin core.

Exactly. For your interest: http://bitcoin.stackexchange.com/questions/19975/how-secure-is-an-encrypted-wallet

Please consider that you are vulnerable from the moment you connect your PC to the internet. If you trust the bitcoin-qt encryption, it doesn't matter where your wallet.dat file resides. Your PC can be hacked as easily as your cloud space provider.

For optimum security you should consider offline solutions like paper wallets or offline signing like trezor (or other hardware wallets).

coinpr0n

hero member

Activity: 910

Merit: 1000

If would be safe it is encrypted first. With strong encryption it doesn't matter so much as long as the private keys aren't compromised.

lalaisen

newbie

Activity: 57

Merit: 0

Quote from: CryptKeeper on March 29, 2015, 03:09:13 AM

The wallet.dat of bitcoin core is already encrypted with a strong algorithm.
If you use a decent password you are safe to put your wallet.dat on a cloud service like dropbox.
A decent password should be 15 characters or longer, containing uppercase, lowercase, digits and special characters. Don't use anything written in a book or which can be found in an internet resource. Even if you change a few characters in such phrase, it will not be safe enough.

Please help me for answering this question !

What is the difference from "encrypted wallet.dat" and "encrypted wallet-qt clients"

Sincere thanks !

bitmarket.io

legendary

Activity: 1204

Merit: 1001

Quote from: Soros Shorts on March 29, 2015, 09:51:22 PM

Quote from: fonenumba on March 29, 2015, 07:24:21 PM

As long as the PGP private key is kept in a safe place storing your private keys in the cloud (while PGP encrypted) should be safe. Although if you are going to be securing something with your PGP key then you might as well backup your private keys in the same place that you keep your PGP key (ideally on an offline computer). If you are going to need a backup of your private keys, then you would probably need a backup of your PGP key as well so securing it this way is somewhat of a catch 22 - although you could encrypt it with a passphraise, although this is less secure

In practice it makes a difference where you might store your PGP key vs. your wallet.dat because the PGP key is static but the wallet.dat keeps changing and backups need to be made periodically. For example, you can store a cold (unencrypted) copy of your PGP key in a safety deposit box and use a very strong passphrase to encrypt the active copy without having to worry too much about forgetting the passphrase because you could always run to the bank in the event that you do forget. However, it probably is not convenient to run to your safety deposit box every night with your updated wallet.dat each time your private keys change.

What do you mean you need to make frequent backups of your wallet.dat? Wont one suffice?

Soros Shorts

donator

Activity: 1617

Merit: 1012

Quote from: fonenumba on March 29, 2015, 07:24:21 PM

As long as the PGP private key is kept in a safe place storing your private keys in the cloud (while PGP encrypted) should be safe. Although if you are going to be securing something with your PGP key then you might as well backup your private keys in the same place that you keep your PGP key (ideally on an offline computer). If you are going to need a backup of your private keys, then you would probably need a backup of your PGP key as well so securing it this way is somewhat of a catch 22 - although you could encrypt it with a passphraise, although this is less secure

In practice it makes a difference where you might store your PGP key vs. your wallet.dat because the PGP key is static but the wallet.dat keeps changing and backups need to be made periodically. For example, you can store a cold (unencrypted) copy of your PGP key in a safety deposit box and use a very strong passphrase to encrypt the active copy without having to worry too much about forgetting the passphrase because you could always run to the bank in the event that you do forget. However, it probably is not convenient to run to your safety deposit box every night with your updated wallet.dat each time your private keys change.

