Bitcoin Forum

I read on the wiki that it's a good idea to make a copy of your wallet.dat file and encrypt it somewhere. My question is why bother making a copy and encrypting it? If someone steals your wallet.dat then the copy is useless because you can only spend them once, correct? Is there a way to encrypt the entire system (aside from the virtual machine method I saw posted on this forum) so that the original wallet.dat can never be stolen?

sure.

run it persistently off a TrueCrypt encrypted volume on a thumbdrive.  you'll never let the Bitcoin client touch an unencrypted volume.

Your wallet consists of keys that let you sign transactions (i.e. spend bitcoins)...your actual bitcoin balance is stored in the block chain.  Making backups protects your ability to sign transactions.  If you open two instances of your wallet simultaneously, those two clients can become momentarily out of sync with each other and opens up a possibility of accidental double spends (though I think the spends would have to be almost simultaneous since the two clients should hear about each others' transactions within a few seconds).  So, it's not a good idea to have multiple instances of your client running concurrently (note: while you could accidentally create a double spend, the network would quickly recognize and discard one of the transactions).

You want to encrypt your wallet backups (use AES-256) just so that if a copy of your wallet fell into the wrong hands, it couldn't be used to create those spend transactions.  You want to keep those encrypted backups hosted somewhere such that if someone stole all the computers in your possession, you won't lose any of your bitcoins (as long as the wallets on those computers were encrypted).