Usb Encryption - page 2. | Bitcointalksearch.org

virasog

legendary

Activity: 2954

Merit: 1159

Quote from: dkbit98 on September 07, 2023, 12:43:15 PM

I am not using this usb for anything important, but this is just showing how fragile and unreliable this drives are, so I would never use them for anything bitcoin related.
For me it's much better to have offline backup on paper/metal, without keeping important stuff in digital format.

Quote from: AprilioMP on September 07, 2023, 02:34:01 PM

It is very true that USB is not a safe tool to store important files. I had to throw two USBs against the wall because all my work data files could no longer be opened. For the first usb, I didn't give a password and the price was slightly cheaper than the second usb that I had used.

For all those people, who do not trust the reliability of the USB, I am surprised that you people trust the piece of paper which can be damaged too, ink fade, torn or even stolen from the money safe.

I have my Bitcoin saved on the electrum wallet on tails OS on the USB and I have a backup USB as well. So if my USB got corrupted or my tails OS got corrupted I will still have another copy. I plug in both USBs every week or 15 days to check if both of them are working. I don't think both USB can get corrupted at the same time. If so, I can buy another USB today and make a third backup too. Now there will be 0% chance of losing seed because USB is unreliable and corrupted.

libert19

hero member

Activity: 2464

Merit: 934

Quote from: dkbit98 on September 07, 2023, 12:43:15 PM

Quote from: Yamane_Keto on September 07, 2023, 10:47:44 AM

This topic leads me to the question, which is better, keeping wallet seed digitally after encrypting it with a strong password, or keeping an encrypted copy of the wallet file with a strong password?

I have one USB drive that was previously encrypted by me, and ever since I decrypted it and did a full format it is not working correctly.
It works as it should few times but at some point it gets corrupted and I can't use it anymore until I format it again.
I am not using this usb for anything important, but this is just showing how fragile and unreliable this drives are, so I would never use them for anything bitcoin related.
For me it's much better to have offline backup on paper/metal, without keeping important stuff in digital format.

I like method of uploading encrypted backups done on airgapped device digitally.

Make encrypted backup on airgapped device, move it to Internet connected one and upload on cloud storages.

Files get corrupted indeed, so I make and upload them regularly. If there is one file that gets corrupted, there is another to lean back on. I tend to have peace of mind as I feel like even if my file gets leaked, attacker won't be able to open it without password, also am quite confident on my password.

So far it has worked out well.

AprilioMP

sr. member

Activity: 322

Merit: 306

Farewell LEO o_e_l_e_o

Quote from: dkbit98 on September 07, 2023, 12:43:15 PM

snip

I am not using this usb for anything important, but this is just showing how fragile and unreliable this drives are, so I would never use them for anything bitcoin related.
For me it's much better to have offline backup on paper/metal, without keeping important stuff in digital format.

It is very true that USB is not a safe tool to store important files. I had to throw two USBs against the wall because all my work data files could no longer be opened. For the first usb, I didn't give a password and the price was slightly cheaper than the second usb that I had used.

Op..., I think password is only the first door which can still be compromised to the main access door. Giving/inserting a password on a USB is not a safe way.
It's still better to keep it on paper and put it in a small safe like a money safe even though people can still know where it is.
Such offline storage is better than storing it on usb.

dkbit98

legendary

Activity: 2212

Merit: 7064

Cashback 15%

Quote from: Yamane_Keto on September 07, 2023, 10:47:44 AM

This topic leads me to the question, which is better, keeping wallet seed digitally after encrypting it with a strong password, or keeping an encrypted copy of the wallet file with a strong password?

I have one USB drive that was previously encrypted by me, and ever since I decrypted it and did a full format it is not working correctly.
It works as it should few times but at some point it gets corrupted and I can't use it anymore until I format it again.
I am not using this usb for anything important, but this is just showing how fragile and unreliable this drives are, so I would never use them for anything bitcoin related.
For me it's much better to have offline backup on paper/metal, without keeping important stuff in digital format.

Charles-Tim

legendary

Activity: 1512

Merit: 4795

Quote from: Yamane_Keto on September 07, 2023, 11:39:44 AM

You can use Sparrow wallet to generate a P2TR transaction, which is often cheaper or the same as a regular multisig transaction. Ignoring outputs (same for P2TR & P2WSH), the P2TR input transaction weighs 230 WU, which is cheaper than P2SH and P2WSH transactions.

For single sig. You can generate a pay-to-taproot single signature wallet on Sparrow:

For multisig. You can not generate a pay-to-taproot multisig wallet on Sparrow:

You can read about BIP86 which defines the derivation path to pay-to-taproot single sig wallet: https://github.com/bitcoin/bips/blob/master/bip-0086.mediawiki

I have not read anything about pay-to-taproot multisig wallet. I do not think that it is existing yet, although it has been made possible. Or, can you point to any BIP that points to pay-to-taproot multisig wallet?

