How do you encrypt/backup your wallet

[BTCisthefuture]

What options do you use to backup your wallet data and encrypt it.

I was looking into using trucrypt to encrypt the file and then store it in the could  but would like to hear about other methods, options as well.

[bonecoin]

Multibit has built in wallet encryption using bip38 from the file menu. This is the obvious choice. Any secure not cloud based encryption program like truecrypt will work fine. Ease of use is an issue and cold storage should be considered using armory.

[empoweoqwj]

What options do you use to backup your wallet data and encrypt it.

I was looking into using trucrypt to encrypt the file and then store it in the could  but would like to hear about other methods, options as well.

Backup and encryption are really different topics.

[BTCisthefuture]

What options do you use to backup your wallet data and encrypt it.

I was looking into using trucrypt to encrypt the file and then store it in the could  but would like to hear about other methods, options as well.

Backup and encryption are really different topics.

ok let me clarify.  I have a copy of my wallet data file , I'd like to encrypt though so if anyone ever found it wouldn't be of use for them.  So basically, what apps/services do you guys use to encrypt files. Or are there any cloud storage services that do encrption when you upload a file.

[bitrider]

boxcryptor works great.. and even lastpass (secure notes) will work fine for this.

[BTCisthefuture]

boxcryptor works great.. and even lastpass (secure notes) will work fine for this.

thanks! checking out boxcryptor now

[Morbo]

Truecrypt is for encrypting whole filesystems I think.

For encrypting single files, I am using gpg.

[cdog]

Bitcoin-qt has encryption built in. Just goto "Settings" and make sure you use at least 15 characters (numbers and symbols help strength a lot).

Make sure you use a phrase you wont ever, EVER forget.

Once the wallet is encrypted, your coins are completely safe. Even if someone gets their hands on it, its useless to them.

Make sure you back it up, copies on flash drives stored in physically distinct locations are best, but if its encrypted very well, you could put it in an email or cloud storage, so it cant ever be lost.

[BTCisthefuture]

Bitcoin-qt has encryption built in. Just goto "Settings" and make sure you use at least 15 characters (numbers and symbols help strength a lot).

Make sure you use a phrase you wont ever, EVER forget.

Once the wallet is encrypted, your coins are completely safe. Even if someone gets their hands on it, its useless to them.

Make sure you back it up, copies on flash drives stored in physically distinct locations are best, but if its encrypted very well, you could put it in an email or cloud storage, so it cant ever be lost.

Correct me if I'm wrong, but that only means you have a password to use it. If someone obtains that key through malware or other means then it's no longer safe.  Am I missing something ?

[GodHatesFigs]

Could someone clarify this for me: I've encrypted my wallet using BitcoinQT's built in feature. The password has ~150bits of entropy - can I safely store my encrypted wallet.dat in the cloud?

[empoweoqwj]

What options do you use to backup your wallet data and encrypt it.

I was looking into using trucrypt to encrypt the file and then store it in the could  but would like to hear about other methods, options as well.

Backup and encryption are really different topics.

ok let me clarify.  I have a copy of my wallet data file , I'd like to encrypt though so if anyone ever found it wouldn't be of use for them.  So basically, what apps/services do you guys use to encrypt files. Or are there any cloud storage services that do encrption when you upload a file.

I use electrum. encryption is built-in. You don't need anything external, just have to remember your passcode

[bitpop]

Could someone clarify this for me: I've encrypted my wallet using BitcoinQT's built in feature. The password has ~150bits of entropy - can I safely store my encrypted wallet.dat in the cloud?

I would add a simple zip encryption too and call it pictures.

[empoweoqwj]

Could someone clarify this for me: I've encrypted my wallet using BitcoinQT's built in feature. The password has ~150bits of entropy - can I safely store my encrypted wallet.dat in the cloud?

I would add a simple zip encryption too and call it pictures.

Renaming the file from wallet.dat for bitcoin-qt users is certainly a good idea. The wallet file has a different name with electrum anyway

[Morbo]

Could someone clarify this for me: I've encrypted my wallet using BitcoinQT's built in feature. The password has ~150bits of entropy - can I safely store my encrypted wallet.dat in the cloud?

I would add a simple zip encryption too and call it pictures.

Archive encryptions used to be exceptionally weak and vulnerable in the past and zip encryption was particularly weak IIRC. Did anything change in that regard?

[Peter882]

Could someone clarify this for me: I've encrypted my wallet using BitcoinQT's built in feature. The password has ~150bits of entropy - can I safely store my encrypted wallet.dat in the cloud?

