Bitcoin Forum

Bitcoin => Bitcoin Discussion => Topic started by: Klestin on June 19, 2011, 04:18:33 PM



Title: Simpler Security Plan
Post by: Klestin on June 19, 2011, 04:18:33 PM
For those looking for a relatively easy method of securing your long-term bitcoin savings, without requiring a non-Windows install, here's what I do.  Feel free to pick it apart. 

One-time steps:
-----------------
- On a clean PC, install the bitcoin client and create one or more addresses via the "New..." button.  Email these addresses to yourself via GMail or similar.
- Close Bitcoin and encrypt the Wallet.dat file (for instance with 7-zip, entering a strong password)
- Make copies of this file (burn to CD, email to yourself via GMail or other online email, etc.)
- Destroy the wallet.dat file via secure erase (SDelete works well, http://technet.microsoft.com/en-us/sysinternals/bb897443 (http://technet.microsoft.com/en-us/sysinternals/bb897443))

Ongoing steps:
-----------------
- When your main bitcoin balance gets larger than you like, send the extra to one of the addresses you emailed to yourself.

Some notes:
-----------------
- What is a clean PC? Well ideally it's a fresh install of Windows 7 SP1, restarted in Safe Mode with Networking.
- There's no need to access the encrypted wallet file unless you either want to spend from it, or desire additional addresses.
- You really only need one address from the encrypted wallet of course, but I like to keep each payment separate for my own accounting.
- Be careful when you select your password! It should be strong (http://www.microsoft.com/security/online-privacy/passwords-create.aspx (http://www.microsoft.com/security/online-privacy/passwords-create.aspx)), memorable, and NEVER REUSED ELSEWHERE!  Recent database hacking successes should teach us all that reusing passwords is a Bad Idea.


Title: Re: Simpler Security Plan
Post by: EpicFail on June 19, 2011, 04:35:33 PM
Sounds like a good approach for a hoarder, but what about someone who frequently needs to spend BTC?


Title: Re: Simpler Security Plan
Post by: Klestin on June 19, 2011, 05:10:17 PM
Excellent point, this approach is really only effective for a long-term holder.  It doesn't have to be a hoarder though - as long as your spending rate is less than your mining/purchasing rate, you can use this approach.


Title: Re: Simpler Security Plan
Post by: bcearl on June 19, 2011, 07:33:00 PM
You should not trust secure delete for the same reason you should not trust GNU shred: Modern file systems don't write data in place.