|
Title: How secure is Blockchain.info Post by: Seal on September 16, 2012, 01:58:46 PM I know this has been discussed in the official post but I wanted to ask in a separate thread for clarity.
Just how secure is blockchain.info with my private keys? From what I can gather, your info is all AES encrypted however its ultimately stored centrally on the blockchan.info server. This makes me feel a little uncomfortable. Whats stopping someone with access to the server performing some kind of man in the middle attack? Title: Re: How secure is Blockchain.info Post by: stepkrav on September 16, 2012, 02:04:20 PM If you feel uncomfortable, why don't you use you own wallets (cold storage, offline etc) and have blockchain's wallet only for temporary storage of btc?
Title: Re: How secure is Blockchain.info Post by: hazek on September 16, 2012, 02:04:42 PM Very secure, I'd venture to say it's as secure as an ewallet can possibly be.
Your wallet is stored encrypted, it's only decrypted on your computer and never leaves it in such a form, you can email yourself a backup copy with 1 click and you can use two factor authentication and a javascript verifier. Title: Re: How secure is Blockchain.info Post by: fivemileshigh on September 16, 2012, 03:26:43 PM you can use two factor authentication and a javascript verifier. Hey, what's this? thanks Title: Re: How secure is Blockchain.info Post by: hazek on September 16, 2012, 03:33:22 PM you can use two factor authentication and a javascript verifier. Hey, what's this? thanks https://blockchain.info/wallet/verifier Title: Re: How secure is Blockchain.info Post by: barbarousrelic on September 16, 2012, 03:59:49 PM Who runs blockchain.info ? Is he a poster here?
Title: Re: How secure is Blockchain.info Post by: zoinky on September 16, 2012, 05:01:25 PM Who runs blockchain.info ? Is he a poster here? https://bitcointalk.org/index.php?action=profile;u=17928Title: Re: How secure is Blockchain.info Post by: hazek on September 16, 2012, 05:26:37 PM Who runs blockchain.info ? Is he a poster here? https://bitcointalk.org/index.php?action=profile;u=17928Title: Re: How secure is Blockchain.info Post by: Gaff on September 16, 2012, 08:01:30 PM Your wallet is stored encrypted, it's only decrypted on your computer and never leaves it in such a form, you can email yourself a backup copy with 1 click and you can use two factor authentication and a javascript verifier. Actually I reckon the backup is a weak point. One of the biggest risks you face is the possibility of a key-logger on your machine. Two factor authentication protects you against this (as long as an attacker can't use social engineering to get it removed). However if they can get the backup encrypted with the same password they can effectively bypass the two factor authentication. A simple solution for this would be to encrypt the backups with a different (rarely typed in) password. I do hope blockchain.info offer this at some point. Title: Re: How secure is Blockchain.info Post by: hazek on September 16, 2012, 08:40:59 PM Does it really work that way? Is the backup only encrypted by my password?
Title: Re: How secure is Blockchain.info Post by: Kupsi on September 16, 2012, 10:58:23 PM You can send the backup to a gmail account with two factor authentication enabled.
Title: Re: How secure is Blockchain.info Post by: hazek on September 16, 2012, 11:14:56 PM You can send the backup to a gmail account with two factor authentication enabled. Are gmail accounts encrypted so google can't see inside? Title: Re: How secure is Blockchain.info Post by: Kupsi on September 16, 2012, 11:36:11 PM You can send the backup to a gmail account with two factor authentication enabled. Are gmail accounts encrypted so google can't see inside? Title: Re: How secure is Blockchain.info Post by: Seal on September 17, 2012, 03:44:09 AM Very secure, I'd venture to say it's as secure as an ewallet can possibly be. Your wallet is stored encrypted, it's only decrypted on your computer and never leaves it in such a form, you can email yourself a backup copy with 1 click and you can use two factor authentication and a javascript verifier. How secure is the encryption on the wallets that are stored on blockchain.info's servers? Also, there is the ability to use a second password to protect your wallets, am I right in saying that this is the same type of encryption used in the Bitcoin-qt's password where you need it to send funds? Title: Re: How secure is Blockchain.info Post by: invisiblehand on December 04, 2013, 10:23:28 PM Also, there is the ability to use a second password to protect your wallets, am I right in saying that this is the same type of encryption used in the Bitcoin-qt's password where you need it to send funds? Yes there is the ability to put a second password for sending coinsHowever, on QT the password is the same as the one used to encrypt the wallet On blockchain it can be a different password, and it is entered using an on-screen keyboard to protect against keylogging |