Author

Topic: Wallet Security (Read 859 times)

legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
March 13, 2013, 08:18:53 PM
#4
If Osama Bin Laden used bitcoin, his entire house had no internet connection at all. He would have sent his courier to an internet cafe to do his bitcoin transactions every now and then.

Without a raid by helicopter, one of which crashed, the bitcoins would have been safe from theft.
legendary
Activity: 1512
Merit: 1049
Death to enemies!
March 13, 2013, 03:59:02 PM
#3
No matter how difficult is the password, the security breach of computer by trojan keylogger will capture everything that is written to computer.

Quote
What I did was to encrypt the wallet with an impossible to crack randomly generated password (example: r'WRVJ?G2/=Z/,f\ijAGZ#q$&0GvNB), then put it in a password protected RAR archive using another impossible to crack password and then put it on an external HDD that is connected to my PC (Online). That sounds secure enough, right?
The additional password to WinRAR archive is only useful to keep the public addresses secret in case of theft. Receiving addresses are not encrypted by wallet encryption. This might backfire if WinRAR archive format is changed without backward compatibility and You cannot decrypt archive anymore.

External HDD's are generally more unreliable than internal drives and having the wallet on external drive that is conected to computer and internet gives no additional security.
Quote
I believe the only way of someone stealing my coins is to infect my PC with a very smart trojan that can record me entering the password (which I don't plan on doing as I don't intend on spending the coins anytime soon) and stealing the wallet.dat file
Even most basic trojans come with keylogger, file browser, remote control and remote file upload and execution functionality. This is how most theft happen.

I will create offline wallet on another computer that have no network connection with Armory, print deterministic wallet backup and store it somewhere safe and hidden, create watching only wallet for use on internet connected computer and send most coins to offline wallet on the offline computer. And encrypt harddrive of that offline computer, with decryption password and header key backups written down somewhere safe.

Not so hard at all if You know how to use computers.
hero member
Activity: 812
Merit: 502
March 13, 2013, 12:20:24 PM
#2
Quote
Don't install a key logger on your computer?

Write down the password and hide it in a different physical location than the wallet.

Make a few wallet backups and store those in different physical locations.

I prefer offline wallets myself.


That sounds like too much effort  Shocked

What I did was to encrypt the wallet with an impossible to crack randomly generated password (example: r'WRVJ?G2/=Z/,f\ijAGZ#q$&0GvNB), then put it in a password protected RAR archive using another impossible to crack password and then put it on an external HDD that is connected to my PC (Online). That sounds secure enough, right?
But I strip 1 layer of security, because I keep my wallet on my PC (it is still encrypted).
My IT knowledge is above average, so I don't open random files regardless of their origin and treat everything that looks suspicious with extreme care.
I believe the only way of someone stealing my coins is to infect my PC with a very smart trojan that can record me entering the password (which I don't plan on doing as I don't intend on spending the coins anytime soon) and stealing the wallet.dat file.
hero member
Activity: 812
Merit: 502
March 13, 2013, 12:04:10 PM
#1
So I just encrypted my wallet and want to know if I should take any other precautionary steps, apart from making sure I don't lose it, lose the passwords and someone stealing it?

 
Jump to: