lalaisen
Newbie
Offline
Activity: 57
Merit: 0
|
|
March 30, 2015, 07:31:03 AM |
|
The wallet.dat of bitcoin core is already encrypted with a strong algorithm. If you use a decent password you are safe to put your wallet.dat on a cloud service like dropbox. A decent password should be 15 characters or longer, containing uppercase, lowercase, digits and special characters. Don't use anything written in a book or which can be found in an internet resource. Even if you change a few characters in such phrase, it will not be safe enough.
Please help me for answering this question ! What is the difference from "encrypted wallet.dat" and "encrypted wallet-qt clients" Sincere thanks !
|
|
|
|
coinpr0n
|
|
March 30, 2015, 07:39:54 AM |
|
If would be safe it is encrypted first. With strong encryption it doesn't matter so much as long as the private keys aren't compromised.
|
|
|
|
CryptKeeper
Legendary
Offline
Activity: 2044
Merit: 1055
|
|
March 30, 2015, 09:34:56 AM |
|
The wallet.dat of bitcoin core is already encrypted with a strong algorithm. If you use a decent password you are safe to put your wallet.dat on a cloud service like dropbox. A decent password should be 15 characters or longer, containing uppercase, lowercase, digits and special characters. Don't use anything written in a book or which can be found in an internet resource. Even if you change a few characters in such phrase, it will not be safe enough.
So you are saying if I encrypt my wallet from Bitcoin Core I do not need to PGP encrypt the backup file? That makes it convenient because I did indeed encrypt my bitcoin wallet from bitcoin core. Exactly. For your interest: http://bitcoin.stackexchange.com/questions/19975/how-secure-is-an-encrypted-walletPlease consider that you are vulnerable from the moment you connect your PC to the internet. If you trust the bitcoin-qt encryption, it doesn't matter where your wallet.dat file resides. Your PC can be hacked as easily as your cloud space provider. For optimum security you should consider offline solutions like paper wallets or offline signing like trezor (or other hardware wallets).
|
Follow me on twitter! I'm a private Bitcoin and altcoin hodler. Giving away crypto for free on my Twitter feed!
|
|
|
randy8777
Legendary
Offline
Activity: 896
Merit: 1000
|
|
March 30, 2015, 09:49:06 AM |
|
As long as the PGP private key is kept in a safe place storing your private keys in the cloud (while PGP encrypted) should be safe. Although if you are going to be securing something with your PGP key then you might as well backup your private keys in the same place that you keep your PGP key (ideally on an offline computer). If you are going to need a backup of your private keys, then you would probably need a backup of your PGP key as well so securing it this way is somewhat of a catch 22 - although you could encrypt it with a passphraise, although this is less secure
In practice it makes a difference where you might store your PGP key vs. your wallet.dat because the PGP key is static but the wallet.dat keeps changing and backups need to be made periodically. For example, you can store a cold (unencrypted) copy of your PGP key in a safety deposit box and use a very strong passphrase to encrypt the active copy without having to worry too much about forgetting the passphrase because you could always run to the bank in the event that you do forget. However, it probably is not convenient to run to your safety deposit box every night with your updated wallet.dat each time your private keys change. can you explain how a wallet.dat gets outdated? isn't it automatically checking the blockchain to display your final balance?
|
|
|
|
Soros Shorts
Donator
Legendary
Offline
Activity: 1617
Merit: 1012
|
|
March 30, 2015, 11:30:38 AM Last edit: March 30, 2015, 11:43:44 AM by Soros Shorts |
|
What do you mean you need to make frequent backups of your wallet.dat? Wont one suffice?
Well, using the standard client, when you make a new receiving address or when the wallet makes a new automatic change address you'd want to save that. I think the standard wallet keeps a pool of 100 reserve addresses by default ( https://en.bitcoin.it/wiki/Key_pool) that gets saved as part of the backup, so you only need to do backups when you are about to use up the pool. In the past, many people lost BTC when they restored a wallet from an old backup that did not contain newer receiving addresses that were created after the backup was made. Of course if you don't use your wallet or your only use is for coins to keep coming in to the same address(es) then you don't need to keep making backups.
|
|
|
|
bitmarket.io (OP)
Legendary
Offline
Activity: 1204
Merit: 1001
|
|
March 30, 2015, 12:52:06 PM |
|
What do you mean you need to make frequent backups of your wallet.dat? Wont one suffice?
