|
Title: Simpler Security Plan Post by: Klestin on June 19, 2011, 04:18:33 PM For those looking for a relatively easy method of securing your long-term bitcoin savings, without requiring a non-Windows install, here's what I do. Feel free to pick it apart.
One-time steps: ----------------- - On a clean PC, install the bitcoin client and create one or more addresses via the "New..." button. Email these addresses to yourself via GMail or similar. - Close Bitcoin and encrypt the Wallet.dat file (for instance with 7-zip, entering a strong password) - Make copies of this file (burn to CD, email to yourself via GMail or other online email, etc.) - Destroy the wallet.dat file via secure erase (SDelete works well, http://technet.microsoft.com/en-us/sysinternals/bb897443 (http://technet.microsoft.com/en-us/sysinternals/bb897443)) Ongoing steps: ----------------- - When your main bitcoin balance gets larger than you like, send the extra to one of the addresses you emailed to yourself. Some notes: ----------------- - What is a clean PC? Well ideally it's a fresh install of Windows 7 SP1, restarted in Safe Mode with Networking. - There's no need to access the encrypted wallet file unless you either want to spend from it, or desire additional addresses. - You really only need one address from the encrypted wallet of course, but I like to keep each payment separate for my own accounting. - Be careful when you select your password! It should be strong (http://www.microsoft.com/security/online-privacy/passwords-create.aspx (http://www.microsoft.com/security/online-privacy/passwords-create.aspx)), memorable, and NEVER REUSED ELSEWHERE! Recent database hacking successes should teach us all that reusing passwords is a Bad Idea. Title: Re: Simpler Security Plan Post by: EpicFail on June 19, 2011, 04:35:33 PM Sounds like a good approach for a hoarder, but what about someone who frequently needs to spend BTC?
Title: Re: Simpler Security Plan Post by: Klestin on June 19, 2011, 05:10:17 PM Excellent point, this approach is really only effective for a long-term holder. It doesn't have to be a hoarder though - as long as your spending rate is less than your mining/purchasing rate, you can use this approach.
Title: Re: Simpler Security Plan Post by: bcearl on June 19, 2011, 07:33:00 PM You should not trust secure delete for the same reason you should not trust GNU shred: Modern file systems don't write data in place.
|