Topic: Wallet online for Bitcoin (Read 720 times)

Generally if you have large amount of funds its always best to store your coins offline, either a paper wallet or hardware one (ledger/trezor). Online wallets no matter how safe will always be at risk of hacks/ fraud/incompetence. The parity wallet which was generally considered one the safest and most reliable places to store coins is one of the best examples of this where a 15year old was able to take advantage of poor coding to essentially freeze what was at the time 400 million in ether (a lot more now).

Of course this decision will primarily depend on your funds but if u have anything over 1k-1.5k its best to pick up a hardware wallet.

Yes indeed we must secure our assets for example securing in the wallet, just imagine if we do not secure our assets then online criminals will act and steal our assets.

What about brain wallets?

I personally use paper wallet,The fact that wallet is just a container for private keys and we just hold keys and not coins allows me to say that paper wallets are the most secure way to keep funds,so we just use offline bitcoin storage(we don't need to store our keys in computer) and what can be more secure? I don't know.Anyway that's my opinion and of course this wallet has disadvantage too,it would be better to consider and wait for more experienced people's opinions, such as this guy seems.

It is exactly, if you don't know what you are doing. However if you know a bit about security and technology, it will be very simple to do safely.
Even if the script used to generate was malicious, if it cannot store data and submit it online, then the malicious part of the code cannot do anything.
I'll give you an example:

Peter boots off linux live CD on a computer without internet connection and hard drive. He runs the website script for generating paper wallet. However the script has a line that sends the generated private key to server, but as the script cannot save anything on the hard drive, it cannot submit them online as Peter's computers is detached from the internet and does not have any kind of storage media.

End of the story, however it would be theoretically possible to save some kind of file to do this if executed on the Live CD for example. Hardware wallets (with screens) are certainly the best opinion for people without the needed technical knowledge because generating a private key on infected PC would basically cause all of your funds to a very likely possibility of their funds getting stolen. This is the reason why you need to be airgapped while doing it, on a fresh distro without anything downloaded to reduce the risks to minimum.


Great to hear that!


Not sure if Trezor supports ETH natively, but you can use MEW with the guide found from here: https://blog.trezor.io/trezor-integration-with-myetherwallet-3e217a652e08

The transactions are always signed on the trezor, rather than the website of MEW. However always remember when sending ETH to check the transaction on your Trezor before Signing & Broadcasting it. It is possible for malicious code to send an wrong request to your Trezor, and if you do not check carefully the details, it might end up in the wrong address.

Ps. If sending tokens, the destination address is the contract address so you will have to find another way to verify that this is the transaction that you indeed want to send.

Good advice was ordered by Trezor and it works great . but for now I have everything in ETH I understand that this is Wallet on BTC anyway? That's how it works?

I am the same The paper wallet method is way easier to fail than the hardware wallet method. I do not recommend using hot wallets for storage of coins, and never would advise for online wallet as you don't have the full control over your coins.

As far as i know, Trezor uses with MEW was not affected.
It should not have been as metamask was neither.

Yes, maybe it was my mistake because of my long sense of comfort in the service (wallet online). Thanks for your advice, currently only a few coin assets are in my wallet online. and I've started to move my assets to the hardware wallet.


So If I use the Trezor wallet is not safe too?

Thank you for the advice sir, I am still a newbie about the use of wallet, still need a lot of advice and learning. I feel helped by what you say.

That's the first mistake that you did, trusting a centralized party to protect your funds while they could just steal all of them and run at some point if some kind of data breach happened and they could not recover from it.


Dedicated people make mistakes at some point. It is just a matter of time when they do, and when it happens you are all on your own.
You cannot protect your funds, if someone else is holding them and has access to them as well. Multisignature would be a bit different.


It does not matter whether you did or not. If you used google DNS at the time, even accessing the official site could have caused for your private keys to get stolen assuming that you used some of the unsecure methods. Metamask and such are the recommended way to access MEW as every transaction is signed on your browser's metamask plugin rather than the source code of the page.

