Security issues relating to Private Keys storage

[quesi_job]

To my hypothesis, there are a lot of crypto enthusiasts who are fond of keeping their private keys, Keystore / JSON File, seed words, mnemonic phrases etc to their wallet on cloud storage platforms like google drive and the several others. From my little research and experience, I personally think to keep these sensitive data isn't the best due to its nature of proneness to unauthorized accesses.

I'm positive there are individuals in this forum with profound knowledge regarding this topic. We would be grateful if you share with us your experience, tips, advice and most importantly, secured ways and means we can manage our private keys.

Thank You!

[serjent05]

Well everything is hackable. There is no promise guaranteed 100% safe whichever wallet you have but  some choose their valued cryptocurrencies stored in a cold wallet. This way no body can access your wallet but only you.

[BitHodler]

I am probably an old fart, but I like to store my private keys on a simple piece of paper written by myself. I have used hardware wallets but came back to paper storage since that isn't depending on trust other than myself.

The only potential downside is that you might face certain threats when importing the private keys, but that's a problem for later since I don't plan to redeem any coins unless there is another Bcash like fork happening.

It's important to realize that we will always expose our coins to a certain risk since there is no central authority involved that will refund people in case of coin loss. Once your coins are lost you lost them for ever.

[Hydrogen]

Would be interested to know basic opsec (operational security) regarding storage of private keys observed by crypto pros. Not storing keys in a digital or electronic format would represent a basic fundamental, I would have to think. Keys would likely be written on a piece of paper or stored stenographically, concealed inside another file. In more extreme cases, I could imagine keys being written on a piece of paper and sealed inside a weatherproof container before being buried or stored in a place where they are unlikely to be found.

Electronic storage methods are suspect in that many routers and hardware platforms contain built in backdoors utilized for state surveillance, consumer data mining, et al. There was a case in 2017 where "700 million android phones" had a backdoor installed which could forward data to china. Windows and presumably other OS could have similar measures. The recent intel security "bug" could have deliberately been designed as a feature: built in backdoor.

I would think electronic storage would be avoided but to be honest, I haven't put much thought into this.

[b3j0]

do not open suspicious sites and keep your private key in the safest place. if you can do these two things I'm sure your assets will be safe.

[Stark_Naked9]

To my hypothesis, there are a lot of crypto enthusiasts who are fond of keeping their private keys, Keystore / JSON File, seed words, mnemonic phrases etc to their wallet on cloud storage platforms like google drive and the several others. From my little research and experience, I personally think to keep these sensitive data isn't the best due to its nature of proneness to unauthorized accesses.

I'm positive there are individuals in this forum with profound knowledge regarding this topic. We would be grateful if you share with us your experience, tips, advice and most importantly, secured ways and means we can manage our private keys.

Thank You!

There is a lot of other ways you can manage to keep your private key safe.
If you have a lot of money in crypto. Buy an usb, copy the private key into it and keep your usb somewhere safe.
Or you can print out on a paper.

[BronxCats]

I think it is risky to put your private key in such cloud based services because you truly don't know if a rogue employee could snoop around the files. Though since it's extremely unlikely, until you find an alternative I think it's better than not having it backed up at a different location at all.

[bizarro]

To my hypothesis, there are a lot of crypto enthusiasts who are fond of keeping their private keys, Keystore / JSON File, seed words, mnemonic phrases etc to their wallet on cloud storage platforms like google drive and the several others. From my little research and experience, I personally think to keep these sensitive data isn't the best due to its nature of proneness to unauthorized accesses.

I'm positive there are individuals in this forum with profound knowledge regarding this topic. We would be grateful if you share with us your experience, tips, advice and most importantly, secured ways and means we can manage our private keys.

Thank You!

I'm thinking that hardware wallets are one of the most secure thing around, and also you need to have special programs like password storages, it usually would be helpful.

[bitmover]

If you are willing to keep your coins in cloud storage, you should at least split the seed in two and keep half in each storage.

However, I don't think that's safe enough. Ideally you should just write it down on a piece of paper. Keep the paper in different places and you are safe.

[Hui8]

Lets not push it too hard. We only have man made options to store our private keys and crypto graphs either in the google storage like you said or simply download the files and store them in the personal computer somewhere safe. I would say the first option is always best because it highly impossible that google cloud will ever get hacked or their information will ever get leaked out. As far as the personal computing is considered, it can be victim of hacks easily if you ever turned on your PC with public IP's. Thats like 90's trick and we are in 21st so its far easy to do that. I guess cloud storage seems to be perfect one.

[1Referee]

The only potential downside is that you might face certain threats when importing the private keys, but that's a problem for later since I don't plan to redeem any coins unless there is another Bcash like fork happening.

