|
Sioux (OP)
|
 |
January 30, 2014, 08:57:22 PM |
|
is a safe password enough to not get hacked?
lets say you have an account on MTGOX with a password that contains big and small letters
extra keys and numbers and is over 20 caracters long
is there still a chance getting hacked?
(except phising,keyloggers)
|
|
|
|
|
Holliday
Legendary
 Offline
Activity: 1120
Merit: 1010
|
|
January 30, 2014, 09:00:32 PM |
|
is a safe password enough to not get hacked?
lets say you have an account on MTGOX with a password that contains big and small letters
extra keys and numbers and is over 20 caracters long
is there still a chance getting hacked?
(except phising,keyloggers)
If you aren't the sole controller of your private keys, you don't have any bitcoins. Do whatever is necessary to make sure you are the sole controller of your private keys. Offline wallets. Paper wallets. Cold storage. M of N wallets. Multisig addresses. There are many tools available. I like Armory myself. |
If you aren't the sole controller of your private keys, you don't have any bitcoins.
|
|
|
OnkelPaul
Legendary
Offline
Activity: 1039
Merit: 1004
|
|
January 30, 2014, 09:05:17 PM |
|
Never ever allow a trojan to be installed on the computer which is used to access your bitcoins. Otherwise your password security (and mail-based two-factor authentication) is just gone out the Windows. High password complexity does not help, most passwords (except for the really trivial stupid ones) aren't guessed but stolen.
The safest approach is to have a computer that is only being used for wallet stuff - no web browsing, no e-mail, no filesharing, if possible running a small and safe linux...
Onkel Paul
|
|
|
|
eddlow
Newbie
Offline
Activity: 52
Merit: 0
|
|
January 31, 2014, 01:24:00 AM |
|
If you use a separate computer for all the wallets (BTC, LTC, PPC, etc.) you can simply keep it offline, right? So you NEVER connect(ed) it to the internet. As long you send it to the right address, everything is fine I guess. Is that correct?
|
|
|
|
|
Soros Shorts
Donator
Legendary
Offline
Activity: 1617
Merit: 1012
|
|
January 31, 2014, 01:42:48 AM |
|
If you use a separate computer for all the wallets (BTC, LTC, PPC, etc.) you can simply keep it offline, right? So you NEVER connect(ed) it to the internet. As long you send it to the right address, everything is fine I guess. Is that correct?
A savings-only wallet can be offline/cold/paper and you can keep sending coins to it. A wallet that you regularly spend from needs to be online at the time you spend the coins. |
|
|
|
|
Holliday
Legendary
Offline
Activity: 1120
Merit: 1010
|
|
January 31, 2014, 01:53:43 AM |
|
If you use a separate computer for all the wallets (BTC, LTC, PPC, etc.) you can simply keep it offline, right? So you NEVER connect(ed) it to the internet. As long you send it to the right address, everything is fine I guess. Is that correct?
A savings-only wallet can be offline/cold/paper and you can keep sending coins to it. A wallet that you regularly spend from needs to be online at the time you spend the coins. That's not the case if you use Armory (a Bitcoin client). You can create an offline wallet which never needs to go online, yet you can still spend from it by creating transactions online (online computer with no private keys) and signing those transactions offline (offline computer which holds the private keys). |
If you aren't the sole controller of your private keys, you don't have any bitcoins.
|
|
|
Kouye
Sr. Member
Offline
Activity: 336
Merit: 250
Cuddling, censored, unicorn-shaped troll.
|
|
January 31, 2014, 02:03:06 AM |
|
is a safe password enough to not get hacked?
lets say you have an account on MTGOX with a password that contains big and small letters
extra keys and numbers and is over 20 caracters long
is there still a chance getting hacked?
(except phising,keyloggers)
phishing is quite easy to avoid by using certificate-patrol. keyloggers are quite easy to defeat by using keyscrambler. |
[OVER] RIDDLES 2nd edition --- this was claimed. Look out for 3rd edition! I won't ever ask for a loan nor offer any escrow service. If I do, please consider my account as hacked. |
|
|
Abdussamad
Legendary
Offline
Activity: 3612
Merit: 1564
|
|
January 31, 2014, 03:25:14 AM
Last edit: February 02, 2014, 04:01:52 PM by Abdussamad |
|
is a safe password enough to not get hacked?
lets say you have an account on MTGOX with a password that contains big and small letters
extra keys and numbers and is over 20 caracters long
is there still a chance getting hacked?