I always believe in what they do to protect our funds. Their service appeared to help us. for saving our assets. They have long been dedicated to it, and even to this day. Reasonable many hackers are tempted to hack, but it all depends on us, whether we can protect our private key, our data ourselves?
I use jaxx from 2016 early until now, nothing happens with the security, as long as only we know and save (Phrase and Pin) our funds will be safe.

Yes, I deeply regret that this is related to DNS attack on MEW wallet. I've done bookmarks so at least my funds are safe. Thanks to your warning about DNS attack.

Which in online wallet case you are trusting them to protect your Private Key and your data.
No Guarantee that their security are safe enough to hold user coins, then again as long as you're using reputable wallet it should be safe (I've seen a few complaints directed to Jaxx.io, so I'm not sure what to feel about that).
Also just a heads up, there are DNS attack on MEW wallets, make sure you are safe from those attack.

A more secure method is to have multiple backups of your Private Key or Wallet File in case one of them break/lost/forgotten.

Hardware wallet is better than an online wallet. But in my opinion, as long as you can protect the private key or phrase, it does not matter.
Now I use Trezor wallet ( to safe my worth coin, I think this is a very secure wallet), Jaxx (this wallet is very flexible, I can buy and sell my coin. But the fees is little high) and MEW.

I personally use EXHOS wallet but I advise you to keep bitcoin in off-the-shelf and preferably on a flash drive.

try to avoid using online wallets,but if you have no other option -use blockchain.info
I know it is bad,sometimes bugged and not very safe,its fees are random to say the least
but it is the best and the fastest option to keep small change for day to day operations
never use it for sums over ,well you can afford to lose
I don't keep more than 200-300$ there,usually
as different options,you can try: https://bitcoin.org/ru/wallets/web/
out of the wallets represented there,I use Bitgo-https://www.bitgo.com/ it is a decent wallet,with added security

If you are keen to use online web wallet with multi-factor authentication then try using NAGA wallet, it allows you to store, send & receive Bitcoin, Litecoin, DASH, BCH, ETH & ERC-20 tokens. It gives you ERC-20 token address that you can use to receive your tokens from ICO's, once the distribution is finished by ICO, the token will be automatically displayed you don't need to put smart contract address. Also Every time you have to provide multi-factor authentication code if you try to send your coins/tokens. The drawback is your private keys are held by NAGA but they claim that private keys are protected using cold storage same as coinbase doing.

Rarely any wallet has such a thing. Online wallets may do, but most often they are still more insecure than a desktop wallet.

Two factor authentication on a online wallet where you are not the only one having the private keys is very insecure, although alot better than an online wallet without one.

Check out parity if you don't like metamask.

maybe, it could be strange, but i don't like metamask, cause, its haven't multi-factor authorization

Cryptonator is an all-in-one Bitcoin online wallet that supports various crypto currencies such as Bitcoin (BTC), Litecoin (LTC), Ethereum (ETH) and others. Enables quick and easy direct transactions and allows instant exchange between different crypto currencies in one personal account

Apparently Metamask gives a lot of security. But you're right. I bought TREZOR and www.myetherwallet.com I use only small transactions. I keep everything on offline wallet.

Thers are so many choice for you about wallet online for Bitcoin, Such as: Bitcoin Knots, Bitcoin Core, Green address, Amori Bither,....

After buying BTC or ETH, then how to keep safe, avoid the scams of hackers are always stalking to steal your money. Use an electronic wallet to store your money safely. Use a convenient and convenient online wallet.

You may to using it for buying or selling cryptocoins, invest them to ICO, playing on gambling sites, use them for payments in signature camps and etc..

Why do you want use online wallet? This is not safety.
I don't think that this is good for big amount.. risk.

There is no device without defects. Unfortunately, everything can go bad. We would not buy anything with this track. It's about minimizing risk and not looking for the ideal.
If they weren't serious, they wouldn't have bothered releasing any updates for that or the other vulnerabilities that were fixed... or for providing the bug bounties to encourage people to try and "break" their device.

Saying they "dismissed the claim" is not quite true... They weren't claiming that the vulnerability didn't exist, what they were arguing was that the vulnerability was not an "end of the world" scenario... and it required some very specific things for an attacker to pull it all off. The guy who disclosed the vulnerability wasn't happy with the way Ledger were handling the situation and went quite public about it all.

