Bitcoin Forum

Is it safe from hackers if I save private keys in a pdf or txt file and store it in a USB flash driver. This USB flash driver will never touch a computer which is internet connected since then?

Yes. But when you connect the pen drive in a PC connected to the internet, the risk will be the same as storing them in your HD drive. The best option would be to disconnect from the internet when you want to import your private key and sign a transaction.

Yes that's right, the risk is always there as long as you have an internet connection, you connect your flash drive on a computer full of private key stealer viruses with internet, expect your coins will be lost. if you still prefer to use flash drive then don't you ever connect it to the computer with internet access, use an old computer then isolate it on the internet just connect your flash drive there and your safe for signing the transaction.

Safe when it is not connected to a computer. However, flash drives can get corrupted, so it is better to have at least 2 flash disks.

For added security it is smart to NOT name your file, super_secret_keys.pdf or private_keys.pdf or Bitcoins.pdf or something like that.
But rather name it something that a hacker wouldn't be interested in reading. Examples: "Libreoffice.3.1_manual.pdf" or "Introduction to discrete Maths.pdf". Fo r fun the beginning of the document could actually be just that. Maths or something fun.  ;D
And do not ever mention words like "private key", or "bitcoin" inside the document because those kind of words can be automatically searched from files on the disk...

You could also make the pdf password protected.

Also good to have lots of files on those USB:s to mix things up a little.  ;D

Is this too paranoid?

 

Not paranoid but also not that efficient. The easy fix would be to just don't connect the flash drive in a online computer that may be infected. But if you still want to do that for any reason, it's easier if you just encrypt your file with a password instead of storing your private keys in a plain text file.

Even better, use a bootable Linux based image to manage your wallet in a air-gapped device. I'm using BitKey[1].

[1] https://bitkey.io/

As soon as the flash drive is indirectly connected with the internet, there's always a small chance that a hacker can hack into your files. Therefore it's recommended to keep it offline and atleast keep another for the sake of backing up your private keys. Or you can just write your keys down on a piece of paper and store it in a safe of some sort. This way you're 100% certain it won't be accessed by hackers.

An extra layer of security might be helpful, you can ZIP the file and put a password on the ZIP file.  Also, if you only have the key on a flash drive you have a single point of failure.  Consider multiple drives or some other format.  More drives means more exposure, I know, but redundancy needs to be considered.  I am considering storing my keys on various flash drives and memory cards, splitting them up and burying them in secure vaults.  If you wind up burying anything make sure you dig below the frost line.  I'm thinking PVC pipes with both ends capped and epoxied.

If you would do this then better to disconnect internet connections specially when you are transferring those keys on flash drive but risk is always there specially when you tend to plug those flashdrive again on a PC which they would really have potentially the access on those one but yet would really depend on how secure your connection and how your pc is infected.Even writing it on a piece of paper would already do.

It's pretty safe, but as long as an internet connection is involved somewhere along the line, it's not perfect

Yeah its safe when its not connected to the internet, but be careful because a flash drive is prone to a lot of virus when you key in to the other computer. For me, just make a back up on a disk but its look like so weird stuff, too much. . .

I'm going to say no, very bad idea.

But if you think otherwise, please get a USB flash drive that has a physical read/write switch, so you can switch it to read only and prevent the thing being accidentally erased.

It might be safe from Hackers, but not safe from this :

In the event that a USB Flash drive is not destroyed through environmental factors or internal component failure, the device will still eventually go bad if it is written to and read from enough times. However, USB Flash Drives are typically good for over the one hundred thousand-rated read and write life expectancy.

https://www.storagecraft.com/blog/data-storage-lifespan/

You should also hope that it is not infected with some kind of BadUSB virus or malware. This infection targets the firmware.

This depends on quite a few factors. If you do everything right then yes, it will be safe.
The first critical point would be to create your private key without it being exposed to any malware reading out RAM, etc..
After that you have to copy your priv key to the flash drive (on a pc without internet connection). You should clean RAM and Hard Drive afterwards
("Deleting" files does not really delete them.. it "releases" the memory for new stuff which can be written.

At this point your private keys are safe on your USB. When you are going to spend/move some coins you have to use an offline computer again.
And you should make sure this PC does not have any kind of malware.
There is kind a lof of stuff to consider when storing private keys unencrypted on a flash drive.
I would recommend a HW wallet.. those arent too expensive.