Q7

sr. member

Activity: 448

Merit: 250

Generally I try to avoid that even though you can encrypt it with a strong password before storing it in cloud services. It will become a problem if you accidentally lose the password so it becomes another problem instead.

dhenson

legendary

Activity: 994

Merit: 1000

Your private key is just a number. Don't get confused by all of the technicalities, all you need to do is hide a number and there are an infinite number of ways to do that.

edit... Apparently this was my 'leet' post (see my post count). Now I can't post anymore or I'll no longer be leet.

fonenumba

full member

Activity: 411

Merit: 100

Quote from: randy8777 on March 29, 2015, 05:12:03 AM

Quote from: Soros Shorts on March 29, 2015, 03:01:23 AM

Quote from: bitmarket.io on March 29, 2015, 02:41:13 AM

what do you think of storing your wallet backup in the cloud? like a storage service. like google drive / drop box / iCloud drive / etc...?

of course there is the USB stick and paper option too...

also how do you load a backup into bitcoin-qt?

Yeah, I use this method. I first PGP encrypt the wallet backup, then zip it, and finally attach it to a message on Gmail or some other mail service. Pretty convenient.

Even with a password protected wallet I would never leave it on the cloud without secondary encryption because someone could still see your transactions and addresses.

To restore the backup for bitcoin core, shut down the client and replace the current wallet.dat with your backup copy. Then restart the client.

even when it is pgp encrypted, you should never leave a wallet with potentially thousands dollars worth of coins in it in your mail or cloud. i know pgp encryption is very strong, but still it's not 100% safe.

As long as the PGP private key is kept in a safe place storing your private keys in the cloud (while PGP encrypted) should be safe. Although if you are going to be securing something with your PGP key then you might as well backup your private keys in the same place that you keep your PGP key (ideally on an offline computer). If you are going to need a backup of your private keys, then you would probably need a backup of your PGP key as well so securing it this way is somewhat of a catch 22 - although you could encrypt it with a passphraise, although this is less secure

PolarPoint

hero member

Activity: 672

Merit: 500

I think encrypting the wallet with a strong password and then 7zip it again with another strong password is secure enough to save on the cloud. Don't leave the filename as wallet.7z, rename it to something inconspicuous like recipe.7z or 2015.7z

bitmarket.io

legendary

Activity: 1204

Merit: 1001

Quote from: CryptKeeper on March 29, 2015, 03:09:13 AM

The wallet.dat of bitcoin core is already encrypted with a strong algorithm.
If you use a decent password you are safe to put your wallet.dat on a cloud service like dropbox.
A decent password should be 15 characters or longer, containing uppercase, lowercase, digits and special characters. Don't use anything written in a book or which can be found in an internet resource. Even if you change a few characters in such phrase, it will not be safe enough.

So you are saying if I encrypt my wallet from Bitcoin Core I do not need to PGP encrypt the backup file? That makes it convenient because I did indeed encrypt my bitcoin wallet from bitcoin core.

bitmarket.io

legendary

Activity: 1204

Merit: 1001

Quote from: Soros Shorts on March 29, 2015, 03:01:23 AM

Quote from: bitmarket.io on March 29, 2015, 02:41:13 AM

what do you think of storing your wallet backup in the cloud? like a storage service. like google drive / drop box / iCloud drive / etc...?

of course there is the USB stick and paper option too...

also how do you load a backup into bitcoin-qt?

Yeah, I use this method. I first PGP encrypt the wallet backup, then zip it, and finally attach it to a message on Gmail or some other mail service. Pretty convenient.

Even with a password protected wallet I would never leave it on the cloud without secondary encryption because someone could still see your transactions and addresses.

To restore the backup for bitcoin core, shut down the client and replace the current wallet.dat with your backup copy. Then restart the client.

Thanks for the info. This is exactly what I do but I never encrypted my wallet file. I will defiantly do that now. Would you mind explaing to me how to PGP encrypt it?

AtheistAKASaneBrain

hero member

Activity: 770

Merit: 509

Quote from: bitmarket.io on March 29, 2015, 02:41:13 AM

what do you think of storing your wallet backup in the cloud? like a storage service. like google drive / drop box / iCloud drive / etc...?

of course there is the USB stick and paper option too...

also how do you load a backup into bitcoin-qt?

