Jacce (OP)
|
|
March 09, 2014, 04:56:55 PM |
|
Okay, so currently I store 80-90% of my bitcoins at BTC-E, which I know is bad. So I was thinking of some secure ways to store most of my bitcoins. Personally, a paper wallet doesn't work that good for me (I don't have access to a printer, and also I'm afraid I might lose the bitcoins). Neither does a cold wallet on another computer, because it's a hassle to set up and my only other computers are old and I don't know long their hard drives will survive (buying a new one is currently too expensive for me).
So I came up with an idea, and would like to know how safe it is. Basically I want to generate a new wallet.dat file and write down my public keys so I can send bitcoins to them when I want. Then I would encrypt my wallet.dat in the Bitcoin-qt. I would then continue by encrypting it X times with 7-Zip with different secure passwords. Then I will save it in my Google Drive, so I can keep the wallet file even if my hard drives crashes or if I lose access to them. I would only unlock and access my
Would this be safe (provided my passwords are safe enough)? Is there any better method? Could my method be improved?
|
|
|
|
tkbx
|
|
March 09, 2014, 05:23:21 PM |
|
Okay, so currently I store 80-90% of my bitcoins at BTC-E, which I know is bad. So I was thinking of some secure ways to store most of my bitcoins. Personally, a paper wallet doesn't work that good for me (I don't have access to a printer, and also I'm afraid I might lose the bitcoins). Neither does a cold wallet on another computer, because it's a hassle to set up and my only other computers are old and I don't know long their hard drives will survive (buying a new one is currently too expensive for me).
So I came up with an idea, and would like to know how safe it is. Basically I want to generate a new wallet.dat file and write down my public keys so I can send bitcoins to them when I want. Then I would encrypt my wallet.dat in the Bitcoin-qt. I would then continue by encrypting it X times with 7-Zip with different secure passwords. Then I will save it in my Google Drive, so I can keep the wallet file even if my hard drives crashes or if I lose access to them. I would only unlock and access my
Would this be safe (provided my passwords are safe enough)? Is there any better method? Could my method be improved?
It would be better to just use Bitcoin-Qt's built-in encryption (Settings --> Encrypt Wallet). Encrypting things multiple times is pointless; one secure password will make it take trillions of years to crack. However, if you feel more secure encrypting the wallet.dat with something other than Bitcoin-Qt's built-in encryption feature, I would recommend Truecrypt instead 7-Zip. Truecrypt uses XTS for AES, arguably the most secure mode of operation, and lets you use multiple ciphers (such as AES-Twofish-Serpent, my favorite).
|
|
|
|
Jacce (OP)
|
|
March 09, 2014, 05:25:14 PM |
|
Okay, so currently I store 80-90% of my bitcoins at BTC-E, which I know is bad. So I was thinking of some secure ways to store most of my bitcoins. Personally, a paper wallet doesn't work that good for me (I don't have access to a printer, and also I'm afraid I might lose the bitcoins). Neither does a cold wallet on another computer, because it's a hassle to set up and my only other computers are old and I don't know long their hard drives will survive (buying a new one is currently too expensive for me).
So I came up with an idea, and would like to know how safe it is. Basically I want to generate a new wallet.dat file and write down my public keys so I can send bitcoins to them when I want. Then I would encrypt my wallet.dat in the Bitcoin-qt. I would then continue by encrypting it X times with 7-Zip with different secure passwords. Then I will save it in my Google Drive, so I can keep the wallet file even if my hard drives crashes or if I lose access to them. I would only unlock and access my
Would this be safe (provided my passwords are safe enough)? Is there any better method? Could my method be improved?