After reading the technical documents, I'd have to side with Ledger on this one. Granted the exploit was very clever... but it did require physical access to the device... and would be completely eliminated if the device was updated with a new firmware.

Additionally, there were claims made that this vulnerability could allow an attacker to "extract the seed/private keys"... which was in my opinion quite sensationalistic and pretty much false. Sure, the attacker could know what the seed generated by the exploit was going to be and then use that to generate private keys... but that was because the attacker would already what the seed generated by the exploit would be! After all, they put it there

There was still no way to install the exploit and then extract an existing seed/keys from a device.


If they weren't serious, they wouldn't have bothered releasing any updates for that or the other vulnerabilities that were fixed... or for providing the bug bounties to encourage people to try and "break" their device.

The truth is that everything will be safer than online wallet. I do not have an offline comp. TREZOR must be enough for me. Tomorrow, I should have him in place.

I'm not sure if I've said it on this thread but yes I do agree with your point. However, the main point is, are they going to downplay the severity of the attack and say that Ledger is still safe to use? Even if none of the coins were stolen, it doesn't mean that the device wasn't secure at some point and the proof of concept doesn't work.

I personally wouldn't purchase anything from a company that advertises their product as having "robust safety features" while not being serious about the security of the wallet.

Each hardware wallet needs mechanical confirmation (pressing buttons).
If it didn't have one it wouldn't be a second factor authentication at all.
Trezor and Ledger do not differ much in this point.

Currently you can condider both (ledger and trezor) wallets as secured. It is personal preference which one wants to choose.

I still stand by generating private keys on a offline computer running a live cd/usb version of Linux. But, hardware wallets have proven to be enough for the general user when they need to access the funds regularly. Although, this doesn't mean you shouldn't keep things tight when it comes to security.

I agree but it is definitely safer than wallets online or the application. Trezor has the big advantage of confirming the trolls by clicking the mechanical button.

I can recommend our online wallet https://octobit.io
11 cryptocurrencies,  minimal fees and works from any device

The Nano s from ledger does not have any bugs.
The previously found 'vulnerabilities' did not lead to any theft.
Each software has bugs. It is just a question wether they have been found yet.

If you think trezor is 100% secure i have to disappoint you. You can't have 100% security. 
The goal should be to minimize the risk as much as possible through appropriate measurements and common sense.

i didnt know but i cant do anything right now
search on this forum for electrum its very useful software and better than any software and web wallets

Should not be too complicated to setup and use, as the seed for the wallet will be safely generated on the trezor screen.

However like said before, every software and code has bugs so this is not only a ledger wallet problem.

Ok, I will not actually risk ta advice and I ordered TREZOR. I understand that it is not complicated to use? I will not risk for LEDGER. The price is the same and it has bugs.

Yeah,online wallets are not meant for storing our crypto currencies,if you do then you are risking the valuable assets.Never ever store more than 0.01BTC in any online wallets because it is easily hackable,if you have 2 factor authentication then you can save your funds from a hacker but still it is not safe as storing them in a hardware wallets or desktop wallet.

Online wallet is not a good option to keep your crypto funds but if you really need a solution currently blockchain.info is nearly the best solution. You can keep your private keys so in any case, you can transfer your addresses to another wallet. Any other solutions which doesn't give you the private keys is not secure! Definitely stay away from these kind of wallets / services...

Many online wallets have for bitcoin. Coinbase,Blockchain are some of them. You can register these wallets and collect bitcoins.

Yeah in terms of being hacked it's almost always the users fault for poor security practice rather than the software being at fault. Unless, it's their fault because their database got hacked then you can't really complain. Although, they would likely be responsible if they a hack did occur.

I personally would not. I was just making a point that the source is open source (however the server software is not) so if you get "hacked", you cannot blame some provider which you agreed to use, and accepted their ToS. You should not blame other people for your mistakes.

Also he said that Coinbase is safe, and right after saying that he got hacked on blockchain.info, which i find to be rather ironic.

I would never advise using a wallet that is so called " Web wallet".