Well, using the standard client, when you make a new receiving address or when the wallet makes a new automatic change address you'd want to save that. I think the standard wallet keeps a pool of 100 reserve addresses by default ( https://en.bitcoin.it/wiki/Key_pool) that gets saved as part of the backup, so you only need to do backups when you are about to use up the pool. In the past, many people lost BTC when they restored a wallet from an old backup that did not contain newer receiving addresses that were created after the backup was made. Of course if you don't use your wallet or your only use is for coins to keep coming in to the same address(es) then you don't need to keep making backups. Good info. Also I have a laptop and desktop. Is it possible to have Bitcoin-qt synced between the two machines so I can send and receive BTC from both machines using the same wallet and BTC funds? Does this question make sense?
|
|
|
|
Abdussamad
Legendary
Offline
Activity: 3710
Merit: 1586
|
|
March 30, 2015, 03:10:36 PM |
|
What do you mean you need to make frequent backups of your wallet.dat? Wont one suffice?
Well, using the standard client, when you make a new receiving address or when the wallet makes a new automatic change address you'd want to save that. I think the standard wallet keeps a pool of 100 reserve addresses by default ( https://en.bitcoin.it/wiki/Key_pool) that gets saved as part of the backup, so you only need to do backups when you are about to use up the pool. In the past, many people lost BTC when they restored a wallet from an old backup that did not contain newer receiving addresses that were created after the backup was made. Of course if you don't use your wallet or your only use is for coins to keep coming in to the same address(es) then you don't need to keep making backups. Good info. Also I have a laptop and desktop. Is it possible to have Bitcoin-qt synced between the two machines so I can send and receive BTC from both machines using the same wallet and BTC funds? Does this question make sense? bitcoin-qt generates random keys so your two wallet copies will diverge at some point. You should use a deterministic wallet like electrum if you want a wallet that remains consistent on multiple devices. Encrypting a wallet with gpg does have advantages because an attacker would need the gpg private key to decrypt it. As long as you don't make the mistake of also uploading the gpg private key to your cloud backups you benefit from an additional layer of security.
|
|
|
|
LiteCoinGuy
Legendary
Offline
Activity: 1148
Merit: 1014
In Satoshi I Trust
|
|
March 30, 2015, 03:13:54 PM |
|
dont use this method for your life savings dude
|
|
|
|
Kazimir
Legendary
Offline
Activity: 1176
Merit: 1011
|
|
March 30, 2015, 03:33:22 PM |
|
Rule of thumb: never use anything with a single point of failure.
For example, storing your wallet online, either in a cloud service or web wallet or FTP server or whatever: service may go down, they may accidentally wipe your data, they may get hacked, government may confiscate their servers, etc.
Storing it on your PC or USB: it may crash, get stolen, get destroyed if your house burns down, dog may eat it, etc.
Personally, I have stored the majority of my bitcoins (well, the seed of my HD wallet actually) in encrypted form on several places: on paper, on USB stick, and online (on my webserver, and I emailed it to myself). The encryption password is something that I can surely remember, but that nobody will ever be able to guess or brute force.
In case I die prematurely, I also wrote down part of the password somewhere between my physical belongings, so that if I happen to die, my family will find it (but a burglar that takes it couldn't do anything useful with it, even if he knew what is was). The rest of the password will be emailed automatically to them.
|
|
|
|
loan4
Newbie
Offline
Activity: 42
Merit: 0
|
|
March 30, 2015, 03:57:31 PM |
|
what do you think of storing your wallet backup in the cloud? like a storage service. like google drive / drop box / iCloud drive / etc...?
of course there is the USB stick and paper option too...
also how do you load a backup into bitcoin-qt?
I think that nothing is absolutely safe, but if you dont know wherever to store it . That's one of your best choice
|
|
|
|
stevenh512
|
|
March 31, 2015, 12:34:09 AM |
|
Yeah, I use this method. I first PGP encrypt the wallet backup, then zip it, and finally attach it to a message on Gmail or some other mail service. Pretty convenient.
