LiteCoinGuy
Legendary
Offline
Activity: 1148
Merit: 1014
In Satoshi I Trust
|
|
August 10, 2015, 04:41:59 PM |
|
Probably it is way more secure and user friendly to use a service like Xapo than a brainwallet.
|
|
|
|
Muhammed Zakir
|
|
August 10, 2015, 04:54:10 PM |
|
Probably it is way more secure and user friendly to use a service like Xapo than a brainwallet.
If you use a strong passphrase for your brainwallet, then it is definitely better than Xapo. Well, if you are taking about Brainwallet.org, then still, I am firm with my words! I have used it many times! It may not be secure enough to use Brainwallet.org online though. Btw, Brainwallet.org and brainwallet are two different things. So please do specify correctly when you are talking!
|
|
|
|
VirosaGITS
Legendary
Offline
Activity: 1302
Merit: 1068
|
|
August 10, 2015, 05:09:20 PM |
|
If you are talking about Brainwallet.org, it is not a web wallet. It is a website of a bundle of tools which can also be used locally.
That's why i called it a web resource. It's a bit like using vanity gen. Even if the software is 100% legit, the address generated is inherently less secure than a completely random one. And the common mortal is not apt to judge whether what they are doing is safe or not. The second you use anything from a 3rd party, you're foregoing a certain level of security for whatever you are gaining. Is there a proof that the online tools were in fact as legit as the maybe legit bundle you were able to use offline? Well maybe, if it was really a scam, a lot more people would have lost BTC, but you can never really trust something 100%.
|
|
|
|
manselr
Legendary
Offline
Activity: 868
Merit: 1006
|
|
August 10, 2015, 05:24:25 PM |
|
Probably it is way more secure and user friendly to use a service like Xapo than a brainwallet.
If you use a strong passphrase for your brainwallet, then it is definitely better than Xapo. Well, if you are taking about Brainwallet.org, then still, I am firm with my words! I have used it many times! It may not be secure enough to use Brainwallet.org online though. Btw, Brainwallet.org and brainwallet are two different things. So please do specify correctly when you are talking! Well, I think Xapo is very legit. If they lost your coins, they wouldn't be able to get away with it, it's not some anonymous dude, the CEO etc it's all registered, if they screw you up they owe you the Bitcoins. I don't know the terms of wha would happen exactly tho.
|
|
|
|
LiteCoinGuy
Legendary
Offline
Activity: 1148
Merit: 1014
In Satoshi I Trust
|
|
August 10, 2015, 05:52:56 PM |
|
Probably it is way more secure and user friendly to use a service like Xapo than a brainwallet.
If you use a strong passphrase for your brainwallet, then it is definitely better than Xapo. Well, if you are taking about Brainwallet.org, then still, I am firm with my words! I have used it many times! It may not be secure enough to use Brainwallet.org online though. Btw, Brainwallet.org and brainwallet are two different things. So please do specify correctly when you are talking! Well, I think Xapo is very legit. If they lost your coins, they wouldn't be able to get away with it, it's not some anonymous dude, the CEO etc it's all registered, if they screw you up they owe you the Bitcoins. I don't know the terms of wha would happen exactly tho. and it is insured by well known insurance companies etc etc. i guess in the future most people have to use services like this. easy and secure. the average joe cant keep hunderds of dollars on his crappy pc or phone
|
|
|
|
spazzdla
Legendary
Offline
Activity: 1722
Merit: 1000
|
|
August 10, 2015, 06:53:28 PM |
|
It is far to unsafe to store any real wealth in for the average person.
I'm an average person. I've been using Bitcoin for over 4 years now. I've never lost a single coin. All it takes is some responsibility. I learned enough (common sense really) to realize that private keys were the "key" to security. After that, it's child's play. Create secure private keys offline, keep them offline, and your bitcoins will be quite secure. Learn a little bit about shamir's secret sharing and you will have an asset that is more secure than any traditional asset known to man. Data is easy to copy, so do it! There is reliable, open source software which will accomplish all your bitcoin security needs without any additional education (beyond the basics I just mentioned) for the user. So... I'll rephrase your post as follows: It is far too unsafe to store any real wealth in for the irresponsible, ignorant, unmotivated person. As it should be. You are not the average person one bit. The average person thinks password1234 is safe.
