Bitcoin Forum

Wow, I had no idea I knew so little about Bitcoin.
http://bitzuma.com/posts/five-ways-to-lose-money-with-bitcoin-change-addresses/

It's okay. 
I joined the bitcoin world in late 2013 like many others.
I started by buying some BTC using SL Lindens. Then I started using coinbase, and then multibit, paper wallets, blockchain.info etc.
In all these applications change addresses do not really apply since it is automated. I didn't learn about change addresses, and how spent/unspent inputs worked until later.

All of the examples in that article are really bad ones.

1 - this example talks about you not backing up your QT wallet file prior to your keypool being used up. This is something that people simply need to know to do. Although I personally do not like to use QT as a wallet as most of it's features cannot be used with it's GUI but rather it's command line interface. You should be generating a new address every time you are receiving a payment anyway, so once you receive 100 payments, then you would incur a similar issue.

2 - This is a non-issue. In this example you do not actually lose any funds. You are simply looking at the incorrect address(s) on a block explorer to monitor your "balance" (I use the term 'balance' in quotes because bitcoin addresses do not actually have balances, however the concept of having the sum of unspent outputs is probably too complex for the author of this article even though it briefly touches on it). You would be in full control of all of your private keys, even your change addresses at all times if you use armory/electrum as long as you, in one way or another have access to the seed.

3 - This is actually an example of very bad security practices, however we can ignore those. It also ignores the fact thatpaper wallets are generally less secure then encrypted wallets (https://bitcointalk.org/index.php?topic=1013586.0;all). Anyone who destroys a wallet file without first ensuring that you have a backup of all the private keys is just asking to lose access to their bitcoin. IMO it should be common sense to view any transaction on a major block explorer to confirm that the transaction was accepted by the network (especially with light clients), and anyone paying semi-close attention should notice that the output addresses are different then the input address (and that of your paper wallet).

4 - This does not actually result in the loss of any funds. Also someone who is using QT in this way is using it incorrectly. If you need to use a single wallet across multiple computers/devices then you should use some kind of deterministic wallet when each private key is calculated from the seed - or a web wallet like blockchain.info that is somewhat centralized (although this is not recommended)

5 - Multibit is really not the best program to import paper wallets into. I have also noticed that multibit tends to reuse the same change address, although I have not really looked into how it determines which change address to use. If change addresses are used properly then a new one should be used for each transaction, so since the paper wallet has been used in the past it should not be used again. Any wallet program is that allowing you to manually import private keys should give you the option (and recommendation) to "sweep" the inputs from any private key you import as opposed to actually importing them, even blockchain.info strongly recommends doing this.

Nice article, thanks for the inside ill make sure to remember this just in case.

Two simple concepts are all that are needed to prevent those problems:

• Back up up your wallet/seed.
• A Bitcoin address is not an account number. It is a one-time payment code.