So basically if you want to store your coins 100% secure you have to store it on your own device , and not on an online wallet or 3rd party. As the saying says: "everything that's not in your hand it's not yours". If it's not in your hand it's not money, it's debt, the promise of the 3rd party that it may or may not pay you. Also many wallets don't run on 100% reserves, which is just the same as the fiat system, so it will meet the same ends...
Also many online wallets have been hacked lately which could be the users fault, but it could also be the service's fault, and by storing them there by default your funds will be targeted because they store huge amount of coins, whereas if you hold your coins in a place nobody knows about, then its safe.
Ok let's start.
Programs you will need:
■Cleopatra: http://www.gpg4win.org/features.html
■A good antivuris& internet security: I recommend Kaspersky Internet Security 2015 because of this:
http://www.reuters.com/article/2015/02/16/us-usa-cyberspying-idUSKBN0LK1QV20150216
http://www.theregister.co.uk/2015/02/17/kaspersky_labs_equation_group/
http://www.techpowerup.com/209925/nsa-hides-spying-backdoors-into-hard-drive-firmware.html
■Malware Cleaner like MalwareBytes: https://www.malwarebytes.org/
■Armory Wallet: https://bitcoinarmory.com/download/
■Veracrypt: https://veracrypt.codeplex.com/
■Linux operating system for extra security (verified by Cleopatra, after you download just check the checksum to see if it has been tampered with) or just a clean Windows or Mac
Hardware & physical objects you will need:
■Multiple solid USB sticks (ATLEAST 3)
■A junk and cheap PC which meets the system requirements of the programs listed above (preferably old because newer ones could contain firmware, but not that old that it fails because your bitcoins could be lost then)
■Your casual online PC that you are on right now
■Multiple A4 papers or similar and a pen
■A router through which you connect to the internet (optional)
After you got these tools, you will then proceed to set up your own "cold wallet" or "hardware wallet" or "offline wallet" as it is known.
You will need your usual online PC and the offline PC that you bought or your old pc that you used years ago.
Here are the steps to set up your offline wallet:
PART I. SECURE OFFLINE STORAGE
1) Set up the antivirus & MalwareBytes on your online PC, scan it and remove any virus or threat is found, all of them. Set up a strong firewall with your internet security software and if you have a router password protect it (the default password is always ADMIN, so change that)
2) Use original operating system, if it's pirated then run a full antivirus scan & anti-malware on it because there may be some malware hidden in it, even if it's original there can be some intentional malware in it so either way scan the operating system's cd, or .iso file or however you got it, to make sure no rootkit,malware or other malicious tools is built in it. If you detect any, then get another copy, until you find a clean one. (Make sure the antivirus you choose & MalwareBytes is fully updated though before scanning it)
3) Get your PC that you will dedicate to keep your bitcoins on (it can be a laptop too) and set up the operating system on it
4) Make sure you create atleast 2 or more partitions on the harddisk, because 1 will be encrypted later, and 1 for the operating system
5) Enable hidden folders and files if you are using windows on both the online and offline PC to see if anything shady sneaks itself into the USB stick, but ofcourse you will scan it also with the antivirus & MalwareBytes!
6) Disable networking in the BIOS, or remove the network card from that PC (https://www.google.com/#q=disable+network+from+bios)
7) Plug out any device that is connected to it, router, telephone wire, wireless stuff, or any other network or cable except the electricity, so that there is no other interface with which you can interact with this PC but the USB sticks, everything else should be disabled
8] Install the antivirus & MalwareBytes on this computer via the USB stick to check if there is any firmware on it, leftover rootkit or malware from previous OS or any other malicious stuff
9) After the stuff is clean,format the entire hard disk again and reinstall the operating system,and don't reinstall the antivirus nor MalwareBytes after (cos you never know if the antivirus or MalwareBytes itself is not doing something shady, you dont have to trust them more than needed ), and re-enable the hidden folders and files mentioned in step 5)
10) Make sure that in the process of doing this you dont put any other virus on your clean offline PC by any other means
11) After the clean PC is totally cleaned then it's time to install our bitcoin stuff there, first encrypt your non-system partition with Veracrypt or other trusted open source encryptors (this step is crucial unless you want it to be cracked by hackers, the encryption software must be 100% trusted and open source)
12) Encrypt that hard disk and put atleast a 30-35 digit random password for it which you generate here: https://www.random.org/passwords/, however don't use those passwords, instead generate 10 different passwords and combine them into 1, by your own, so that nobody can guess them (in case random.org collects or logs the passwords generated)
----Also write on a paper that password perhaps multiple times, because if you lose this password you cannot ever access that partition again so since your bitcoins will be stored here, you should have paper backup of this password stored in a secure place---
13) Download armory to your online PC, verify that it's genuine and not tampered with , with Cleopatra by checking it's checksum or the PGP-Signature of the author:
https://bitcoinarmory.com/tutorials/armory-basics/verify-download/
14) After download finished, disconnect your online PC's internet temporarly so that no other stuff can go in there, put the USB stick into your online PC and scan the stick itself, perhaps format it, then put the Armory on the stick and check it's checksum again before pulling it out just to make sure there was no malware on your PC that tampered the software after you downloaded it!