|
|
|
|
Brad Harrison
|
|
August 10, 2015, 07:00:41 PM |
|
OP sad to hear that man
|
|
|
|
BrianM
|
|
August 10, 2015, 07:05:20 PM |
|
I am the owner of this address 1JqL1fp2nfuoSKirnRLjqUbQpf7Pou7mXR here are proves I tautvilis am the owner of this address 1JqL1fp2nfuoSKirnRLjqUbQpf7Pou7mXR HNC22GYmWi19BFHQa7iH54WLIWGk4RqczGkkJM0BScfP5dtXepwU5hjHXdLClOHhq1f8Lpmsg95FCLrW9ANkOto= Recently someone stole 22BTC from that address.I am 100% I haven't downloaded any malware I haven't entered any suspicious sites I haven's used tor or did anything unusual.But what I did was I used brainwallet(only with that address luckily) I haven't suspected it but today when I wanted to use it I seen it is down and I want to know if someone else lost funds due to this.If you are a hacker and you are watching this please kindly return the coins to 1NcA77gqawRSsi9ara5omk2ajKS5bJLZM7 Did you really store 22 BTC at brianwallet? That is the same as walking around with a big sign "STEAL MY MONEY". Sorry for your loss. I am sure you eventually will recover. Keep the spirit up
|
|
|
|
jonald_fyookball
Legendary
Offline
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
|
|
August 10, 2015, 10:36:37 PM |
|
I am the owner of this address 1JqL1fp2nfuoSKirnRLjqUbQpf7Pou7mXR here are proves I tautvilis am the owner of this address 1JqL1fp2nfuoSKirnRLjqUbQpf7Pou7mXR HNC22GYmWi19BFHQa7iH54WLIWGk4RqczGkkJM0BScfP5dtXepwU5hjHXdLClOHhq1f8Lpmsg95FCLrW9ANkOto= Recently someone stole 22BTC from that address.I am 100% I haven't downloaded any malware I haven't entered any suspicious sites I haven's used tor or did anything unusual.But what I did was I used brainwallet(only with that address luckily) I haven't suspected it but today when I wanted to use it I seen it is down and I want to know if someone else lost funds due to this.If you are a hacker and you are watching this please kindly return the coins to 1NcA77gqawRSsi9ara5omk2ajKS5bJLZM7 Did you really store 22 BTC at brianwallet? That is the same as walking around with a big sign "STEAL MY MONEY". Sorry for your loss. I am sure you eventually will recover. Keep the spirit up Brian wallet . lol. guilty consciounce eh
|
|
|
|
luciann
|
|
August 11, 2015, 01:34:39 AM |
|
So basically this dude has a weak passphrase.
But my question is whats considered a viable passphrase then? Like 20 characters long? I mean the odds of having a same passphrase is slim but im assuming the hacker is using sometype of passphrase thats commonly used and runs it.
Sorry op, Id just use something else from now on and have a better strong passphrase I guess.
|
|
|
|
btcspry
Member
Offline
Activity: 132
Merit: 17
|
|
August 11, 2015, 01:39:12 AM |
|
So basically this dude has a weak passphrase.
But my question is whats considered a viable passphrase then? Like 20 characters long? I mean the odds of having a same passphrase is slim but im assuming the hacker is using sometype of passphrase thats commonly used and runs it.
Sorry op, Id just use something else from now on and have a better strong passphrase I guess.
No, Brainwallets are pretty much completely unsafe. Doesn't matter the password, they're just a bad way of storing bitcoin. Use a WarpWallet with a big passphrase or something that takes more effort to generate. The Brainflayer program really proves this.
|
|
|
|
jonald_fyookball
Legendary
Offline
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
|
|
August 11, 2015, 03:13:05 AM |
|
So basically this dude has a weak passphrase.
But my question is whats considered a viable passphrase then? Like 20 characters long? I mean the odds of having a same passphrase is slim but im assuming the hacker is using sometype of passphrase thats commonly used and runs it.
Sorry op, Id just use something else from now on and have a better strong passphrase I guess.
20 random characters is strong but that wouldn't be an easy to recall phrase. I don't know why people are so confused about this question of security. You need 128 bits (or greater) of entropy or randomness. that means 2^128. assuming 26 letters lowercase , 26 uppercase and ten digits, that's 62. so 20^62. much bigger so you're good. simple math with a calculator. why is this so difficult?
|
|
|
|
btcspry
Member
Offline
Activity: 132
Merit: 17
|
|
August 11, 2015, 04:08:54 AM |
|
I don't know why people are so confused about this question of security. You need 128 bits (or greater) of entropy or randomness. that means 2^128. assuming 26 letters lowercase , 26 uppercase and ten digits, that's 62. so 20^62. much bigger so you're good. simple math with a calculator. why is this so difficult?
