Bitcoin Forum
December 08, 2016, 02:28:48 PM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Just entering the password once is not safe  (Read 1096 times)
TiagoTiago
Hero Member
*****
Offline Offline

Activity: 616


Firstbits.com/1fg4i                :Ƀ


View Profile
October 04, 2011, 10:51:01 AM
 #1

I went to encrypt my wallet, but the client only had one password field to create the password, i don't trust my typing skills enough, i don't wanna loose my money because of a typo; please change the client so that when it first asks for a password it asks the user to enter it twice and checks if the two entries match.

(I dont always get new reply notifications, pls send a pm when you think it has happened)

Wanna gimme some BTC for any or no reason? 1FmvtS66LFh6ycrXDwKRQTexGJw4UWiqDX Smiley

The more you believe in Bitcoin, and the more you show you do to other people, the faster the real value will soar!

Do you like mmmBananas?!
1481207328
Hero Member
*
Offline Offline

Posts: 1481207328

View Profile Personal Message (Offline)

Ignore
1481207328
Reply with quote  #2

1481207328
Report to moderator
1481207328
Hero Member
*
Offline Offline

Posts: 1481207328

View Profile Personal Message (Offline)

Ignore
1481207328
Reply with quote  #2

1481207328
Report to moderator
Visit and contribute to reddit.com/r/Bitcoin
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481207328
Hero Member
*
Offline Offline

Posts: 1481207328

View Profile Personal Message (Offline)

Ignore
1481207328
Reply with quote  #2

1481207328
Report to moderator
iddo
Sr. Member
****
Offline Offline

Activity: 360


View Profile
October 04, 2011, 11:19:57 AM
 #2

After you enter the password once, the bitcoin 0.4 client asks you to enter your password again in a new dialog box.

However, as a general note to people who fear losing their money, you should keep backups of your unencrypted wallet.dat before you encrypt it with bitcoin 0.4, and if you save a backup on the cloud (e.g. dropbox) then first encrypt it yourself using e.g. 7zip or gpg, that way you won't lose your money if something goes wrong. Just be sure not to send unencrypted wallet.dat to any 3rd-party host, and even if you store a backup of wallet.dat on your personal usb flashdrive or your laptop etc., it's much better that you store it only in encrypted form.
TiagoTiago
Hero Member
*****
Offline Offline

Activity: 616


Firstbits.com/1fg4i                :Ƀ


View Profile
October 04, 2011, 05:15:53 PM
 #3

I see.

That is not how sites and stuff do it, usually when you are using a new password they show two fields on the same screen; i wasn't expecting it to ask for confirmation after submitting it the first time.

(I dont always get new reply notifications, pls send a pm when you think it has happened)

Wanna gimme some BTC for any or no reason? 1FmvtS66LFh6ycrXDwKRQTexGJw4UWiqDX Smiley

The more you believe in Bitcoin, and the more you show you do to other people, the faster the real value will soar!

Do you like mmmBananas?!
jancsika
Member
**
Offline Offline

Activity: 81


View Profile
October 04, 2011, 11:20:56 PM
 #4

I see.

That is not how sites and stuff do it, usually when you are using a new password they show two fields on the same screen; i wasn't expecting it to ask for confirmation after submitting it the first time.

The current behavior is bad interface design, because it puts everyone who cannot predict the future in a temporary state of confusion.  Not only does it punish responsible users like the OP-- who evidently (and rightly) escaped out and went no further-- but it also rewards risky behavior of the user who is satisfied with an apparent single entry of the password.

If you're concerned about lazy users cutting and pasting, put a warning label advising them not to cut and paste.  Regardless: two entry fields in the _same_ dialog, please-- like every other password selection interface I've ever seen in my entire life.  There's absolutely no need to avoid standards here.
dunand
Hero Member
*****
Offline Offline

Activity: 625



View Profile
October 05, 2011, 11:09:17 AM
 #5

bump.

I backed off too the first time. I decided to continue because the wallet was almost empty. Only a reckless user will encrypt a wallet with no confirmation for password.
Pieter Wuille
Legendary
*
qt
Offline Offline

Activity: 1036


View Profile WWW
October 05, 2011, 11:14:30 AM
 #6

Yes, the interface isn't very good right now. However, the next Bitcoin release (0.5) will most likely use the new Qt user interface, which fixes a lot of problems (including the one mentioned here).

aka sipa, core dev team

Tips and donations: 1KwDYMJMS4xq3ZEWYfdBRwYG2fHwhZsipa
pekv2
Hero Member
*****
Offline Offline

Activity: 770



View Profile
October 05, 2011, 04:19:03 PM
 #7

I see.

That is not how sites and stuff do it, usually when you are using a new password they show two fields on the same screen; i wasn't expecting it to ask for confirmation after submitting it the first time.

I was leery of it at first, I backed my wallet in another folder so I wasn't screwed. Like above as you know, it asks twice.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!