15) Put the stick into the offline PC and install Armory there inside the earlier encrypted partition
16) Securely Format the USB again and pull it out from the PC so that nothing is connected to it until we don't set up the sensitive stuff
17) Open armory and set up your wallet on the offline PC, from that encrypted partition, also in armory's settings use a very robust wallet
---Of course if the PC is crappy use whatever resources it can support, but still a 10 second open timer is recommended, because this is your safe wallet anyway, capable of storing billions of $ so definitely worth the wait time for this extra layer of security---
18) Enter the passphrase for the wallet, again use a the https://www.random.org/passwords/ and combine for yourself a unique random password from those generated there, but never use 1 entirely from there. Also dont use the previous password again.
19) Make alteast 2 paper backup of this aswell (the private key), now you can print it out with armory, however make sure the printer you use is not network connected, and after you finished printing restart it so that the cache of the printer is cleaned out
20) Until now you got 3 sensitive data: the password of your encrypted hard-disk partition and the password of the wallet and the backup of the private key, make sure you got 2 backups of each stored at very safe locations
21) Use another USB stick or multiple sticks to put a digital backup of your wallet aswell, not the same one are you used before to install the stuff it must be a different and clean one,Securely Format the USB again ,however this stick is as-is and you can never ever plug this in into the online computer, but only this offline computer in case the hard-disk of the offline PC fails you will have a digital backup of the wallet , but you need to set up step 0-18 again for another PC that you will buy then to store your bitcoins. But never ever plug that USB stick (where the digital copy of the wallet is) into an online PC again!!!)
22) Ok you are ready now, your encrypted bitcoin wallet is set up in an encrypted hard disk, and you have 3 sensitive data that you must secure yourself, of which the private key is the most important. Even if the other 2 password is compromized, if you wipe your PC before they can access it (the wallet), then without private key they still cant stole your money. But of course the other 2 passwords are also important + your USB backup of the wallet. Keep these stuff very safe!
23) For additional security you can set up a password for your operating system, however its not that much needed, and it can be easily bypassed if a burglar enters your house, but they can't break the double-encrypted wallet! This password is only needed if you leave your house and don't want your wife or children accesing your PC, it's more like a privacy protection rather than security.
24) Never ever install anything else on the offline PC, even if it's not in the encrypted partition, it can only contain the clean OS install, the armory and your wallet(s), just as never put anything else on the stick that stores your digital wallet copy either. They should be left as they are!
Ok now you got a perfectly secure offline storage which can store even billions of $ worth of bitcoins, but it can still be compromized when you do a transaction. So here is how to securely transact and spend funds from it!
PART II. SECURE TRANSACTION FROM THE STORAGE
You will use the offline transaction method of armory which you can read upon here it't tutorial:
https://bitcoinarmory.com/tutorials/armory-advanced-features/offline-wallets/
After you read about it and familizarized yourself with the process, here is how to do it securely:
1) The blockchain has to be on your online PC and also a verified download of armory, by Cleopatra:
https://bitcoinarmory.com/tutorials/armory-basics/verify-download/
2) Create a "New Offline Transaction", specify the details: address(es),how much bitcoin to send, etc. Double check if you entered the stuff correctly, and then put the Unsigned file on your USB stick that you used to install the things on the offline PC. Make sure that before plugging that USB stick back into the Online PC, you put it into the offline PC and Securely Formatted it beforehand.
3) So after you formatted the USB on the offline PC, put it on the online and put the Unsigned file on in, then move that Unsigned file onto the offline PC
4) Plug the USB into the offline PC, copy the Unsigned file into the offline PC's desktop
5) Plug out the USB
6) Open the encrypted partition, and the Armory and import the file
7) Check again if all details are entered correctly
8] Sign the file, you will need the wallet's password for this
9) Close armory, and close the encrypted partition too
10) Plug back the USB stick,Securely Format the USB again, and then put the Signed Transaction File back into it
11) Move the USB into the online PC and copy the Signed Transaction File, import it into the Armory, and verify again if all details are entered correctly
12) Broadcast the transaction
13)Securely Format the USB again
14) Waint until 6 confirmation of the transaction, and then it's all complete
PART III. MONITOR YOUR WALLET FROM THE ONLINE PC (OPTIONAL)
After you know how to keep the bitcoin 100% securely offline, and have your online PC also relatively safe, you can then monitor your wallet from your online PC without the need to compromize the private key for it. I have developed a software with which you can monitor your bitcoin addresses from your online PC without the need to compromize your offline storage. It's just like any other program on your PC now and you don't have to trust me more than any other developer whom's programs you currently use on your online pc .
My software has no access to any of your funds, since they are all kept securely offline. What my software does it checks your balances from your online PC through an internet API that connects to the blockchain. So you don't even need the blockchain downloaded on your PC to use my software, it's all lightweight and portable. You can check your balance of any of your addresses (or even other's address) to keep yourself updated with how many bitcoins you have. Also it loads instantly you don't have to wait half an hour to load like armory!
► DOWNLOAD FREE DEMO!
========================================================================================================
========================================================================================================
========================================================================================================
This tutorial might be hard to read, disorganized, although it's as accurate as possible, but probably not that detailed and descriptive,also this forum needs internet and sometimes it could go down, so I summed up everything , more descriptive, with picture illustrations and links to download these tools in my
FREE E-BOOK that is a Guide to keep your Bitcoins 100% safe.
DOWNLOAD MY FREE E-BOOK HERE!
Enjoy