I would add a simple zip encryption too and call it pictures.

Archive encryptions used to be exceptionally weak and vulnerable in the past and zip encryption was particularly weak IIRC. Did anything change in that regard?

I personally use 7zip, which employs AES-256 encryption.
It should be strong enough when the password is long, right?

Not sure about other archive software though.

[bitpop]

Yes aes zips are great. Plus it's just extra.

[BookLover]

+1 for 7zip

[bitpop]

Winrar

[empoweoqwj]

Could someone clarify this for me: I've encrypted my wallet using BitcoinQT's built in feature. The password has ~150bits of entropy - can I safely store my encrypted wallet.dat in the cloud?

I would add a simple zip encryption too and call it pictures.

Archive encryptions used to be exceptionally weak and vulnerable in the past and zip encryption was particularly weak IIRC. Did anything change in that regard?

I personally use 7zip, which employs AES-256 encryption.
It should be strong enough when the password is long, right?

Not sure about other archive software though.

Yep, good as extra precaution. Just as long as you remember your password

[BTCisthefuture]

Could someone clarify this for me: I've encrypted my wallet using BitcoinQT's built in feature. The password has ~150bits of entropy - can I safely store my encrypted wallet.dat in the cloud?

I would add a simple zip encryption too and call it pictures.

Archive encryptions used to be exceptionally weak and vulnerable in the past and zip encryption was particularly weak IIRC. Did anything change in that regard?

I personally use 7zip, which employs AES-256 encryption.
It should be strong enough when the password is long, right?

Not sure about other archive software though.

Yep, good as extra precaution. Just as long as you remember your password

Maybe it's overkill and just creates an unneeded extra step on my part but I'm going to make an archive with 7zip and then use boxcyptor on top that. Also it's stored on my google drive which requires 2 factor authentication through my phone on top of that password. Also the file name is changed to something that won't stand out so even if someone did get access to all the different passwords and my phone they still might have a hard time ever knowing to grab that file.

[Abdussamad]

Could someone clarify this for me: I've encrypted my wallet using BitcoinQT's built in feature. The password has ~150bits of entropy - can I safely store my encrypted wallet.dat in the cloud?

I would add a simple zip encryption too and call it pictures.

Archive encryptions used to be exceptionally weak and vulnerable in the past and zip encryption was particularly weak IIRC. Did anything change in that regard?

I personally use 7zip, which employs AES-256 encryption.
It should be strong enough when the password is long, right?

Not sure about other archive software though.

Yep, good as extra precaution. Just as long as you remember your password

Maybe it's overkill and just creates an unneeded extra step on my part but I'm going to make an archive with 7zip and then use boxcyptor on top that. Also it's stored on my google drive which requires 2 factor authentication through my phone on top of that password. Also the file name is changed to something that won't stand out so even if someone did get access to all the different passwords and my phone they still might have a hard time ever knowing to grab that file.

All of this crap will only make it harder to a) make backups and b) restore from backups and c) recover backups should you ever forget your passwords. In the end you'll be dissuaded from making regular backups and you'll loose coins, so keep it simple. Use the built in encryption in bitcoin-qt and store your backups offline on removable media like USB drives. Sticking it online is asking for trouble.

Also remember to make new backups once every 100 transactions or you'll loose coins. Alternatively you could switch to electrum and only need to make one backup at the start.

[Light]

All of this crap will only make it harder to a) make backups and b) restore from backups and c) recover backups should you ever forget your passwords. In the end you'll be dissuaded from making regular backups and you'll loose coins, so keep it simple. Use the built in encryption in bitcoin-qt and store your backups offline on removable media like USB drives. Sticking it online is asking for trouble.

Also remember to make new backups once every 100 transactions or you'll loose coins. Alternatively you could switch to electrum and only need to make one backup at the start.

Provided he uses a long password (20+) with numbers, different cases and symbols he should be fine with uploading it, as unless his pass is guessed or hit by a dictionary attack he should be fine with uploading it to an online storage site. Plus it means that if he has a fire or somehow loses all his USBs he can always download a copy of his wallet.

[Abdussamad]

All of this crap will only make it harder to a) make backups and b) restore from backups and c) recover backups should you ever forget your passwords. In the end you'll be dissuaded from making regular backups and you'll loose coins, so keep it simple. Use the built in encryption in bitcoin-qt and store your backups offline on removable media like USB drives. Sticking it online is asking for trouble.

Also remember to make new backups once every 100 transactions or you'll loose coins. Alternatively you could switch to electrum and only need to make one backup at the start.

