Bitcoin Forum
October 20, 2018, 12:14:15 PM *
News: Make sure you are not using versions of Bitcoin Core other than 0.17.0 [Torrent], 0.16.3, 0.15.2, or 0.14.3. More info.
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 3 »  All
  Print  
Author Topic: Security issues relating to Private Keys storage  (Read 185 times)
quesi_job
Copper Member
Jr. Member
*
Offline Offline

Activity: 98
Merit: 1


View Profile
July 03, 2018, 07:40:27 PM
#1

To my hypothesis, there are a lot of crypto enthusiasts who are fond of keeping their private keys, Keystore / JSON File, seed words, mnemonic phrases etc to their wallet on cloud storage platforms like google drive and the several others. From my little research and experience, I personally think to keep these sensitive data isn't the best due to its nature of proneness to unauthorized accesses.

I'm positive there are individuals in this forum with profound knowledge regarding this topic. We would be grateful if you share with us your experience, tips, advice and most importantly, secured ways and means we can manage our private keys.

Thank You!
1540037655
Hero Member
*
Offline Offline

Posts: 1540037655

View Profile Personal Message (Offline)

Ignore
1540037655
Reply with quote  #2

1540037655
Report to moderator
1540037655
Hero Member
*
Offline Offline

Posts: 1540037655

View Profile Personal Message (Offline)

Ignore
1540037655
Reply with quote  #2

1540037655
Report to moderator
1540037655
Hero Member
*
Offline Offline

Posts: 1540037655

View Profile Personal Message (Offline)

Ignore
1540037655
Reply with quote  #2

1540037655
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1540037655
Hero Member
*
Offline Offline

Posts: 1540037655

View Profile Personal Message (Offline)

Ignore
1540037655
Reply with quote  #2

1540037655
Report to moderator
1540037655
Hero Member
*
Offline Offline

Posts: 1540037655

View Profile Personal Message (Offline)

Ignore
1540037655
Reply with quote  #2

1540037655
Report to moderator
serjent05
Legendary
*
Offline Offline

Activity: 1092
Merit: 1004



View Profile
July 03, 2018, 09:28:50 PM
#2

Well everything is hackable. There is no promise guaranteed 100% safe whichever wallet you have but  some choose their valued cryptocurrencies stored in a cold wallet. This way no body can access your wallet but only you.

                 ██            ██
               ██████        ██████
            ████████████      ██████
        ███████████████████    ██████
     ███████████    ██████████  ██████
  ██████████    ███    ████████  ▀█████
  ██████    ███████████   ██████  █████
  █████   ██████  ██████   █████  █████
  █████    ███      ███    █████  █████
  █████  ██            ██  █████  █████
  █████  ███          ███  █████  █████
  █████  ███████   ██████  █████  █████
  █████  ████████████████  █████  █████
  █████  ████████████████  █████  █████
  █████  ████  █████ ████  ████  ██████
  █████  ████   ███  ████  ███  ██████
  █████  ████    █   ████  █   ██████ 
  █████  ████        ██      ███████     
    ███  ████        █     ███████         
      █  ████         ▄██  █████       
           ██        ████  ███
            █        ██▀
`AiBB`  覧覧覧覧覧
HARNESSING THE POWER OF Ai IN CRYPTO
▐ -
`BUY TOKENS`
-▐   Twitter
  Telegram
  Facebook
|WP
Reddit
Medium
BitHodler
Legendary
*
Offline Offline

Activity: 1050
Merit: 1068


View Profile
July 03, 2018, 09:37:15 PM
#3

I am probably an old fart, but I like to store my private keys on a simple piece of paper written by myself. I have used hardware wallets but came back to paper storage since that isn't depending on trust other than myself.

The only potential downside is that you might face certain threats when importing the private keys, but that's a problem for later since I don't plan to redeem any coins unless there is another Bcash like fork happening.

It's important to realize that we will always expose our coins to a certain risk since there is no central authority involved that will refund people in case of coin loss. Once your coins are lost you lost them for ever.

Hydrogen
Hero Member
*****
Offline Offline

Activity: 938
Merit: 674



View Profile
July 03, 2018, 09:42:09 PM
Merited by vapourminer (1)
#4

Would be interested to know basic opsec (operational security) regarding storage of private keys observed by crypto pros. Not storing keys in a digital or electronic format would represent a basic fundamental, I would have to think. Keys would likely be written on a piece of paper or stored stenographically, concealed inside another file. In more extreme cases, I could imagine keys being written on a piece of paper and sealed inside a weatherproof container before being buried or stored in a place where they are unlikely to be found.

