I agree, which is what I'm trying to get madmadmax to understand.
Meaning that anyone who has access to your server now has access to the user's password, and all their bitcoins. That doesn't sound secure, and doesn't sound like a good idea. The way
https://bclockchain.info/wallet handles it is far more secure (and faster).
I agree. All that in addition to the serious lack of security.
That will take too much time, I can't speak for 0.8.0 cause i have yet to play with it but anything lower than this will not be able to do. You have to rescan when you switch the wallet.dat, and that takes awhile.
No I am just talking about protecting the wallet.dat file. Honestly this not really good way to do it. But to create a new address, you would have to decrypt the wallet.dat with the password from the person and you would probably have to encrypt the bitcoin.conf so you can use JSON RPC API to create the new address. It is so many working parts that would take a long time, while keeping the connection to the user alive so they can get the address as soon as it is create.
You guys are hopeless, nevermind that I discarded the initial approach on the first page I have explained how the system works time and time again, the users password is hashed+salted with bcrypt and sent through an RSA-2048 secured connection to the server. Impossible to sabotage unless direct access to the main server is gained and maintained while users try to connect to their account (as the hashes aren't stored on the machine), thus every account is in cold storage until he is needed.
If somehow hackers gain a momental access to all the wallets on the server and obtain a copy, most of the users could be sent messages through sms asking them to change the password before the hackers would bruteforce a single one.
I am wondering what is the best method to encrypt individual accounts within a wallet...