Bitcoin Security Guide (gpl)
This guide is to show you how to maintain a safe wallet with no more than a $3 usb stick or other media device. But do so at your own risk. When choosing a device I think you should choose one that you don't use in a camera or any other device so you don't mistakenly overwrite it.
Any hacker can easily find the path to your wallet.dat file. Click on your user directory where you can find folders for Documents, Pictures, Music, and other files that belong to you. Click on tools at the top then folder options and finally View. Click on show hidden files and folders. There are a couple of different ways to view hidden files and folders and it is generally a good idea to leave it on.
To find wallet.dat go to the user folder and click AppData which is a hidden folder. Then click Roaming folder and then the Bitcoin folder. In this folder is wallet.dat an readable text file that is your wallet on bitcoin.
Do not delete this wallet. But you can move it to your desktop, if you do, when you run the bitcoin client, a new wallet.dat will be created. If you buy some more coins with the new wallet you have a problem you now have 2 wallets with coins in them and I don't think you can combine them. However, you could take the address in the 1st wallet save it. And with the second wallet.dat send all the new coins to it. The balance on the 2nd wallet would be zero, wait for a few confirmations. Then when you put the old wallet back in the appropriate spot, it the new transaction should show up. you just combined wallets and the 2nd wallet can be deleted.
It should be noted the wallet.dat in the fixed location is an extremely easy item to steal with one line of code, if a sinister program is ever put on your desktop. Thus, even a weakly encrypted wallet will provide and order of magnitude of protection to your wallet.
So you have a wallet.dat on your desktop. It still is very unsafe and new scanners will probably search your whole drive for wallet.dat. You can zip it and name it something weird, that actually will provide another layer of protection and you can even zip a file with a password.
However, probably the best protection you can provide, is to put your wallet.dat on two usb drive. Doing so is uncrackable. If you choose to maintain an encrypted file on your desktop or gmail it to yourself you are always open to a hacker that can get this file and un-crack it.
On the usb drive you might name a top level directory pictures just to trick not only theives, but friends and family. Then I would make another directory for each wallet.dat. I would call this directory awallet40, where awallet might be the first wallet and the second wallet might be bwallet, the third cwallet. The number might contain the approximate number of bitcoins in it. If you like to reuse wallets. You might put another directory in say cwallet55 called 20110625. This would should the day you put this wallet in your directory. In this directory you would put wallet.dat, I would prefer unencrypted.
This may seem a little redundant and you could just throw wallet.dat on a usb drive and be fine. but, you have to be extremely careful you don't accidentally overwrite a wallet.dat and that you know what, where and when the wallet comes from.
As you collect more coins you might want to put coins on other usb drives and you might want to use usb drives in different shapes and manufacturers to visually tell them apart.
Hard drives and usb sticks can fail but generally last more than 5 years. Thus if you have one copy. Odds are that one will fail pretty often to someone creating a nice long-term deflation in BTC. Don't be that guy or gal, maintain backups, but not so many to confuse you.
You can also spread you coins around on different exchanges and mail boxes you at least have some coins around for emergencies. You never know those BTC on AOL might get you out of trouble on a vacation in South America.