Electronic storage methods are suspect in that many routers and hardware platforms contain built in backdoors utilized for state surveillance, consumer data mining, et al. There was a case in 2017 where "700 million android phones" had a backdoor installed which could forward data to china. Windows and presumably other OS could have similar measures. The recent intel security "bug" could have deliberately been designed as a feature: built in backdoor.

I would think electronic storage would be avoided but to be honest, I haven't put much thought into this.

b3j0
Full Member
***
Offline Offline

Activity: 434
Merit: 103


🚀🚀 ATHERO.IO 🚀🚀


View Profile
July 03, 2018, 11:52:12 PM
#5

do not open suspicious sites and keep your private key in the safest place. if you can do these two things I'm sure your assets will be safe.

▀▀█▄▄    [websitewhitepaper]  ❒  ATHERO  ❒  .Internet 3.0 solution    ▄▄█▀▀
  A revolutionary decentralized digital economy 
▄▄█▀▀    Twitter  ◽  Facebook  ◽  Telegram  ◽  Youtube  ◽  Github   ▀▀█▄▄
Stark_Naked9
Newbie
*
Offline Offline

Activity: 75
Merit: 0


View Profile
July 03, 2018, 11:55:45 PM
#6

To my hypothesis, there are a lot of crypto enthusiasts who are fond of keeping their private keys, Keystore / JSON File, seed words, mnemonic phrases etc to their wallet on cloud storage platforms like google drive and the several others. From my little research and experience, I personally think to keep these sensitive data isn't the best due to its nature of proneness to unauthorized accesses.

I'm positive there are individuals in this forum with profound knowledge regarding this topic. We would be grateful if you share with us your experience, tips, advice and most importantly, secured ways and means we can manage our private keys.

Thank You!

There is a lot of other ways you can manage to keep your private key safe.
If you have a lot of money in crypto. Buy an usb, copy the private key into it and keep your usb somewhere safe.
Or you can print out on a paper.
BronxCats
Newbie
*
Offline Offline

Activity: 72
Merit: 0


View Profile
July 04, 2018, 12:12:31 AM
#7

I think it is risky to put your private key in such cloud based services because you truly don't know if a rogue employee could snoop around the files. Though since it's extremely unlikely, until you find an alternative I think it's better than not having it backed up at a different location at all.
bizarro
Member
**
Offline Offline

Activity: 298
Merit: 10


View Profile
July 04, 2018, 10:27:21 AM
#8

To my hypothesis, there are a lot of crypto enthusiasts who are fond of keeping their private keys, Keystore / JSON File, seed words, mnemonic phrases etc to their wallet on cloud storage platforms like google drive and the several others. From my little research and experience, I personally think to keep these sensitive data isn't the best due to its nature of proneness to unauthorized accesses.

I'm positive there are individuals in this forum with profound knowledge regarding this topic. We would be grateful if you share with us your experience, tips, advice and most importantly, secured ways and means we can manage our private keys.

Thank You!
I'm thinking that hardware wallets are one of the most secure thing around, and also you need to have special programs like password storages, it usually would be helpful.

bitmover
Sr. Member
****
Offline Offline

Activity: 266
Merit: 432


View Profile
July 04, 2018, 12:40:44 PM
#9

If you are willing to keep your coins in cloud storage, you should at least split the seed in two and keep half in each storage.

However, I don't think that's safe enough. Ideally you should just write it down on a piece of paper. Keep the paper in different places and you are safe.


````````````````███████████
```````````█████████████████████
```````█████████████████████████████
`````````█████████████████████████
````````````████████████████████
```████``````````````````````````````████
`████████`````````````````````````███████
`█████████``````██████████````````████████
█████████`````██████████████```````████████
████████`````████████████████``````████████
`████████`````███████████████``````████████
``████████`````████████████```````████████
``███████````````████████``````````███████
```███```````````````````````````````████
````````````███████████████████
`````````██████████████████████████
```````█████████████████████████████
``````````██████████████████████
````````````````██████████
EtherMium██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
Hui8
Sr. Member
****
Offline Offline

Activity: 588
Merit: 259



View Profile
July 04, 2018, 01:00:06 PM
#10

Lets not push it too hard. We only have man made options to store our private keys and crypto graphs either in the google storage like you said or simply download the files and store them in the personal computer somewhere safe. I would say the first option is always best because it highly impossible that google cloud will ever get hacked or their information will ever get leaked out. As far as the personal computing is considered, it can be victim of hacks easily if you ever turned on your PC with public IP's. Thats like 90's trick and we are in 21st so its far easy to do that. I guess cloud storage seems to be perfect one.