Provided he uses a long password (20+) with numbers, different cases and symbols he should be fine with uploading it, as unless his pass is guessed or hit by a dictionary attack he should be fine with uploading it to an online storage site. Plus it means that if he has a fire or somehow loses all his USBs he can always download a copy of his wallet.

Let's see to crack the wallet you need a copy of the encrypted wallet + the password

1. Offline backups mean to get the copy of the encrypted wallet you need to physically visit his residence/office and grab the backup disks.

2. Online backups mean you need to access his cloud account. You can take your sweet time doing this remotely. Phishing attacks would work in this scenario.

So IMO 1. is much better.

edit: To secure your wallet in your online storage you have to keep a strong password for you wallet file, your storage account *and* your email account because otherwise a thief could use the forgotten password link to get access to your storage account. To secure your offline backup you only need the password for your wallet file and the key to your safe deposit box/storage box whatever where you are keeping your backup media.

[empoweoqwj]

Could someone clarify this for me: I've encrypted my wallet using BitcoinQT's built in feature. The password has ~150bits of entropy - can I safely store my encrypted wallet.dat in the cloud?

I would add a simple zip encryption too and call it pictures.

Archive encryptions used to be exceptionally weak and vulnerable in the past and zip encryption was particularly weak IIRC. Did anything change in that regard?

I personally use 7zip, which employs AES-256 encryption.
It should be strong enough when the password is long, right?

Not sure about other archive software though.

Yep, good as extra precaution. Just as long as you remember your password

Maybe it's overkill and just creates an unneeded extra step on my part but I'm going to make an archive with 7zip and then use boxcyptor on top that. Also it's stored on my google drive which requires 2 factor authentication through my phone on top of that password. Also the file name is changed to something that won't stand out so even if someone did get access to all the different passwords and my phone they still might have a hard time ever knowing to grab that file.

The tricky part is not inventing an amazingly layered protection scheme .... the tricky part is passing the wealth onto your loved ones should the worse come to the worse. We all need to think about that aspect as well. None of us is going to be here for ever unfortunately.

[Light]

Let's see to crack the wallet you need a copy of the encrypted wallet + the password

1. Offline backups mean to get the copy of the encrypted wallet you need to physically visit his residence/office and grab the backup disks.

2. Online backups mean you need to access his cloud account. You can take your sweet time doing this remotely. Phishing attacks would work in this scenario.

So IMO 1. is much better.

edit: To secure your wallet in your online storage you have to keep a strong password for you wallet file, your storage account *and* your email account because otherwise a thief could use the forgotten password link to get access to your storage account. To secure your offline backup you only need the password for your wallet file and the key to your safe deposit box/storage box whatever where you are keeping your backup media.

The problem with 1. is that if you don't store you physical USB (or w/e storage device) somewhere other than your home, if you home burns down or if you lose the backup then your kind of screwed if you do need to rely on your backup. With 2. the only way you actually lose your wallet is if you give out your password (provided it's a proper secure password - not something stupid like 1234) in which case if your dumb enough to give people your password then you deserve to lose your money. It's like if your dumb enough to give people all your bank details don't be surprised if people just empty out your account.

[empoweoqwj]

Let's see to crack the wallet you need a copy of the encrypted wallet + the password

1. Offline backups mean to get the copy of the encrypted wallet you need to physically visit his residence/office and grab the backup disks.

2. Online backups mean you need to access his cloud account. You can take your sweet time doing this remotely. Phishing attacks would work in this scenario.

So IMO 1. is much better.

edit: To secure your wallet in your online storage you have to keep a strong password for you wallet file, your storage account *and* your email account because otherwise a thief could use the forgotten password link to get access to your storage account. To secure your offline backup you only need the password for your wallet file and the key to your safe deposit box/storage box whatever where you are keeping your backup media.

The problem with 1. is that if you don't store you physical USB (or w/e storage device) somewhere other than your home, if you home burns down or if you lose the backup then your kind of screwed if you do need to rely on your backup. With 2. the only way you actually lose your wallet is if you give out your password (provided it's a proper secure password - not something stupid like 1234) in which case if your dumb enough to give people your password then you deserve to lose your money. It's like if your dumb enough to give people all your bank details don't be surprised if people just empty out your account.

1. Create a super-strong encryption password, stick it in bank or with lawyer.
2. Back-up your wallet online, and tell your loved ones (a) how to access it, and (b) who has the password

No scheme is perfect, but that's reasonable.