It would be better to just use Bitcoin-Qt's built-in encryption (Settings --> Encrypt Wallet). Encrypting things multiple times is pointless; one secure password will make it take trillions of years to crack. However, if you feel more secure encrypting the wallet.dat with something other than Bitcoin-Qt's built-in encryption feature, I would recommend Truecrypt instead 7-Zip. Truecrypt uses XTS for AES, arguably the most secure mode of operation, and lets you use multiple ciphers (such as AES-Twofish-Serpent, my favorite). I was thinking of using Bitcoin-Qt's built-in encryption together with 7-Zip. Does it become more safe if you encrypt several times or is it just as safe or less safe? And yeah, I will be looking into Truecrypt.
|
|
|
|
BitcoinQTlol
Newbie
Offline
Activity: 28
Merit: 0
|
|
March 09, 2014, 05:26:38 PM |
|
Download Bitcoin-QT Go offline Generate a address dump private key store private key on multiple usb's delete bitcoin-qt send bitcoin to public address of the private key from btc-e ??/ profit. or just buy a printer and stick the paper wallet in a book.
|
|
|
|
tkbx
|
|
March 09, 2014, 05:55:42 PM |
|
Okay, so currently I store 80-90% of my bitcoins at BTC-E, which I know is bad. So I was thinking of some secure ways to store most of my bitcoins. Personally, a paper wallet doesn't work that good for me (I don't have access to a printer, and also I'm afraid I might lose the bitcoins). Neither does a cold wallet on another computer, because it's a hassle to set up and my only other computers are old and I don't know long their hard drives will survive (buying a new one is currently too expensive for me).
So I came up with an idea, and would like to know how safe it is. Basically I want to generate a new wallet.dat file and write down my public keys so I can send bitcoins to them when I want. Then I would encrypt my wallet.dat in the Bitcoin-qt. I would then continue by encrypting it X times with 7-Zip with different secure passwords. Then I will save it in my Google Drive, so I can keep the wallet file even if my hard drives crashes or if I lose access to them. I would only unlock and access my
Would this be safe (provided my passwords are safe enough)? Is there any better method? Could my method be improved?
It would be better to just use Bitcoin-Qt's built-in encryption (Settings --> Encrypt Wallet). Encrypting things multiple times is pointless; one secure password will make it take trillions of years to crack. However, if you feel more secure encrypting the wallet.dat with something other than Bitcoin-Qt's built-in encryption feature, I would recommend Truecrypt instead 7-Zip. Truecrypt uses XTS for AES, arguably the most secure mode of operation, and lets you use multiple ciphers (such as AES-Twofish-Serpent, my favorite). I was thinking of using Bitcoin-Qt's built-in encryption together with 7-Zip. Does it become more safe if you encrypt several times or is it just as safe or less safe? And yeah, I will be looking into Truecrypt. There's no clear cut answer about whether encrypting multiple times makes it more secure. Your only real concern is the quality of your passwords. A 15-character random password in Bitcoin-Qt is much more secure than both a 14-character random password in Bitcoin-Qt and a different 14-character random password in 7-Zip/Truecrypt combined. If you get carried away with an encrypted wallet in an encrypted 7-Zip archive in a Truecrypt volume, you give yourself the illusion of security, which could cause you to overlook actual security. My recommendation would be to generate a long, random password (14-20 characters of letters, numbers, and symbols), write it down on a piece of paper, use the password with Bitcoin-Qt's built-in encryption, and keep that paper somewhere safe (such as a book).
|
|
|
|
Jacce (OP)
|
|
March 09, 2014, 06:12:43 PM |
|
Download Bitcoin-QT Go offline Generate a address dump private key store private key on multiple usb's delete bitcoin-qt send bitcoin to public address of the private key from btc-e ??/ profit. or just buy a printer and stick the paper wallet in a book. The problem is that this would require either a printer or USBs. This costs money, and I don't have a lot of it. Also, it is possible, although very unlikely, to lose the paper wallet/USBs. But I think I will go with tkbx's suggestion, thank you.
|
|
|
|
cp1
|
|
March 09, 2014, 06:14:44 PM |
|
If you choose to store it online (a terrible idea) then at least have 2-factor enabled on your google account.
I guess we should ask how many BTC are you storing? If you can't afford to buy a printer or a two pack of USB drives from Costco for $20 then it's probably only dust. In which case it doesn't really matter. If you're storing thousands of dollars in BTC and are worried about saving $100 then you're all messed up.
|
|
|
|
odolvlobo
Legendary
Offline
Activity: 4494
Merit: 3402
|
|
March 09, 2014, 06:14:55 PM |
|
Okay, so currently I store 80-90% of my bitcoins at BTC-E, which I know is bad. So I was thinking of some secure ways to store most of my bitcoins. ... Would this be safe (provided my passwords are safe enough)? Is there any better method? Could my method be improved?