Compress it first, the ciphertext PGP/GPG produces will resemble a stream of random bytes and won't compress much (if at all). PGP/GPG also internally does some compression (using zlib, I believe, so basically zip or gzip compression) but you might be able to compress it further by using 7zip and encrypting the resulting .7z file. This way your wallet is compressed as small as possible and you have up to three layers of protection (wallet passphrase, 7zip passphrase and PGP key/passphrase) along with an optional PGP signature so you can prove the file wasn't tampered with. Of course this is all overkill assuming you have a strong passphrase on your wallet.dat, but it's nice to know that if someone hacked your dropbox or gmail account it might take them a few billion years to get through the multiple layers of encryption and access your wallet.
|
This signature intentionally left blank.
|
|
|
pedrog
Legendary
Offline
Activity: 2786
Merit: 1031
|
|
March 31, 2015, 02:03:25 AM |
|
You should use SpiderOak, it has a 'zero knowledge' privacy system, read more at: https://spideroak.com/zero-knowledge/I can send you a referral link, you'll get an extra GB for free.
|
|
|
|
notlist3d
Legendary
Offline
Activity: 1456
Merit: 1000
|
|
March 31, 2015, 06:36:30 AM |
|
I personally would not store it on the cloud. I am a usb guy myself.
If you do upload it make sure it's encrypted.
|
|
|
|
defcon23
Legendary
Offline
Activity: 1120
Merit: 1002
|
|
March 31, 2015, 07:29:31 AM |
|
what do you think of storing your wallet backup in the cloud? like a storage service. like google drive / drop box / iCloud drive / etc...?
of course there is the USB stick and paper option too...
also how do you load a backup into bitcoin-qt?
definitely : NO. dont trust any cloud service to store sensitives datas.
|
|
|
|
Kazimir
Legendary
Offline
Activity: 1176
Merit: 1011
|
|
March 31, 2015, 08:21:54 AM |
|
what do you think of storing your wallet backup in the cloud? like a storage service. like google drive / drop box / iCloud drive / etc...?
of course there is the USB stick and paper option too...
also how do you load a backup into bitcoin-qt?
definitely : NO. dont trust any cloud service to store sensitives datas. As long as you encrypt it before uploading, it doesn't matter. You could even backup the data by publicly posting it on facebook and twitter for all you care. Encrypted means nobody can read it, no matter how or where you store it.
|
|
|
|
vankoovo
Newbie
Offline
Activity: 51
Merit: 0
|
|
March 31, 2015, 01:44:02 PM |
|
Store in cloud storage service is great but just remember that nothing is absolutely safe
|
|
|
|
Amph
Legendary
Offline
Activity: 3248
Merit: 1070
|
|
March 31, 2015, 03:13:40 PM |
|
better not, i find more secure my smartphone with windows installed than a cloud service
best solution is to keep a small amount on your desktop(this will tell you if your machine is safe, better than any antivirus) and store the rest on a classic usb/paper/general cold storage
|
|
|
|
notlist3d
Legendary
Offline
Activity: 1456
Merit: 1000
|
|
March 31, 2015, 03:36:03 PM |
|
what do you think of storing your wallet backup in the cloud? like a storage service. like google drive / drop box / iCloud drive / etc...?
of course there is the USB stick and paper option too...
also how do you load a backup into bitcoin-qt?
definitely : NO. dont trust any cloud service to store sensitives datas. As long as you encrypt it before uploading, it doesn't matter. You could even backup the data by publicly posting it on facebook and twitter for all you care. Encrypted means nobody can read it, no matter how or where you store it. I think the problem is someone getting lazy and uploading a wallet that is not encrypted. With all the "bad people" in the world I just don't trust cloud storage for important items.
|
|
|
|
vankoovo
Newbie
Offline
Activity: 51
Merit: 0
|
|
April 01, 2015, 02:57:00 AM |
|
Yes, that's good but just remember that : Nothing is absolutely safe.
|
|
|
|
toytoboy
Newbie
Offline
Activity: 14
Merit: 0
|
|
April 01, 2015, 04:18:39 AM |
|
You can do that. but just remember: Nothing is safe absolutely.
|
|
|
|
|