Bitcoin Forum
November 07, 2024, 09:55:21 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Secure wallet  (Read 776 times)
Jacce (OP)
Sr. Member
****
Offline Offline

Activity: 294
Merit: 250


View Profile
March 09, 2014, 04:56:55 PM
 #1

Okay, so currently I store 80-90% of my bitcoins at BTC-E, which I know is bad. So I was thinking of some secure ways to store most of my bitcoins. Personally, a paper wallet doesn't work that good for me (I don't have access to a printer, and also I'm afraid I might lose the bitcoins). Neither does a cold wallet on another computer, because it's a hassle to set up and my only other computers are old and I don't know long their hard drives will survive (buying a new one is currently too expensive for me).

So I came up with an idea, and would like to know how safe it is. Basically I want to generate a new wallet.dat file and write down my public keys so I can send bitcoins to them when I want. Then I would encrypt my wallet.dat in the Bitcoin-qt. I would then continue by encrypting it X times with 7-Zip with different secure passwords. Then I will save it in my Google Drive, so I can keep the wallet file even if my hard drives crashes or if I lose access to them. I would only unlock and access my

Would this be safe (provided my passwords are safe enough)? Is there any better method? Could my method be improved?
tkbx
Sr. Member
****
Offline Offline

Activity: 350
Merit: 251



View Profile
March 09, 2014, 05:23:21 PM
 #2

Okay, so currently I store 80-90% of my bitcoins at BTC-E, which I know is bad. So I was thinking of some secure ways to store most of my bitcoins. Personally, a paper wallet doesn't work that good for me (I don't have access to a printer, and also I'm afraid I might lose the bitcoins). Neither does a cold wallet on another computer, because it's a hassle to set up and my only other computers are old and I don't know long their hard drives will survive (buying a new one is currently too expensive for me).

So I came up with an idea, and would like to know how safe it is. Basically I want to generate a new wallet.dat file and write down my public keys so I can send bitcoins to them when I want. Then I would encrypt my wallet.dat in the Bitcoin-qt. I would then continue by encrypting it X times with 7-Zip with different secure passwords. Then I will save it in my Google Drive, so I can keep the wallet file even if my hard drives crashes or if I lose access to them. I would only unlock and access my

Would this be safe (provided my passwords are safe enough)? Is there any better method? Could my method be improved?
It would be better to just use Bitcoin-Qt's built-in encryption (Settings --> Encrypt Wallet). Encrypting things multiple times is pointless; one secure password will make it take trillions of years to crack.
However, if you feel more secure encrypting the wallet.dat with something other than Bitcoin-Qt's built-in encryption feature, I would recommend Truecrypt instead 7-Zip. Truecrypt uses XTS for AES, arguably the most secure mode of operation, and lets you use multiple ciphers (such as AES-Twofish-Serpent, my favorite).
Jacce (OP)
Sr. Member
****
Offline Offline

Activity: 294
Merit: 250


View Profile
March 09, 2014, 05:25:14 PM
 #3

Okay, so currently I store 80-90% of my bitcoins at BTC-E, which I know is bad. So I was thinking of some secure ways to store most of my bitcoins. Personally, a paper wallet doesn't work that good for me (I don't have access to a printer, and also I'm afraid I might lose the bitcoins). Neither does a cold wallet on another computer, because it's a hassle to set up and my only other computers are old and I don't know long their hard drives will survive (buying a new one is currently too expensive for me).

So I came up with an idea, and would like to know how safe it is. Basically I want to generate a new wallet.dat file and write down my public keys so I can send bitcoins to them when I want. Then I would encrypt my wallet.dat in the Bitcoin-qt. I would then continue by encrypting it X times with 7-Zip with different secure passwords. Then I will save it in my Google Drive, so I can keep the wallet file even if my hard drives crashes or if I lose access to them. I would only unlock and access my

Would this be safe (provided my passwords are safe enough)? Is there any better method? Could my method be improved?
It would be better to just use Bitcoin-Qt's built-in encryption (Settings --> Encrypt Wallet). Encrypting things multiple times is pointless; one secure password will make it take trillions of years to crack.
However, if you feel more secure encrypting the wallet.dat with something other than Bitcoin-Qt's built-in encryption feature, I would recommend Truecrypt instead 7-Zip. Truecrypt uses XTS for AES, arguably the most secure mode of operation, and lets you use multiple ciphers (such as AES-Twofish-Serpent, my favorite).