Why would you use blockchain.info locally though? There's better options out there. Blockchain isn't a very well coded wallet and what often happens is people send the wrong fees because of their automatic system which estimates the fees to send. Of course, it can be double checked by the user, but unfortunately with an automated system like that people just assume it's correct.

3 BTC is a lot of money. Why did not you protect yourself? I wrote down this topic to ask for security. I actually used Electrum for a small transaction. A nice application, but definitely not 100% sure.

They were just being careless. Being hacked is your fault, as the wallet source is open and can be readed from here: https://github.com/blockchain

It's your own responsibility to make sure that your computer is safe enough. It's not blockchain's fault if people are careless.

I know it sounds harsh, but it's the truth.

Edit: if you have 2FA and a secure password, you won't get "hacked" if done safely. The problems here are the fact that you have generated keys on windows OS, and are using a browser based wallet.

I only see a few benefits of online wallets such as blockchain.info, but I see a lot more downsides. It's probably the least secure way of storing Bitcoin. Yet I would estimate the majority of users actually use it for storing large amounts, because it doesn't require an investment like hardware wallets and is easily and quickly set up.

It is your fault yes, because you did not take good enough care of your security. It's like leaving your wallet on the mall, and then blaming the mall that your wallet got stolen.

Blockchain is alot safer if done right than coinbase because you have the private key, which is i find your reply quite ironic and trashy.
[/quote]
i was hacked twice, for second time i choose new pc new email and new windows but unfortunately i get hacked again
im not agree with you, its not just me check here please:

https://bitcoin.stackexchange.com/questions/10312/lost-my-btc-or-theyve-been-stolen

https://bitcointalksearch.org/topic/stolen-bitcoin-from-blockcain-wallet-1368687

https://bitcointalksearch.org/topic/004-bitcoin-stolen-from-blockchaininfo-wallet-2445658

https://bitcointalksearch.org/topic/about-20-bitcoins-stolen-from-my-blockchaininfo-wallet-5btc-reward-303726

I've seen a lot of things about blockchain.info wallet, good and bad, I want to add something:

blockchain.info users are periodicly targeted by quite some phishing. Imho it's something important to think about (for this and other online wallets too). Newbies may think that such wallets are perfect for them. Then a click on the wrong mail and poof, the money's gone. And blockchain.info cannot do anything about it (it's not their fault and you also agreed with their ToS telling that they cannot be held responsible for basically anything).

So, people, give a better thinking on where you leave your money. If the official wallet is to heavy for your taste, there's always Electrum, Mycelium and others. Try to avoid web wallets...

No it is not, unless combined with hardware wallet or metamask. It's more of an interface nowadays for people rather than a wallet.

Coinbase is nowhere near safe, as a centralized party has the private keys instead of you. Of course it might be safer for people who have no idea of technology.


It is your fault yes, because you did not take good enough care of your security. It's like leaving your wallet on the mall, and then blaming the mall that your wallet got stolen.

Blockchain is alot safer if done right than coinbase because you have the private key, which is i find your reply quite ironic and trashy.

my etherwallet is best etherium wallet for now
coinbase is safe bitcoin wallet but i suggest to use electrum wallet for your coins
in past year i used blockchain.info wallet and i lost 3 btc there, after i contact to support they said it was not our fault, i think there where hackers for this online wallet

this is a list of web wallets, but i suggest electrum
https://bitcoin.org/en/wallets/web/

Shapeshift.io is pretty safe [1] and they have been around for a long time. You can purchase Ledger using BTC from their official store.



[1] https://bitcointalksearch.org/topic/shapeshiftio-instant-coin-exchange-no-account-needed-717973

shapeshift.io is it safe? I do not know this page. I do not need a verification for such a small exchange. It is not necessary. I will order Trezor because you can pay in BTC. Ledger does not have such an option, right?

It's possible for bugs to exist everywhere. However, for a product like Ledger, security should be their top priority. With the recent case, a researcher has disclosed the vulnerability to them responsibly. The vulnerability is serious in the sense that the device could be compromised and tampered if any entity wants to do it or if the seller wants to. They dismissed the claim and gave everyone a false impression that a device that has been proven to be insecure is still secure.