Same here. BCash pushed me to the absolute limit with creating new backups and whatnot, and I'm certainly not looking forward to do that again. I kinda regret having done so with my 2013 backups. It was some sort of a trophy for me knowing that these coins haven't been moving for more than 4 years. Currently I still have nearly all BTG (and 100% of all other forks) and looking at the latest price, I probably won't ever have to create new backs for this fork.

The recent intel security "bug" could have deliberately been designed as a feature: built in backdoor.

Correct. Imagine how many times systems have been acting weird where people and businesses thought it was related to a virus or whatever. They probably kept secure erasing their drives or even buy new equipment, but the problem kept popping up.

The main thing is that we shouldn't fear that what we know about already (because we can relatively easily weapon ourselves against that), but that what we don't know about.

[EVOS]

My advice, keep your private key in various places and do not combine Walled address with private key, separate them to save them.
Save your private key in 3 different places, eg in Email, WhatsApps and print on paper. that's what i do, you can try it if you want

[EVOS]

My advice, keep your private key in various places and do not combine Walled address with private key, separate them to save them.
Save your private key in 3 different places, eg in Email, WhatsApps and print on paper. that's what i do, you can try it if you want

[h0lybyte]

There is still a lot of unawareness in people interacting with crypto, some may be storing their private keys in their online wallets and some keep it in pc notepads.
Whether it is any place, since all these storages have connection to internet, your data might be compromised any time. I feel better to write my keys down on a paper

[TranTrongit]

Cloud storage platforms is also quite secure.  But I do not think I should save your private key on it.  my way is.  In addition to using a hardware wallet I store my private key in a usb. And that usb is only used to store the private key.

[notaek]

To my hypothesis, there are a lot of crypto enthusiasts who are fond of keeping their private keys, Keystore / JSON File, seed words, mnemonic phrases etc to their wallet on cloud storage platforms like google drive and the several others.

That's a big no no. The sole purpose of a wallet being called a "cold storage" is to save it in a place where no one but the owner can reach out to, when needed.
Storing private keys on cloud storage revokes that sole purpose.

Nowadays there are so many ways to save your private keys as a cold storage. One such example is having Cryptosteel.

[pitiflin]

To my hypothesis, there are a lot of crypto enthusiasts who are fond of keeping their private keys, Keystore / JSON File, seed words, mnemonic phrases etc to their wallet on cloud storage platforms like google drive and the several others. From my little research and experience, I personally think to keep these sensitive data isn't the best due to its nature of proneness to unauthorized accesses.

I'm positive there are individuals in this forum with profound knowledge regarding this topic. We would be grateful if you share with us your experience, tips, advice and most importantly, secured ways and means we can manage our private keys.

Thank You!

Why the fuck would anyone have their private keys in a cloud storage? Might as well deposit a million dollars in an exchange and get your account blocked or even invest in a scam.

Store your private keys and other important stuff in an offline data storage, like a USB drive. That's the easiest way. Have your working antivirus installed in your pc all the time and be careful on which websites you visit and just don't get phished.

[BitHodler]

I kinda regret having done so with my 2013 backups. It was some sort of a trophy for me knowing that these coins haven't been moving for more than 4 years.

I hope for you that you sold them in a way you haven't lost much privacy.

The problem with these forks is that they incentivize people to redeem their coins and to have the free fork coins be sold on whatever exchange, but people don't realize that it severely affects their privacy.

It's not smart to move old coins with how regulations are being implemented today. Coins that haven't experienced any activity allow you to claim that you miraculously gained back access to your private keys.

Currently that's not possible because you already transferred the coins. If you report your coins right now and your tax department demands more information, you'll find yourself in an uncomfortable situation.

[oo666oo]

To my hypothesis, there are a lot of crypto enthusiasts who are fond of keeping their private keys, Keystore / JSON File, seed words, mnemonic phrases etc to their wallet on cloud storage platforms like google drive and the several others. From my little research and experience, I personally think to keep these sensitive data isn't the best due to its nature of proneness to unauthorized accesses.

I'm positive there are individuals in this forum with profound knowledge regarding this topic. We would be grateful if you share with us your experience, tips, advice and most importantly, secured ways and means we can manage our private keys.

Thank You!

And then we have not to forget that to keep your private keys on google drive and other platforms it means you are trusting GOOGLE. What if one fine day Google should decide to steal your funds? Never say never.

[dothebeats]

Not a single issue on any of the wallets that I've created since 2014, and I kept them on 3 devices: my personal computer, a regular USB stick lying around and my old smartphone that I no longer use. The last 2 devices are never connected again to the internet once they received the files while the PC I use regularly with the internet. I don't do stupid things such as watching NSFW videos, (you know, those things) clicking on suspicious links, downloading illegal software which has more backdoors than any government-created apps and regularly cleaning my PCs OS by reformatting once every 2 months. Idk if reformatting would help that much knowing that you still keep the same files and malware can disguise as a normal file but again, same wallet files, nothing ever lost or stolen so I think I've done better than some people.