I was thinking of using Bitcoin-Qt's built-in encryption together with 7-Zip. Does it become more safe if you encrypt several times or is it just as safe or less safe?
And yeah, I will be looking into Truecrypt.
BitcoinQTlol
Newbie
*
Offline Offline

Activity: 28
Merit: 0


View Profile
March 09, 2014, 05:26:38 PM
 #4

Download Bitcoin-QT

Go offline

Generate a address

dump private key

store private key on multiple usb's

delete bitcoin-qt

send bitcoin to public address of the private key from btc-e

HuhHuh??/

profit.

or just buy a printer and stick the paper wallet in a book.
tkbx
Sr. Member
****
Offline Offline

Activity: 350
Merit: 251



View Profile
March 09, 2014, 05:55:42 PM
 #5

Okay, so currently I store 80-90% of my bitcoins at BTC-E, which I know is bad. So I was thinking of some secure ways to store most of my bitcoins. Personally, a paper wallet doesn't work that good for me (I don't have access to a printer, and also I'm afraid I might lose the bitcoins). Neither does a cold wallet on another computer, because it's a hassle to set up and my only other computers are old and I don't know long their hard drives will survive (buying a new one is currently too expensive for me).

So I came up with an idea, and would like to know how safe it is. Basically I want to generate a new wallet.dat file and write down my public keys so I can send bitcoins to them when I want. Then I would encrypt my wallet.dat in the Bitcoin-qt. I would then continue by encrypting it X times with 7-Zip with different secure passwords. Then I will save it in my Google Drive, so I can keep the wallet file even if my hard drives crashes or if I lose access to them. I would only unlock and access my

Would this be safe (provided my passwords are safe enough)? Is there any better method? Could my method be improved?
It would be better to just use Bitcoin-Qt's built-in encryption (Settings --> Encrypt Wallet). Encrypting things multiple times is pointless; one secure password will make it take trillions of years to crack.
However, if you feel more secure encrypting the wallet.dat with something other than Bitcoin-Qt's built-in encryption feature, I would recommend Truecrypt instead 7-Zip. Truecrypt uses XTS for AES, arguably the most secure mode of operation, and lets you use multiple ciphers (such as AES-Twofish-Serpent, my favorite).

I was thinking of using Bitcoin-Qt's built-in encryption together with 7-Zip. Does it become more safe if you encrypt several times or is it just as safe or less safe?
And yeah, I will be looking into Truecrypt.
There's no clear cut answer about whether encrypting multiple times makes it more secure. Your only real concern is the quality of your passwords. A 15-character random password in Bitcoin-Qt is much more secure than both a 14-character random password in Bitcoin-Qt and a different 14-character random password in 7-Zip/Truecrypt combined. If you get carried away with an encrypted wallet in an encrypted 7-Zip archive in a Truecrypt volume, you give yourself the illusion of security, which could cause you to overlook actual security.

My recommendation would be to generate a long, random password (14-20 characters of letters, numbers, and symbols), write it down on a piece of paper, use the password with Bitcoin-Qt's built-in encryption, and keep that paper somewhere safe (such as a book).
Jacce (OP)
Sr. Member
****
Offline Offline

Activity: 294
Merit: 250


View Profile
March 09, 2014, 06:12:43 PM
 #6

Download Bitcoin-QT

Go offline

Generate a address

dump private key

store private key on multiple usb's

delete bitcoin-qt

send bitcoin to public address of the private key from btc-e

HuhHuh??/

profit.

or just buy a printer and stick the paper wallet in a book.

The problem is that this would require either a printer or USBs. This costs money, and I don't have a lot of it. Also, it is possible, although very unlikely, to lose the paper wallet/USBs.

But I think I will go with tkbx's suggestion, thank you.
cp1
Hero Member
*****
Offline Offline

Activity: 616
Merit: 500


Stop using branwallets


View Profile
March 09, 2014, 06:14:44 PM
 #7

If you choose to store it online (a terrible idea) then at least have 2-factor enabled on your google account.

I guess we should ask how many BTC are you storing?  If you can't afford to buy a printer or a two pack of USB drives from Costco for $20 then it's probably only dust.  In which case it doesn't really matter.  If you're storing thousands of dollars in BTC and are worried about saving $100 then you're all messed up.

Guide to armory offline install on USB key:  https://bitcointalk.org/index.php?topic=241730.0
odolvlobo
Legendary
*
Offline Offline

Activity: 4494
Merit: 3402



View Profile
March 09, 2014, 06:14:55 PM
 #8

Okay, so currently I store 80-90% of my bitcoins at BTC-E, which I know is bad. So I was thinking of some secure ways to store most of my bitcoins. ...
Would this be safe (provided my passwords are safe enough)? Is there any better method? Could my method be improved?