Yamane_Keto

sr. member

Activity: 406

Merit: 443

Quote from: _act_ on September 07, 2023, 11:04:40 AM

Multisig is secure than single sig wallets online wallet, not for backup if you get how to backup the single signature wallet correctly. If you use a passphrase with the seed phrase, that is enough. If you like you can backup the wallet using USB drive or not. If the passphrase is strong enough, you are good.

~~You can use Sparrow wallet to generate a P2TR transaction~~, which is often cheaper or the same as a regular multisig transaction. Ignoring outputs (same for P2TR & P2WSH), the P2TR input transaction weighs 230 WU, which is cheaper than P2SH and P2WSH transactions.

I do not want to go into details and say that it is the cheapest, but using P2TR will definitely make multisig fees cheap or as cheap as regular transaction fees.
Follow this table, and you can go into detail from here https://murch.one/posts/2-of-3-using-p2tr/

_act_

hero member

Activity: 868

Merit: 1094

Quote from: Yamane_Keto on September 07, 2023, 10:47:44 AM

1) Divide the seeds and store them separately, for example, into four parts, and store each part in a safe place (dangerous because if you lost any part, this mean you lost your coins).

This should not be mentioned at all. It is one of the worst ways to backup seed phrase.

Quote from: Yamane_Keto on September 07, 2023, 10:47:44 AM

2) Extend the seed with an extra word and save it independently.
3) Create a multi-signature address 2 of 3 and save it in a trusted location that no one else can access together.

Multisig is secure than single sig wallets online wallet, not for backup if you get how to backup the single signature wallet correctly. If you use a passphrase with the seed phrase, that is enough. If you like you can backup the wallet using USB drive or not. If the passphrase is strong enough, you are good.

If it is online security, multisig wallet is better. But its transaction fee is higher than single sig wallet transaction fee. For online wallets, I will advise people to use multisig wallet, but if it is a cold wallet or hardware wallet, single sign wallet is not bad either, despite that the multisig wallet of the same type is more secure.

Yamane_Keto

sr. member

Activity: 406

Merit: 443

This topic leads me to the question, which is better, keeping wallet seed digitally after encrypting it with a strong password, or keeping an encrypted copy of the wallet file with a strong password?

In both cases, storing wallet seed in a digital or encrypted form is dangerous, but the options that you can do are:

1) Divide the seeds and store them separately, for example, into four parts, and store each part in a safe place (dangerous because if you lost any part, this mean you lost your coins).
2) Extend the seed with an extra word and save it independently.
3) Create a multi-signature address 2 of 3 and save it in a trusted location that no one else can access together.

virasog

legendary

Activity: 2954

Merit: 1159

Quote from: cryptocovetrade on September 03, 2023, 01:44:56 PM

I write my electrum private seed on the piece of paper and save it with me but i fear that someone near to me may read that paper and get access to the wallet. So i copied the wallet file on my usb and also write the seed in notepad in that usb. Now i want to password protect that usb or encrypt it so if anyone tries to access that usb, he can never open and read it contents. How to do this ?

I have a better more secure solution for this. Since you want to copy your wallet files in your USB and then encrypt that USB so no one can access it. But if you connect your USB with a malware affected computer and copy it is connected to the internet, then you are not 100% sure that your wallet files were not compromised while copying this data on your USB. Even though the chance may be very slim but since we are dealing with our money, we should be 100% sure about it.

A better way is to install a USB operating system on your USB drive, like tails OS and then create an offline Electrum Wallet there and transfer your funds in that wallet. Make your the wifi option is disabled in tails OS and there will be no chance of your seed phrase or wallet file getting compromised or affected by any malware.

_act_

hero member

Activity: 868

Merit: 1094

Quote from: aylabadia05 on September 06, 2023, 06:53:13 AM

More than one backup needs to be saved and I am not very sure about saving it on a USB because there is still a chance that the USB will be infected with a virus which will cause the files to be damaged and no longer accessible.

If it an airgap device wallet, there is no problem. Get a new USB drive and backup the file.

If it is on an online wallet, it may not be safe. The problem this can have is if the USB drive is damaged or corrupted which can happen. The user will have to be doing the backup periodically like every 6 months on another USB drive.

aylabadia05

hero member

Activity: 1470

Merit: 755

Quote from: cryptocovetrade on September 03, 2023, 01:44:56 PM

I write my electrum private seed on the piece of paper and save it with me but i fear that someone near to me may read that paper and get access to the wallet. So i copied the wallet file on my usb and also write the seed in notepad in that usb. Now i want to password protect that usb or encrypt it so if anyone tries to access that usb, he can never open and read it contents. How to do this ?