You don't need to go to so much trouble. It is much easier than you think. Do this: 1. Set up a wallet such as Electrum or Multibit on a computer. 2. If the wallet gives you an option to set a password or encrypt it, do that. This is a critical step. Don't skip it. This will protect your bitcoins from others. 3. Back up whatever the wallet tells you to back up. This is a critical step. Don't skip it. This will protect your bitcoins from yourself. 4. Transfer your bitcoins to your new wallet. Cold storage is more secure and you might want to do that eventually, but the first step is getting the bitcoins out of BTC-e and into your own wallet.
|
Join an anti-signature campaign: Click ignore on the members of signature campaigns. PGP Fingerprint: 6B6BC26599EC24EF7E29A405EAF050539D0B2925 Signing address: 13GAVJo8YaAuenj6keiEykwxWUZ7jMoSLt
|
|
|
Jacce (OP)
|
|
March 09, 2014, 06:34:55 PM |
|
If you choose to store it online (a terrible idea) then at least have 2-factor enabled on your google account.
I guess we should ask how many BTC are you storing? If you can't afford to buy a printer or a two pack of USB drives from Costco for $20 then it's probably only dust. In which case it doesn't really matter. If you're storing thousands of dollars in BTC and are worried about saving $100 then you're all messed up.
I'm not storing thousands of dollars in BTC, but it's much to me and I'd like to keep it whatever happens to my computer(s). I guess I could store it on USB drives and I could afford them, but they could break or I could lose them somehow. I just feel more safe about storing it in my Google Drive (which btw is protected by 2FA and a more than 12 characters long password). However, I would like to save a portion of all the bitcoins I buy/earn there and I would like to be sure I don't lose the wallet.dat whatever happens.
|
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
March 09, 2014, 06:41:54 PM |
|
Encrypting multiple times is likely useless. It is like installing two bank vault doors as the front door for your house because one isn't safe enough. Then forgetting a thief can come in through a window, right through a wall with a car. If you use an encrypted QT wallet file the most likely reasons you lose your coins is: 1) inside theft (roommate, guest in house, etc). 2) you lose the wallet and/or passphrase (it is really hard to break into). 3) your password is weak/insecure 4) you system is compromised with malware or key logger. Double encryption doesn't help you in any of those scenarios and makes it more likely for #2 and possibly more likely for #3 (you use two weaker passwords instead of one stronger one). http://world.std.com/~reinhold/diceware.htmlGenerate a random 6 word passphrase all lower case, no special symbols or numbers (far easier to remember over longer period of time and it can't be brute forced especially with the PBKDF2 key hardening that the QT wallet uses). example: bus security issue vomit fled shut lawn
|
|
|
|
Jacce (OP)
|
|
March 09, 2014, 06:56:19 PM |
|
Encrypting multiple times is likely useless. It is like installing two bank vault doors as the front door for your house because one isn't safe enough. Then forgetting a thief can come in through a window, right through a wall with a car. If you use an encrypted QT wallet file the most likely reasons you lose your coins is: 1) inside theft (roommate, guest in house, etc). 2) you lose the wallet and/or passphrase (it is really hard to break into). 3) your password is weak/insecure 4) you system is compromised with malware or key logger. Double encryption doesn't help you in any of those scenarios and makes it more likely for #2 and possibly more likely for #3 (you use two weaker passwords instead of one stronger one). http://world.std.com/~reinhold/diceware.htmlGenerate a random 6 word passphrase all lower case, no special symbols or numbers (far easier to remember over longer period of time and it can't be brute forced especially with the PBKDF2 key hardening that the QT wallet uses). example: bus security issue vomit fled shut lawn The reason why I would like to have multiple encryptions is if I write down my ~20 character long password like tkbx told me to and someone would somehow find it, they would also have to get through a ~15 character long password that I remember and isn't written down anywhere (I am sure I wouldn't forget that password unless I get a memory loss or something like that, so that's not an issue either). I wouldn't access the wallet either unless I really need to, so it would be pretty hard for a malware to access it.
|
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
March 09, 2014, 07:54:50 PM |
|
So just use the single password you have memorized. Write nothing down, and there is no need to a dubious second encryption.
|
|
|
|
|