No. However the ledger wallet was made after trezor, so it has not been developed for such a long time. Every software has exploits and bugs, so this is not only a matter of ledger. It is just a matter of time when someone finds them, even bitcointalk forum has some exploits that have not been found yet for sure. You cannot make anything bulletproof, as there is a weakness in every program and even every human being on this planet.

It is just a matter of finding the exploits before someone with bad intentions does.


If you mean for ordering something with it, sure, i don't see why not.


Look from Coinmarketcap as you can see pretty much every exchange from there. I'd personally go for GDAX, or Bittrex but afaik both need  ID verification. Bittrex had closed signups for new customers i think.

If you want to exchange without a hastle, go for Shapeshift. Most exchanges charge alot more transactions fees than shapeshift does. This is the best option for exchanges of small amounts.

So Ledger is underdeveloped? The price is actually the same, adding the shipping cost. Someone pay for the trezor using Bitcoin? I need to exchange ETH for BTC only to pay for the wallet. Electrum is enough for one transaction? Which exchange has the best ETH conversion rate for BTC?

If you're looking for a long term investment, go ahead.
Don't put your wallet in a place that is hard to reach if you're gonna spend it daily.

Most online wallet has 2FA as their standard security, enable them.
Besides that there's not much of a difference, there will be a slight difference in Mining Fees, but that's it.
Scan your PC for any Malware, enable 2FA, and don't click suspicious links are the only thing you need to do.
Although I would recommend to get Desktop or Hardware wallet for more security

Gentlemen, and there are other alternatives? I wonder in which direction this will go? Maybe it is worth to be interested in something new? Now we have such times that every protection can become unfortunately not enough.

Or maybe the other way round? Key and address on a piece of paper hidden in the soil? ;-

Why online wallet,you can buy an hardware wallet if you want complete protection or just download a desktop wallet like electrum which is completely safe and secure to store bitcoins in long term.If you still looking for online wallet then blockchain.info wallet is the best online wallet in my knowledge.

Don't get me wrong, I'm definitely not recommending Blockchain.info to anyone.

I'm just saying that Blockchain.info is probably still a better choice over keeping money on Coinbase or any other exchange. Much like I'd prefer getting beaten to death with sticks over stoning. Then again stones don't have splinters.



Of course. However in terms of keeping your private keys safe on an online device, both are equally fit -- or unfit -- to do so.

Granted, this has more to do with online devices being generally unsafe than with Electrum's or Bitcoin Core's code quality and design philosophy.



Excellent point. In general I'd still argue that your average grandma's windows laptop has more malware on it than your average grandma's smartphone, but this does indeed only hold true until the next major OS vulnerability has been found.


TL;DR: Just get a Trezor or Ledger.



Ledger's list is longer, but here's the list of coins supported by Trezor:
https://doc.satoshilabs.com/trezor-faq/overview.html#which-coins-are-currently-supported

The problem here is that a lot of vendors don't publish proper updates.
Researchers have found out that many vendors didn't patch the firmware. Software/firmware has been updated but in reality a lot of vital patches were missing.


Source: https://www.wired.com/story/android-phones-hide-missed-security-updates-from-you/

Unless you have the sole ownership of your private keys and the choice to follow whichever version of the web client you want to use, an online wallet is just about as safe as a shared wallet. Recommending blockchain.info to anyone is just outright a terrible opinion. Their security is notorious for being compromised all the time and they are incompetent in running a wallet or a block explorer.

That's in the perfect scenario. Electrum does not verify all of the blocks fully as with all SPV clients so you have to trust the server that you're connected to to check the validity of the blocks to the network rules. Bitcoin Core does also have the same feature as Bitcoin Core, just with the lack of UI. If you can follow instructions, Bitcoin Core can do the same as Electrum, arguably more.

If you're holding a significant amount of crypto, get a hardware wallet such as a Trezor or Ledger. It's worth the peace of mind if you have a few bucks to spare. Make sure to buy them directly from the vendor and not some third party reseller.

Otherwise, go with Electrum. If you happen to have some old PC or laptop around, wipe it, give it a fresh OS install and use it to hold your wallet. Only use it for transactions. That's not as secure as a hardware or paper wallet, but still safer than using your everyday computer.