It's generally not a good idea to store wallets on the cloud.. you never know. Even tho using 7z and encrypting the file and the content would be enough tho.

Bitware

hero member

Activity: 926

Merit: 1001

weaving spiders come not here

Encrypted in the Bitcoin client and encrypted in an encrypted archive/volume both with strong-but-different passphrases containing uppercase letters, lowercase letters, numbers, punctuation and special characters, I believe it's a good idea to upload it everywhere possible. Free email services, file uploads, cloud services, websites, etc.

Example of a strong passphrase: "My Son was born on January 21, 2001 @ 10:57 am in Hampshire Hospital, Room 317."

Also, rename the file to something inconspicuous, like 'kids.mpg', 'recipies.doc', 'doggies.gif', 'vacation.mov', 'game_roms.zip', etc. Then if they try to open it and it does not work, they will simply believe it is a corrupted file.

Hiding it in plain sight, but obfuscated and encrypted twice, means this will always be available, at any time and anywhere in the world there is an internet connection... and secure. If a breakthrough in computing comes to pass, simply create new wallet and encrypted archive/volume with stronger encryption and transfer the coins, making the old wallets useless.

You can also periodically create a new wallet encrypted in the Bitcoin client, in a new encrypted archive/volume with a new file name and passphrase, then transfer your coins to the new one, making all the old one useless.

Meuh6879

legendary

Activity: 1512

Merit: 1012

Quote

what do you think of storing your wallet backup in the cloud?

And you ask why bitcoins are stollen with no explanations ? Roll Eyes

think !

Minerjoe

sr. member

Activity: 406

Merit: 250

Why would u do that? Copy it on four seprate USB drives, open safe in the bank and put it here.

All this under condition you have something to put in that safe. If we are talking about 3 BTC, dont even bother.

bitcoinwallet.id

newbie

Activity: 41

Merit: 0

I think that anyone shouldn't put a private key in the cloud. I think that the best way for backup a wallet is to write down the private key into a piece of paper, and then put it into a secure place at your home. That's it. (Sorry if this is proposrd here in other thread)

randy8777

legendary

Activity: 896

Merit: 1000

Quote from: Soros Shorts on March 29, 2015, 03:01:23 AM

Quote from: bitmarket.io on March 29, 2015, 02:41:13 AM

what do you think of storing your wallet backup in the cloud? like a storage service. like google drive / drop box / iCloud drive / etc...?

of course there is the USB stick and paper option too...

also how do you load a backup into bitcoin-qt?

Yeah, I use this method. I first PGP encrypt the wallet backup, then zip it, and finally attach it to a message on Gmail or some other mail service. Pretty convenient.

Even with a password protected wallet I would never leave it on the cloud without secondary encryption because someone could still see your transactions and addresses.

To restore the backup for bitcoin core, shut down the client and replace the current wallet.dat with your backup copy. Then restart the client.

even when it is pgp encrypted, you should never leave a wallet with potentially thousands dollars worth of coins in it in your mail or cloud. i know pgp encryption is very strong, but still it's not 100% safe.

redsn0w

legendary

Activity: 1778

Merit: 1043

#Free market

If I can say my opinion, I never suggest to store your private key into a cloud service, there are a lot of dishonest person and I don't feel comfortable to save my keys online (I prefer to store it on my desktop wallet, obviously offline).

Agestorzrxx

sr. member

Activity: 462

Merit: 250

Quote from: bitmarket.io on March 29, 2015, 02:41:13 AM

what do you think of storing your wallet backup in the cloud? like a storage service. like google drive / drop box / iCloud drive / etc...?

of course there is the USB stick and paper option too...

also how do you load a backup into bitcoin-qt?

The encrypted password should be very strong if you want to save your wallet in the cloud drive.
But a strong password is very easy to be forgotten.
Why don't you use blochchian.info wallet, I think it save than cloud backup wallet.

Topic: storing wallet backup in the cloud? - page 2. (Read 6844 times)