.
      ▄▓▓▓▄  ▓▓   ▓▓   ▓▓▌ ▓▓▌  ▄▓▓▓▄▄  ▄▓▓▓▄▄       ▓▓▓     ▓▓    ▐▓▓▓▓▄▄   ▄▓▓▓▄
     ▓▓▌ ▀▀▀ ▓▓▓ ▐▓▓▓ ▐▓▓  ▓▓▌ ▓▓▓ ▀▀▀ ▓▓▓ ▀▀▀      ▐▓▓▓▓    ▓▓▌   ▐▓▓▀ ▀▓▓ ▓▓▓ ▀▀▀
     ▀▓▓▓▓▄   ▓▓ ▓▓▐▓ ▓▓▌  ▓▓▌  ▀▓▓▓▄▄  ▀▓▓▓▄▄     ▐▓▓ ▓▓▌   ▓▓▌   ▐▓▓▄▄▓▓▓  ▓▓▓▓▄▄
     ▄▄  ▓▓▓  ▐▓▓▓▌ ▓▓▓▓   ▓▓▌ ▄▄▄ ▐▓▓ ▄▄▄ ▐▓▓     ▓▓▌  ▓▓▌  ▓▓▌   ▐▓▓▀▀▀   ▄▄▄ ▐▓▓
     ▀▓▓▓▓▓▀   ▓▓▓  ▐▓▓▌   ▓▓▌ ▀▓▓▓▓▓▀ ▀▓▓▓▓▓▀    ▓▓▓   ▐▓▓  ▓▓▓▓▓▌▐▓▓      ▀▓▓▓▓▓▀
▬ MINING & ENERGY ▬



..The Smart Mining Company..
Get a piece of COLD 6 220 238 SAM



.


                              ▄████▄
                        ▄▄█████▀▀███
                    ▄▄████▀▀     ███
              ▄▄▄████▀▀    ▄▄   ▐██
          ▄▄█████▀       ▄█▀    ██▌
     ▄▄████▀▀▀       ▄███▀      ██▌
    ████▀        ▄▄████▀       ▐██
     ██████▄▄  ▄█████▀         ██▌
          ▀████████           ▐██
            ▀████▌            ███
             ▀███  ▄██▄▄     ▐██▀
              ███▄███▀███▄   ███
              ▀███▀▀   ▀▀███▄██▌
                          ▀▀█▀▀
.

                      ▄▄▄██▄▄▄    ▄
     ██▄            ▄████████████▀
     █████▄▄       ▐█████████████▀
      █████████▄▄▄▄▐████████████▌
     █▄█████████████████████████▌
     ▀██████████████████████████
       ▀███████████████████████
       ▐██████████████████████
         ▀██████████████████▀
           ▄▄█████████████▀
     ▀████████████████▀▀
          ▀▀▀▀▀▀▀▀
                  ▄███▌▄
              ▄▄██████████▄
             ██████▀ ▀▀█████▄
            ██████      █████▌
           ▄██████▄    ███████▄
           ▀██████████████████▀
              ▀▀▀▀▀▀▀▀▀▀▀▀
           ▐▌    ▄▄    ▄▄    █
            █    ▀          ▄▀
             ▀█           ▄█
               █    ▄▄    ▀
                ▀▄      ▄▀
             ███▄  ▀▀▀▀  ▄██▌
       ▄██▌  ███████▄▄██████▌  ▐█▄▄
      ████▌  █████▀▀  ▀█████▌  ▐████
     █████▌  ██████ ▀▀ ▐████▌  ▐█████
    ██████▌  ██████ ▐▀  ████▌  ▐█████▌
    ▀█████▌  █████▄▄  ▄█████▌  ▐█████▀
             ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
1Referee
Legendary
*
Offline Offline

Activity: 1666
Merit: 1205


View Profile
July 04, 2018, 01:11:42 PM
#11

The only potential downside is that you might face certain threats when importing the private keys, but that's a problem for later since I don't plan to redeem any coins unless there is another Bcash like fork happening.
Same here. BCash pushed me to the absolute limit with creating new backups and whatnot, and I'm certainly not looking forward to do that again. I kinda regret having done so with my 2013 backups. It was some sort of a trophy for me knowing that these coins haven't been moving for more than 4 years. Currently I still have nearly all BTG (and 100% of all other forks) and looking at the latest price, I probably won't ever have to create new backs for this fork.

The recent intel security "bug" could have deliberately been designed as a feature: built in backdoor.
Correct. Imagine how many times systems have been acting weird where people and businesses thought it was related to a virus or whatever. They probably kept secure erasing their drives or even buy new equipment, but the problem kept popping up.