How to provide a password on a USB has been given a guide in a way that is familiar to Windows users by Bitcoin Smith.
Then, you are still confused I see. Even though that is the right answer, it is related to how to give a password to the USB which contains the seed.

More than one backup needs to be saved and I am not very sure about saving it on a USB because there is still a chance that the USB will be infected with a virus which will cause the files to be damaged and no longer accessible.

Quote from: cryptocovetrade on September 03, 2023, 02:22:27 PM

How do i create a passphrase for my wallet which i have already created?

This can be done by creating a new wallet.

Stalker22

legendary

Activity: 1484

Merit: 1355

Quote from: noormcs5 on September 04, 2023, 11:57:20 AM

Quote from: Z-tight on September 03, 2023, 05:15:55 PM

Quote from: cryptocovetrade on September 03, 2023, 02:14:14 PM

That password protected wallet file remains password protected, even if you import that into a new electrum wallet ?

No, the password you set up only encrypts the wallet locally, if you or an attacker imports this wallet with the seed phrase on a different device, you'll have access to spend the funds on the wallet and set up a different password for the wallet on that device.

That's interesting. So as we say that the password protected wallet is encrypted, it is encrypted only if it remains on that particular system. If someone copies that wallet file generated by the electrum and imports it into another computer, it will not remain encrypted???

No, that is not correct. When you encrypt the wallet data container (file) on one computer, it remains encrypted even after importing (opening) it with the software on another computer. Of course, you will need a password to access it, and that is the whole point. However, if you recreate the same wallet from a backup seed phrase, you will once again have the option of whether you want to password protect (encrypt) the wallet file or not because it will be a new wallet file.

Quote from: noormcs5 on September 04, 2023, 11:57:20 AM

Quote from: Stalker22 on September 03, 2023, 02:17:27 PM

You do not have to encrypt the seed phrase because you can simply create a BIP39 passphrase. In this case, the seed phrase itself is useless without the additional passphrase, which you can write down and store in a safe location separately from the seed phrase.

So we can write a seed phrase on a piece of paper and make such a passphrase that we never forget, and save that passphrase in our mind. So now if anyone gets our seed or if the seed is somehow get hacked through malware or something, the hacker won't be able to get access to our wallet.

The BIP39 passphrase is designed to protect your backup seed phrase. However, it is not encryption; it is simply the method for generating wallets from a seed phrase. For instance, you can generate a wallet with a specific 24-word seed phrase. But if you add a passphrase to that same seed phrase, you will create an entirely new wallet with a completely different set of private keys and addresses. Think of it as the 25th word (although it doesn't have to be a dictionary word, and it doesn't have to be just one word since it is a passphrase, not a password).

Quote from: noormcs5 on September 04, 2023, 11:57:20 AM

However, if the hacker gets the whole wallet file (encrypted one), then he can import it into another computer and can access the wallet ?

No, encrypted wallet files cannot be opened on any computer without the correct password. They can potentially be brute-forced if the password is too weak.

Charles-Tim

legendary

Activity: 1512

Merit: 4795

Quote from: noormcs5 on September 04, 2023, 11:57:20 AM

So now if anyone gets our seed or if the seed is somehow get hacked through malware or something, the hacker won't be able to get access to our wallet.

For online attack, remember that your seed phrase can be seen together with your passphrase on online wallets. The only wallet that I did not see the passphrase is Bluewallet, and it is not supporting passphrase while generating a new wallet, you can only import a seed phrase to input the passphrase. Yet, we have to be careful of online attacks because online wallets are weak and vulnerable generally, even if you use passphrase with the seed phrase.

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: noormcs5 on September 04, 2023, 11:57:20 AM

Quote from: Z-tight on September 03, 2023, 05:15:55 PM

if you or an attacker imports this wallet with the seed phrase on a different device, you'll have access to spend the funds on the wallet and set up a different password for the wallet on that device.

That's interesting. So as we say that the password protected wallet is encrypted, it is encrypted only if it remains on that particular system.

Z-tight is talking about importing the seed word phrase, not the encrypted wallet.

Quote

If someone copies that wallet file generated by the electrum and imports it into another computer, it will not remain encrypted???

That's not how encryption works.

noormcs5

hero member

Activity: 2618

Merit: 613

Leading Crypto Sports Betting & Casino Platform

Quote from: Z-tight on September 03, 2023, 05:15:55 PM

Quote from: cryptocovetrade on September 03, 2023, 02:14:14 PM

That password protected wallet file remains password protected, even if you import that into a new electrum wallet ?

No, the password you set up only encrypts the wallet locally, if you or an attacker imports this wallet with the seed phrase on a different device, you'll have access to spend the funds on the wallet and set up a different password for the wallet on that device.