You don't need to go to so much trouble. It is much easier than you think. Do this:

1. Set up a wallet such as Electrum or Multibit on a computer.
2. If the wallet gives you an option to set a password or encrypt it, do that. This is a critical step. Don't skip it. This will protect your bitcoins from others.
3. Back up whatever the wallet tells you to back up. This is a critical step. Don't skip it. This will protect your bitcoins from yourself.
4. Transfer your bitcoins to your new wallet.

Cold storage is more secure and you might want to do that eventually, but the first step is getting the bitcoins out of BTC-e and into your own wallet.

Join an anti-signature campaign: Click ignore on the members of signature campaigns.
PGP Fingerprint: 6B6BC26599EC24EF7E29A405EAF050539D0B2925 Signing address: 13GAVJo8YaAuenj6keiEykwxWUZ7jMoSLt
Jacce (OP)
Sr. Member
****
Offline Offline

Activity: 294
Merit: 250


View Profile
March 09, 2014, 06:34:55 PM
 #9

If you choose to store it online (a terrible idea) then at least have 2-factor enabled on your google account.

I guess we should ask how many BTC are you storing?  If you can't afford to buy a printer or a two pack of USB drives from Costco for $20 then it's probably only dust.  In which case it doesn't really matter.  If you're storing thousands of dollars in BTC and are worried about saving $100 then you're all messed up.

I'm not storing thousands of dollars in BTC, but it's much to me and I'd like to keep it whatever happens to my computer(s). I guess I could store it on USB drives and I could afford them, but they could break or I could lose them somehow. I just feel more safe about storing it in my Google Drive (which btw is protected by 2FA and a more than 12 characters long password).

However, I would like to save a portion of all the bitcoins I buy/earn there and I would like to be sure I don't lose the wallet.dat whatever happens.
DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218
Merit: 1079


Gerald Davis


View Profile
March 09, 2014, 06:41:54 PM
 #10

Encrypting multiple times is likely useless.  It is like installing two bank vault doors as the front door for your house because one isn't safe enough.  Then forgetting a thief can come in through a window, right through a wall with a car.

If you use an encrypted QT wallet file the most likely reasons you lose your coins is:
1) inside theft (roommate, guest in house, etc).
2) you lose the wallet and/or passphrase (it is really hard to break into).
3) your password is weak/insecure
4) you system is compromised with malware or key logger.

Double encryption doesn't help you in any of those scenarios and makes it more likely for #2 and possibly more likely for #3 (you use two weaker passwords instead of one stronger one).

http://world.std.com/~reinhold/diceware.html

Generate a random 6 word passphrase all lower case, no special symbols or numbers (far easier to remember over longer period of time and it can't be brute forced especially with the PBKDF2 key hardening that the QT wallet uses).

example:
Quote
bus security issue vomit fled shut lawn
Jacce (OP)
Sr. Member
****
Offline Offline

Activity: 294
Merit: 250


View Profile
March 09, 2014, 06:56:19 PM
 #11

Encrypting multiple times is likely useless.  It is like installing two bank vault doors as the front door for your house because one isn't safe enough.  Then forgetting a thief can come in through a window, right through a wall with a car.

If you use an encrypted QT wallet file the most likely reasons you lose your coins is:
1) inside theft (roommate, guest in house, etc).
2) you lose the wallet and/or passphrase (it is really hard to break into).
3) your password is weak/insecure
4) you system is compromised with malware or key logger.

Double encryption doesn't help you in any of those scenarios and makes it more likely for #2 and possibly more likely for #3 (you use two weaker passwords instead of one stronger one).

http://world.std.com/~reinhold/diceware.html

Generate a random 6 word passphrase all lower case, no special symbols or numbers (far easier to remember over longer period of time and it can't be brute forced especially with the PBKDF2 key hardening that the QT wallet uses).

example:
Quote
bus security issue vomit fled shut lawn


The reason why I would like to have multiple encryptions is if I write down my ~20 character long password like tkbx told me to and someone would somehow find it, they would also have to get through a ~15 character long password that I remember and isn't written down anywhere (I am sure I wouldn't forget that password unless I get a memory loss or something like that, so that's not an issue either). I wouldn't access the wallet either unless I really need to, so it would be pretty hard for a malware to access it.
DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218
Merit: 1079


Gerald Davis


View Profile
March 09, 2014, 07:54:50 PM
 #12

So just use the single password you have memorized.  Write nothing down, and there is no need to a dubious second encryption.
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!