How do you store your passwords?

[puck2]

Your strategy concerns me. I think you are in danger of obfuscating your password from yourself via an overly complex system. You need ONE strong password and effective file isolation, but changing file types etc its asking for trouble 6 months from now.

[Siegfried]

I am considering the following method:


1. memorable phrase

[i'll suck cock for bitcoin]

2. SHA-256 hash of memorable phrase

[904cc478b74282c130faaac1c205f19fa618e353a3e98c2a12b96192307b8825]

3. First 6 characters of hash output, dot, significant date

[904cc4.20140115]

4. SHA-256 hash again

[70ce70b2a9e41f3b16f817ed5d604a388db995ae5d85da77e54ccd0f012e827c]

5. That hash output, dot, significant person

[70ce70b2a9e41f3b16f817ed5d604a388db995ae5d85da77e54ccd0f012e827c.andreasantonop]

6. Hash again for final password

[f3e03c29384847dbbb88ec6d3b9420edee46159c2c4452b84f032057884f0e17]



Relatively simple to remember, impossible(?) to crack by brute force, and no need to write it down. What do you think?

[miaviator]

I am considering the following method:


1. memorable phrase

[i'll suck cock for bitcoin]

2. SHA-256 hash of memorable phrase

[904cc478b74282c130faaac1c205f19fa618e353a3e98c2a12b96192307b8825]

3. First 6 characters of hash output, dot, significant date

[904cc4.20140115]

4. SHA-256 hash again

[70ce70b2a9e41f3b16f817ed5d604a388db995ae5d85da77e54ccd0f012e827c]

5. That hash output, dot, significant person

[70ce70b2a9e41f3b16f817ed5d604a388db995ae5d85da77e54ccd0f012e827c.andreasantonop]

6. Hash again for final password

[f3e03c29384847dbbb88ec6d3b9420edee46159c2c4452b84f032057884f0e17]



Relatively simple to remember, impossible(?) to crack by brute force, and no need to write it down. What do you think?

You must not have as many passwords as I do.

Also WTF.

[EvilPanda]

Your strategy concerns me. I think you are in danger of obfuscating your password from yourself via an overly complex system. You need ONE strong password and effective file isolation, but changing file types etc its asking for trouble 6 months from now.

+1
Some of you guys are realy doing do much. As somebody said before 99% of btc theft happens through malware or online wallets. If you just keep your wallet ofline and your password on some kind of external drive you're 100% safe. If you want to increase the security don't store the password just hints (for instance dog+gf+drink). Even if you somehow lose the drive, its founder won't have your addresses so he can't use it.
Why would someone encrypt the password 3 times or use file renaming and hide it among common files if he has to use it for transactions anyway and that's when it usually leaks.

[guybrushthreepwood]

Your strategy concerns me. I think you are in danger of obfuscating your password from yourself via an overly complex system. You need ONE strong password and effective file isolation, but changing file types etc its asking for trouble 6 months from now.

+1
Some of you guys are realy doing do much. As somebody said before 99% of btc theft happens through malware or online wallets. If you just keep your wallet ofline and your password on some kind of external drive you're 100% safe. If you want to increase the security don't store the password just hints (for instance dog+gf+drink). Even if you somehow lose the drive, its founder won't have your addresses so he can't use it.
Why would someone encrypt the password 3 times or use file renaming and hide it among common files if he has to use it for transactions anyway and that's when it usually leaks.

I agree for the most part but I don't think you can say you're 100% safe. I wouldn't even keep it on a usb. Just make sure you don't forget it or store it somewhere else that isn't obvious. Using dog+gf+drink your friends and family will know this, and I'm sure somebody could find out this info if they were smart enough.

So what's your favourite drink? .

[EvilPanda]

Your strategy concerns me. I think you are in danger of obfuscating your password from yourself via an overly complex system. You need ONE strong password and effective file isolation, but changing file types etc its asking for trouble 6 months from now.

+1
Some of you guys are realy doing do much. As somebody said before 99% of btc theft happens through malware or online wallets. If you just keep your wallet ofline and your password on some kind of external drive you're 100% safe. If you want to increase the security don't store the password just hints (for instance dog+gf+drink). Even if you somehow lose the drive, its founder won't have your addresses so he can't use it.
Why would someone encrypt the password 3 times or use file renaming and hide it among common files if he has to use it for transactions anyway and that's when it usually leaks.

I agree for the most part but I don't think you can say you're 100% safe. I wouldn't even keep it on a usb. Just make sure you don't forget it or store it somewhere else that isn't obvious. Using dog+gf+drink your friends and family will know this, and I'm sure somebody could find out this info if they were smart enough.

So what's your favourite drink? .

If you can't trust your closest family you're probably screwed anyway. I bet they could find other ways to rob you than just trying to break into your bitcoin wallet. Dog+gf+drink was just an example you can make it much longer and more difficult, including a date that was important for you or your gf's bra size
And my favourite drink is beer, no particular brand I like tasting different ones.

[guybrushthreepwood]

Your strategy concerns me. I think you are in danger of obfuscating your password from yourself via an overly complex system. You need ONE strong password and effective file isolation, but changing file types etc its asking for trouble 6 months from now.

+1
Some of you guys are realy doing do much. As somebody said before 99% of btc theft happens through malware or online wallets. If you just keep your wallet ofline and your password on some kind of external drive you're 100% safe. If you want to increase the security don't store the password just hints (for instance dog+gf+drink). Even if you somehow lose the drive, its founder won't have your addresses so he can't use it.
Why would someone encrypt the password 3 times or use file renaming and hide it among common files if he has to use it for transactions anyway and that's when it usually leaks.

I agree for the most part but I don't think you can say you're 100% safe. I wouldn't even keep it on a usb. Just make sure you don't forget it or store it somewhere else that isn't obvious. Using dog+gf+drink your friends and family will know this, and I'm sure somebody could find out this info if they were smart enough.

So what's your favourite drink? .

If you can't trust your closest family you're probably screwed anyway. I bet they could find other ways to rob you than just trying to break into your bitcoin wallet. Dog+gf+drink was just an example you can make it much longer and more difficult, including a date that was important for you or your gf's bra size
And my favourite drink is beer, no particular brand I like tasting different ones.

Well friends and family can become enemies pretty quick once there's large amounts of money involved. If that 10 BTC on your USB becomes worth $10 million  you might see a different side to people. Money can corrupt anyone ,even the most trustworthy and loyal of people. There's always friends of friends you have to worry about too. I reckon if one of them tells somebody else about you and how you struck it rich on Bitcoins and they're all on a usb stick and you have the password on another, then possible badtimes. But I think we're getting too deep into this now lol.