People confuse 20 random characters with simply 20 characters. 20 characters, if they're common words, is not safe. That's a totally different discussion, and is not basic math.
|
|
|
|
malzahar
|
|
August 11, 2015, 04:41:10 AM |
|
I don't know why people are so confused about this question of security. You need 128 bits (or greater) of entropy or randomness. that means 2^128. assuming 26 letters lowercase , 26 uppercase and ten digits, that's 62. so 20^62. much bigger so you're good. simple math with a calculator. why is this so difficult?
People confuse 20 random characters with simply 20 characters. 20 characters, if they're common words, is not safe. That's a totally different discussion, and is not basic math. I wouldnt do 20 id wouldnt be able to remember it. I probably do a unique of 8 characters mix with 1 capital letter, and 1 # though thats similar to my ebay password login. Not the best idea, but I find that these situations are rare.
|
|
|
|
Xandrah
Sr. Member
Offline
Activity: 273
Merit: 260
Pool Owner
|
|
August 11, 2015, 11:09:46 AM |
|
I think people should stop using web/online wallets altogether,
|
|
|
|
spazzdla
Legendary
Offline
Activity: 1722
Merit: 1000
|
|
August 11, 2015, 12:45:18 PM |
|
I think people should stop using web/online wallets altogether,
They're great for a daily wallet. People need to stop storing mass amounts on them.
|
|
|
|
Muhammed Zakir
|
|
August 11, 2015, 01:00:42 PM |
|
If you are talking about Brainwallet.org, it is not a web wallet. It is a website of a bundle of tools which can also be used locally.
That's why i called it a web resource. It's a bit like using vanity gen. Even if the software is 100% legit, the address generated is inherently less secure than a completely random one. And the common mortal is not apt to judge whether what they are doing is safe or not. The second you use anything from a 3rd party, you're foregoing a certain level of security for whatever you are gaining. Is there a proof that the online tools were in fact as legit as the maybe legit bundle you were able to use offline? Well maybe, if it was really a scam, a lot more people would have lost BTC, but you can never really trust something 100%. Yes, you are right and what you said* is true for all wallets and tools including Bitcoin Core. * Except web resource. Well, I think Xapo is very legit. If they lost your coins, they wouldn't be able to get away with it, it's not some anonymous dude, the CEO etc it's all registered, if they screw you up they owe you the Bitcoins. I don't know the terms of wha would happen exactly tho.
Yeah! That' why, PBMining and Mt. Gox has repaid all customers! and it is insured by well known insurance companies etc etc. i guess in the future most people have to use services like this. easy and secure. the average joe cant keep hunderds of dollars on his crappy pc or phone Secure? How? I can't believe you are saying people to store Bitcoin in an online wallet which does not even give access to private keys instead of a PC or phone.
|
|
|
|
jonald_fyookball
Legendary
Offline
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
|
|
August 11, 2015, 05:23:30 PM |
|
I don't know why people are so confused about this question of security. You need 128 bits (or greater) of entropy or randomness. that means 2^128. assuming 26 letters lowercase , 26 uppercase and ten digits, that's 62. so 20^62. much bigger so you're good. simple math with a calculator. why is this so difficult?
People confuse 20 random characters with simply 20 characters. 20 characters, if they're common words, is not safe. That's a totally different discussion, and is not basic math. Its still not that complicated. This is like 8th grade probability stuff. Are people idiots? What's going on here?
|
|
|
|
tautvilis (OP)
|
|
August 11, 2015, 08:17:18 PM |
|
I was the fault of the system brainwallet.org, try to send a message to the email admin
I do not undertand what you mean?You mean you were responsible for something.And no people my passphrase was not weak imagine it was something like this uioeghyahyuiyhuiqreuiyhuwiytuighdgbsajkgfbjhbcvjhxvbjhxbvjhhgfuioedyrwiuyreiufhsdfgvjhksxbshdgfuioewyuiphfiusdhbkvjsbiuwrtg That is what I usually write when I try to generate my priv key.There is other possible way my private keys leaked.Can somebody very trusted who understands code inspect and compile my coders little tool, he used Qt5.1.1 / mingw.
|
|
|
|
|
|