The main thing is that we shouldn't fear that what we know about already (because we can relatively easily weapon ourselves against that), but that what we don't know about.

EVOS
Newbie
*
Offline Offline

Activity: 144
Merit: 0


View Profile WWW
July 04, 2018, 01:24:50 PM
#12

My advice, keep your private key in various places and do not combine Walled address with private key, separate them to save them.
Save your private key in 3 different places, eg in Email, WhatsApps and print on paper. that's what i do, you can try it if you want Smiley
EVOS
Newbie
*
Offline Offline

Activity: 144
Merit: 0


View Profile WWW
July 04, 2018, 01:27:45 PM
#13

My advice, keep your private key in various places and do not combine Walled address with private key, separate them to save them.
Save your private key in 3 different places, eg in Email, WhatsApps and print on paper. that's what i do, you can try it if you want Smiley
h0lybyte
Hero Member
*****
Offline Offline

Activity: 854
Merit: 510


View Profile
July 04, 2018, 01:44:08 PM
#14

There is still a lot of unawareness in people interacting with crypto, some may be storing their private keys in their online wallets and some keep it in pc notepads.
Whether it is any place, since all these storages have connection to internet, your data might be compromised any time. I feel better to write my keys down on a paper


─  SUPPORTED COINS & TOKENS  ─
BTC
LTC
   BCH
DASH
   Ethereum
ERC20 tokens


      ▄██▄
     ▄████▄
    ████████
  ▄██████████▄
 ▄████████████▄
▄██████████████
▀▀██████████▀▀
▀█▄▄ ▀▀██▀▀ ▄▄█▀
  ▀███▄▄▄▄███▀
    ████████
     ▀████▀
       ▀   

ERC20 Token
Scanner


 ▄▄██████████████▄▄
████████████████████
████████████████████
▄▀▀██████████████▀▀▄
▀██▄▄▄▄▄▄▄▄▄▄▄▄▄▄██▀
█▄ ▀▀██████████▀▀▄▄██▄▄
▀███▄▄▄▄▄▄▄▄▄▄  ███▀▀███
▄ ▀▀█████████▀ ▄███▄▄▄██
███▄▄▄▄▄▄    ▄█▀▄████▀▀
 ▀▀███████ ▄█▀▄██▀
       ▀▀  ▀███▀

Secure Backup -
Encrypted backup

GET OUR WALLET

  ▄▄▄▄ ▄▄▄█████
██████ ████████
██████ ████████
▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄
██████ ████████
██████ ████████
     ▀▀▀▀▀███
Download in
Windows

 ▀█▄▄           
 ██▄▀███▄▄       
 ████▄▀████▀▄▄   
 ██████▄▀█▀█████
 █████▀▄███▄▀▀   
 ███▀▄██▀▀       
 █▀▄█▀▀         
Get it on
Google Play
TranTrongit
Member
**
Offline Offline

Activity: 224
Merit: 10

https://www.soar.earth/


View Profile
July 04, 2018, 02:19:57 PM
#15

Cloud storage platforms is also quite secure.  But I do not think I should save your private key on it.  my way is.  In addition to using a hardware wallet I store my private key in a usb. And that usb is only used to store the private key.

notaek
Legendary
*
Offline Offline

Activity: 1258
Merit: 1008


View Profile WWW
July 04, 2018, 11:13:14 PM
#16

To my hypothesis, there are a lot of crypto enthusiasts who are fond of keeping their private keys, Keystore / JSON File, seed words, mnemonic phrases etc to their wallet on cloud storage platforms like google drive and the several others.

That's a big no no. The sole purpose of a wallet being called a "cold storage" is to save it in a place where no one but the owner can reach out to, when needed.
Storing private keys on cloud storage revokes that sole purpose.

Nowadays there are so many ways to save your private keys as a cold storage. One such example is having Cryptosteel.

pitiflin
Hero Member
*****
Offline Offline

Activity: 980
Merit: 507



View Profile
July 04, 2018, 11:18:41 PM
#17

To my hypothesis, there are a lot of crypto enthusiasts who are fond of keeping their private keys, Keystore / JSON File, seed words, mnemonic phrases etc to their wallet on cloud storage platforms like google drive and the several others. From my little research and experience, I personally think to keep these sensitive data isn't the best due to its nature of proneness to unauthorized accesses.

I'm positive there are individuals in this forum with profound knowledge regarding this topic. We would be grateful if you share with us your experience, tips, advice and most importantly, secured ways and means we can manage our private keys.

Thank You!
Why the fuck would anyone have their private keys in a cloud storage? Might as well deposit a million dollars in an exchange and get your account blocked or even invest in a scam.

