Bitcoin-Qt Security

[The 4ner]

I recently installed the Bitcoin-Qt client on my Mac OS X Lion but know very little about how to secure it.
Can anyone tell me where I can find any video tutorials for securing my wallet?
I've read instructions online but I'm not very computer savvy so it was hard for me to understand it all.

[Dabs]

For starters, use a good password and encrypt the wallet file.

[The 4ner]

Thanks! You mean using the Encrypt option that the wallet app provides right?

Do you know if the Knox app developed by the same team that developed 1password is useful when storing files for safe keeping?

[Dabs]

Yes, the built in password encryption of bitcoin-qt uses AES, and can take passwords as long as you can remember. Someone tried a string of 100,000 (one hundred thousand characters) and it worked, and another password of 100,001 characters with the same first 100,000 not working. So it effectively has no limit and hashes the entire input string. I suggest using passwords at least 15 alphanumeric characters long, and no need to go higher than 100.

The usual password (or passphrase) practices apply: don't use your name, your mom, your dog, significant dates, etc. Use letters, numbers, even symbols and spaces. I personally stick to letters and numbers but long enough, like 20+, that are generated randomly, either by software or by dice rolls (coin flips work too, but too hard; go buy dice).


I don't know anything about 1password or Knox, sorry.

[simondlr]

Probably a bit of a noob question. If you encrypt using Bitcoin-QT, can it only be decrypted in Bitcoin-QT?

[Dabs]

jackjack's pywallet can decrypt the wallet.dat file. The specification for the encrypted private key is in open source code, so anyone can actually make software to read wallet.dat files.

The key is the password used. The encryption process is AES. It's basically resistant to all but brute force attacks.