Bitcoin Forum
May 04, 2024, 10:34:26 AM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
  Home Help Search Login Register More  
  Show Posts
Pages: [1]
1  Bitcoin / Bitcoin Technical Support / Re: What are your biggest challenges around security your crypto? on: April 11, 2019, 11:21:13 PM
Quote from: buwaytress on April 10, 2019, 01:47:25 PM

2. This for me is also the weak point, that most people use 2FA on a device, exposing them to at least the Password axis you mentioned. Myself I use a Google Authenticator for 2FA, as an extension only linked to 1 browser account. Browser and extension are uninstalled quickly after use. And means I could recover all my online accounts quickly from a new device with 2FA and change passwords. I expect this method opens me up to other vulnerabilities... anyone care to share?



Are you using an extension to get the 2FA code? That is not how it is meant to be used. 2 Factor means, it's the second way of proving it is you. THe first way is password. And if you use your 2FA this way, then it's really only 1 factor. The use of the 2fa seed in many places will increas the chance of it being stolen. You could just install a 2fa app on a phone not connected to the internet.
2  Bitcoin / Bitcoin Technical Support / Re: What are your biggest challenges around security your crypto? on: April 11, 2019, 11:11:38 PM
Quote from: o_e_l_e_o on April 09, 2019, 11:44:27 AM
Quote from: Pmalek on April 09, 2019, 08:26:05 AM
People relying on desktop and software wallets. Storing them in their computers and eventually losing access to them either due to hardware or software failures.
Not just software wallets, but also things like 2FA. Many people either don't have back ups for their 2FA, or back up to another electronic device (such as phone and laptop). As OP says, if both are stolen, you can lose access to all your trading accounts (and web wallets if you are silly enough to use them).


For 2FA, you have to have a strategy to securely store the backup of your 2FA as well cause you don't want that falling under the wrong hands either.
3  Bitcoin / Bitcoin Technical Support / Re: What are your biggest challenges around security your crypto? on: April 11, 2019, 09:31:37 PM
Quote from: thinkright on April 11, 2019, 09:14:00 PM
My biggest prpblem would be password manage. I mostly use one password for most of my operatiom and don't update it regularly. For my private key i preface to go the traditional way by writing and keeping it some where safe

This is a reasonable thought process. Also, you can use two password managers - one password - to store passwords that are not risky. Ie for regular accounts and such that will not cause you to lose lot of money. Using a file based offline password manager like Keepass to store sensitive passwords and keys.
4  Bitcoin / Bitcoin Technical Support / Re: What are your biggest challenges around security your crypto? on: April 11, 2019, 09:25:30 PM
Quote from: jerry0 on April 11, 2019, 12:20:34 AM

Does anyone know of any safe storage spaces for this?  I know people say never store your seed online.  But what if you store it in your computer but encrypt it with say axcrypt.  Then upload it to say dropbox or google drive.  So let say someone was able to hack your dropbox or google drive. 

They still need to Know your password for lastpass or keepass.


Now what if you encrypt lastpass or keepass as well?  Now they need to know the password for axcrypt and also lastpass or keepass.  A risk of this would be if you forget both passwords.

Thoughts on that?  Which of these seem to be the best?  I always thought having an online backup was good in case anything physically happened.


For sure. This sounds a reasonable way to go about it. Also, the security doesn't have to be one solution for everything. YOu can have higher level of security for larger amounts. And reasonable security for lower amount of assets.

You could increase the security of the above method by using a client side encrypted storage space  instead of dropbox or gdrive - ex: Sync.com or Spideroak
5  Bitcoin / Bitcoin Technical Support / Re: What are your biggest challenges around security your crypto? on: April 11, 2019, 09:07:27 PM
Quote from: Lucius on April 10, 2019, 09:25:18 AM
All the possible technologies that exist today to keep crypto safe is not worth anything if it is not used in the right way. Most agree that hardware wallets are safe way of keeping crypto, and for now it is shown that this is correct. But security of hardware wallet is worth nothing if user is not aware of importance to make backup of seed words, so in case device is broken or stolen coins are lost.

My opinion is that the biggest challenge is how to educate people to use the available technology in the right and safe way, which is crucial for security of their coins. When something bad happens, then it's too late.


This is exactly the problem I want to tackle and educate people on it. It's hard to find relevant guides to security in one place. There are some that offer just generic information but don't discuss the details of how to do it.
6  Bitcoin / Bitcoin Technical Support / What are your biggest challenges around securing your crypto? on: April 08, 2019, 07:53:01 PM
‘Use a strong password’ ‘Buy a hardware wallet’ are the most common security solutions to manage your crypto. But is that enough?

Are you overwhelmed with how to manage your crypto and be assured that they are secure?  
For instance:

 * Do you know of the 5 axis of attack areas you should be aware about - Browser, Network, Software, Email, Password
 * If both your phone and laptop were stolen tomorrow, are you prepared against loss of assets and for recovery?

I want to create educational material around easy solutions to managing and security crypto for fund managers/analysts/traders/developers.


What are some questions you need answered?
What are some common frustrations you have around this topic?
Or find out what are the right things to do is?
Pages: [1]
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!