Store your private keys and other important stuff in an offline data storage, like a USB drive. That's the easiest way. Have your working antivirus installed in your pc all the time and be careful on which websites you visit and just don't get phished.


       █
      ██
     ██
   ██ ██
 █ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██

       █
      ██
     ██
   ██ ██
 █ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
  B

          ▄▄▄▄▄▄
     ▄▄████████████▄▄
   ▄█████▀▀    ▀▀█████▄
  ████▀            ▀████
 ████                ████
▐███                  ███▌
███▌                  ▐███
▐███           ▄▄     ███▌
 ████         ▀███▄  ▐███
  ████▄         ▀███▄███
   ▀█████▄▄     ▄█████▀
     ▀▀████████████▀▀
          ▀▀▀▀▀▀
T 
.Better. Quick..

.Transparent....






             ▄████▄▄   ▄
█▄          ██████████▀▄
███        ███████████▀
▐████▄     ██████████▌
▄▄██████▄▄▄▄█████████▌
▀████████████████████
  ▀█████████████████
  ▄▄███████████████
   ▀█████████████▀
    ▄▄█████████▀
▀▀██████████▀
    ▀▀▀▀▀






▄█████████████████████████▄
███████████████████████████
███████████████▀       ████
██████████████      ▄▄▄████
██████████████    ▐████████
██████████████    ▐████████
██████████            ▐████
██████████            █████
██████████████    ▐████████
██████████████    ▐████████
██████████████    ▐████████
▀█████████████    ▐███████▀






                   ▄▄████
              ▄▄████████▌
         ▄▄█████████▀███
    ▄▄██████████▀▀ ▄███▌
▄████████████▀▀  ▄█████
▀▀▀███████▀   ▄███████▌
      ██    ▄█████████
       █  ▄██████████▌
       █  ███████████
       █ ██▀ ▀██████▌
       ██▀     ▀████
                 ▀█▌
BitHodler
Legendary
*
Offline Offline

Activity: 1050
Merit: 1068


View Profile
July 04, 2018, 11:52:34 PM
#18

I kinda regret having done so with my 2013 backups. It was some sort of a trophy for me knowing that these coins haven't been moving for more than 4 years.
I hope for you that you sold them in a way you haven't lost much privacy.

The problem with these forks is that they incentivize people to redeem their coins and to have the free fork coins be sold on whatever exchange, but people don't realize that it severely affects their privacy.

It's not smart to move old coins with how regulations are being implemented today. Coins that haven't experienced any activity allow you to claim that you miraculously gained back access to your private keys.

Currently that's not possible because you already transferred the coins. If you report your coins right now and your tax department demands more information, you'll find yourself in an uncomfortable situation.

oo666oo
Jr. Member
*
Offline Offline

Activity: 68
Merit: 1


View Profile
July 05, 2018, 09:34:11 AM
#19

To my hypothesis, there are a lot of crypto enthusiasts who are fond of keeping their private keys, Keystore / JSON File, seed words, mnemonic phrases etc to their wallet on cloud storage platforms like google drive and the several others. From my little research and experience, I personally think to keep these sensitive data isn't the best due to its nature of proneness to unauthorized accesses.

I'm positive there are individuals in this forum with profound knowledge regarding this topic. We would be grateful if you share with us your experience, tips, advice and most importantly, secured ways and means we can manage our private keys.

Thank You!

And then we have not to forget that to keep your private keys on google drive and other platforms it means you are trusting GOOGLE. What if one fine day Google should decide to steal your funds? Never say never.

★ PRiVCY ➢ Own Your Privacy! ➢ Best privacy crypto-market! ★
✈✈✈[PoW/PoS]✅[Tor]✅[Airdrop]✈✈✈ (https://privcy.io/)
dothebeats
Legendary
*
Offline Offline

Activity: 1610
Merit: 1067

Ninja Member


View Profile
July 05, 2018, 11:10:39 AM
#20

Not a single issue on any of the wallets that I've created since 2014, and I kept them on 3 devices: my personal computer, a regular USB stick lying around and my old smartphone that I no longer use. The last 2 devices are never connected again to the internet once they received the files while the PC I use regularly with the internet. I don't do stupid things such as watching NSFW videos, (you know, those things) clicking on suspicious links, downloading illegal software which has more backdoors than any government-created apps and regularly cleaning my PCs OS by reformatting once every 2 months. Idk if reformatting would help that much knowing that you still keep the same files and malware can disguise as a normal file but again, same wallet files, nothing ever lost or stolen so I think I've done better than some people.

Pages: [1] 2 3 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!