(except phising,keyloggers)
We are going to see more and more of this as time goes by. The number of noobs that are getting into bitcoin just keeps going up and up so we'll see more coins stolen. People don't like to hear that they are at fault, so the blame will fall on bitcoin and it will have a negative impact on bitcoin's reputation. But, yeah, rich pickings for thieves. Also opens up a door for those who can offer secure wallets. Unfortunately a lot of people have failed in that area so any newcomer will struggle to do it right. |
|
|
|
|
|
Gareth Nelson
|
|
January 31, 2014, 05:39:42 AM |
|
is a safe password enough to not get hacked?
lets say you have an account on MTGOX with a password that contains big and small letters
extra keys and numbers and is over 20 caracters long
is there still a chance getting hacked?
(except phising,keyloggers)
phishing is quite easy to avoid by using certificate-patrol. keyloggers are quite easy to defeat by using keyscrambler. Keyloggers come in 2 forms: Hardware - which no software can protect you against - this comes in the form of a device physically sitting between your keyboard and computer Software - depends on a lot of variables, but you should generally assume that if a malicious party has code running on your computer that it is completely compromised Phishing is easy to avoid with a few simple precautions in most cases To answer the more general point: proper information security is a hard problem, people make mistakes and private keys or exchange/wallet credentials leak to the bad guys |
|
|
|
|
|
sakkosekk
|
|
January 31, 2014, 09:22:14 AM |
|
is a safe password enough to not get hacked?
lets say you have an account on MTGOX with a password that contains big and small letters
extra keys and numbers and is over 20 caracters long
is there still a chance getting hacked?
(except phising,keyloggers)
We are going to see more and more of this as time goes by. The number of noobs that are getting into bitcoin just keeps going up and up so we'll see more coins stolen. People don't like to hear that they are at fault, so the blame will fall on bitcoin and it will have a negative impact on bitcoin's reputation. But, yeah, rick pickings for thieves. Also opens up a door for those who can offer secure wallets. Unfortunately a lot of people have failed in that area so any newcomer will struggle to do it right. I don't think most people are aware that they probably have had numerous Trojans on their computers. The Trojans are only discovered once something goes wrong (theft of accounts, data, money, etc). The general assumption is "I've never has a virus so why would I get one now?" I used to be like that, but not anymore. |
|
|
|
|
Lethn
Legendary
Offline
Activity: 1540
Merit: 1000
|
|
January 31, 2014, 09:26:11 AM |
|
They've been clicking on suspicious links and downloading weird shit and are trying to blame everything but themselves for the mistake.
|
|
|
|
|
iheartubuntu
Newbie
Offline
Activity: 44
Merit: 0
|
|
January 31, 2014, 06:36:22 PM |
|
IMO social engineering is probably the biggest risk of all. You can cover some of your bases by using a linux OS, a strong password, not telling people you have bitcoins, etc. But I think if you were going to get hacked, a lot of times its going to come from social engineering. Its the easiest way "in". If you are sloppy and careless you are going to get hacked (talking at parties while drinking,leaving things around your dorm,etc). Ive been to two bitcoin meetings recently... a conference and a meetup and after both times I had several attacks on my email accounts. people trying to figure out my passwords. I didnt divulge any personal info except handing out my business cards!
BOTTOM LINE = Loose lips sink ships!
|
|
|
|
|
|
atc1
|
|
February 01, 2014, 10:10:17 AM |
|
The chances of the exchange itself getting hacked is small,imo. Its the end user that is to blame for not keeping their systems clean,and obviously keeping sensitive information to yourself is paramount.
|
|
|
|
guybrushthreepwood
Legendary
Offline
Activity: 1232
Merit: 1195
|
|
February 01, 2014, 11:58:51 AM |
|
Is this the same hacked as people claim on facebook that their account got 'hacked'. It didn't get hacked, you got phished for being an idiot.
|
|
|
|
|
Bitcoin Is A Great Idea
Member
Offline
Activity: 65
Merit: 10
It is! :)
|
|
February 03, 2014, 12:36:53 AM |
|
is there still a chance getting hacked?
You don't own your Bitcoins. MtGox does. So you would first need to solve that  |
|
|
|
|
n00ber
|
|
February 03, 2014, 12:56:08 AM |
|
To be safe. Keep a separate computer for bitcoin purposes only. With fresh os installation with bitcoin and antivirus only is installed. Do not install anything on this computer. Do not use this to browse the web other than very trusted website. Do not install java and flash and other plugins. Alt coins can be installed on vps.
|
|
|
|
|