That's interesting. So as we say that the password protected wallet is encrypted, it is encrypted only if it remains on that particular system. If someone copies that wallet file generated by the electrum and imports it into another computer, it will not remain encrypted???

Quote from: Stalker22 on September 03, 2023, 02:17:27 PM

You do not have to encrypt the seed phrase because you can simply create a BIP39 passphrase. In this case, the seed phrase itself is useless without the additional passphrase, which you can write down and store in a safe location separately from the seed phrase.

So we can write a seed phrase on a piece of paper and make such a passphrase that we never forget, and save that passphrase in our mind. So now if anyone gets our seed or if the seed is somehow get hacked through malware or something, the hacker won't be able to get access to our wallet.
However, if the hacker gets the whole wallet file (encrypted one), then he can import it into another computer and can access the wallet ?

m2017

legendary

Activity: 1792

Merit: 1296

keep walking, Johnnie

Quote from: cryptocovetrade on September 03, 2023, 01:44:56 PM

I write my electrum private seed on the piece of paper and save it with me but i fear that someone near to me may read that paper and get access to the wallet. So i copied the wallet file on my usb and also write the seed in notepad in that usb. Now i want to password protect that usb or encrypt it so if anyone tries to access that usb, he can never open and read it contents. How to do this ?

You should not be overly fond of storing important files (seed phrases are exactly that) on a USB flash drive, all the more, even encrypt. No matter how you later have to face the problem of losing access to this file due to a USB flash drive malfunction or the inability to decrypt data due to lost password. Besides, how are you going to store the password from an encrypted USB flash drive so that your relatives don't peep? Create another one?

Don't forget to make duplicates of your USB flash drive, and also think about writing the seed phrase not on a piece of paper, as you did, on another storage medium that has better safety characteristics (protection from water, fire, acids, etc. ). For example, a stainless steel plate.

Charles-Tim

legendary

Activity: 1512

Merit: 4795

Quote from: BitMaxz on September 04, 2023, 07:50:46 AM

Having multiple backups is also fine but for long-term DVDs is way better to handle files for more than 10 years because I have a DVD that still survives after 10 years it still works.

I have SanDisk that I bought since 2018, despite the large files of about 40 gigabytes on it, it is still working till today. Although, I hardly use it.

As LoyceV comment, I think it is better that way. People should not depend on any device for long term storage. I understand you and I think that you are also right, and disks are also different from one another, there are some with even longer lifespan. But people should not depend on that because any device can fail at anytime. I year backup dependency is enough in my opinion.

I prefer seed phrase with passphrase and it makes backup easy for me on just a paper.

BitMaxz

legendary

Activity: 3234

Merit: 2943

Block halving is coming.

Quote from: Charles-Tim on September 04, 2023, 02:22:19 AM

USB drive has expected lifespan of 10 years which I do not think it is bad at all.

What makes the lifespan of USD drive, CD, DVD, SSD or HDD shorter or longer depends on how often you are using it to transfer files, and also maintenance. If he is using the USB drive for just file backup and nothing more, I am expecting the USB flash drive to have a long lifespan if he protects it.

10yrs is just the expected lifespan but in my experience, it doesn't most of my USB Drives no longer work after a year or two some of them work but files become corrupted even though I take care of them very well.
Only 2 of my 8 USB drives with two different brands still survive after 4 years(transcends 16GB and Sandisk 32 GB).

Having multiple backups is also fine but for long-term DVDs is way better to handle files for more than 10 years because I have a DVD that still survives after 10 years it still works.

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: Charles-Tim on September 04, 2023, 02:22:19 AM

USB drive has expected lifespan of 10 years which I do not think it is bad at all.

Easy solution: once a year, spend $10 on a new stick from a different brand and make another backup. Keep your old backup.

Quote from: cryptocovetrade on September 03, 2023, 01:44:56 PM

i fear that someone near to me may read that paper and get access to the wallet.

Does that mean untrusted people have physical access to your house?

Charles-Tim

legendary

Activity: 1512

Merit: 4795

Quote from: satscraper on September 04, 2023, 02:48:40 AM

Agree. Nevertheless, If OP insists on digital backup I would advocate for industrial grade SSD card (in micro or micro format) instead of ordinary USB flash drive. Those cards have an incredible life span, are less damageable and much easier to hide (or carry in the course of relocation) than bulk drives (even of 2.5" size).

Flash drives are smaller
Flash drives and SSD cards are using the same technology
They both have the same life span of 10 years, but depending on usage and maintenance
SSDs are bigger, but with larger memory and faster in speed
Flash drives are cheaper, but they have small memory
Just for encrypted wallet file backup, or seed phrase extended with passphrase backup, flash drive is better
I think you are only comparing SSD and HDD, not flash drive.

Topic: Usb Encryption - page 2. (Read 492 times)