I would avoid online wallets where possible. If you absolutely insist on using an online wallet, choose Blockchain.info over Coinbase. If I recall correctly with Blockchain.info you at least have control over your private keys, which is not the case with Coinbase.

Either way, don't forget to back up your wallet.



When used with an internet connected device, Electrum and Bitcoin Core are about equally secure (or rather: insecure), so the amount doesn't really matter. You can use Electrum as an offline wallet on an airgapped device though, so if set up correctly Electrum can be vastly more secure than Bitcoin Core.



To add to that: Up-to-date non-rooted Android and iOS devices are supposedly less prone to malware than Windows or MacOS. So a mobile wallet might be an option as well, but a mobile phone is tentatively easier to steal or lose than a desktop PC or laptop.

It's a wallet. Addresses are generated and transactions are signed on Trezor. The only thing that gets transferred out should be your signed transactions. The reason why it has to be connected to another device that is connected to the internet is because Trezor has to get the information on the UTXO of your addresses using the internet.

Yes. You can purchase Ledger using BTC. I would be wary with Ledger given their reluctance to admit that the security vulnerability was potentially quite serious.

Trezor is just a secure wallet, as you need the trezor physically to make transactions out of it (assuming that you store the backup seed in a safe place so no one cam see it). I recommend ledger however over Trezor, because it supports alot more cryptos while trezor only supports BTC as far as i know.

If you have the money, then a hardware wallet is a worthy investment to make sure that your funds won't get stolen by a 3rd party.

This basically depends on the amount of coins you want to store and the grade of security you want to reach.

The best option would be to use a hardware wallet (for regular spending) or a paper wallet (if you are holding for years, without accessing them).
If you don't want to spend money (or if the amount you hold is not worth it to get a hardware wallet), i would suggest to use a desktop wallet (e.g. electrum with a good password).
I personally would not use a online wallet. Only if you really need to access it from different locations without bringing 'devices' with yourself.

I want to buy TREZOR but this is security and not a wallet, right? I want to buy for BTC. In this case, I need a portlet to exchange ETH for BTC. Ledger I can buy for BTC?

In that case if you do not want to invest anything, then generating and bitcoin paper wallet with This tool is the recommended way to go. However you will need to have an airgapped computer while generating it for your own security. It means being completely offline, booting your computer of a GNU/Linux Live CD/DVD. The recommended method would also be to download this while on a Live CD/DVD as windows systems have loads of malware which might infect the zip if such malware is on your computer.

If you have alot of crypto, and can spend around 100$ for your security, then go for the Ledger Nano S. It is easy to use and supports many cryptos.

The paper wallet method is way easier to fail than the hardware wallet method.

I do not recommend using hot wallets for storage of coins, and never would advise for online wallet as you don't have the full control over your coins.

If neither of these options are good for you, then storing small amounts on Electrum should be alright, and bigger amounts on Bitcoin Core

And lastly, storing coins on a windows OS or OSx is generally bad idea because of all the possible malware that might try to steal your coins.

I want to bring my ETH to BTC.

What do you recommend in this situation?

Metamask is not an "Online wallet" as it is open source, and you are personally holding the private keys instead of some centralized party. It is generally as safe as your OS is (as for any other wallet). The private keys never get exposed to MEW, as the transactions are signed and broadcasted by Metamask.

If you are looking to store huge amounts of crypto, something like Ledger Nano S is the recommended method of storing value, as hardware wallets are on whole another level of security compared to software wallets.

Which crypto do you need the wallet software for?

Online wallets shouldn't be regarded as safe. Neither should they be used for 'larger' amounts.

But if you insist on using an online wallet, coinbase and blockchain.info seem to be the most commonly used.
Blockchain.info claims that they never gain access to your private keys. The wallet file is being encrypted locally and uploaded to the blockchain.info server.

But keep in mind that the whole security consists of 1) the security of your password and 2) the security of the server.

So far, I keep everything in ETH. The BTC exchange time is coming. Which wallet to choose online? What is the safest? Please help me:).

I now use www.myetherwallet.com + MetaMask.