Bitcoin Forum
March 28, 2024, 01:55:27 PM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: 1 2 3 4 5 [All]
  Print  
Author Topic: Saving your private key in your email is a lethal move  (Read 1641 times)
Sharon121212 (OP)
Full Member
***
Offline Offline

Activity: 280
Merit: 215



View Profile
April 07, 2019, 06:00:27 PM
Merited by vapourminer (5), Jet Cash (5), dbshck (4), CryptopreneurBrainboss (3), OgNasty (2), Halab (2), DdmrDdmr (1)
 #1

Well I would not have made this post not until this week I have a cryptocurrency community on social media(telegram) we doing my own bit to enlighten and empower those I can.
We tell them about cryptocurrency wallet and how they go about it well I made it clear to them never to screenshot there private keys but rather write it down and put it away in a place safe.

But it's has occurred more times where private keys where written, sent and saved on some of my students emails...

Well this has huge consequences. I would want to reach out to the noobs never improvise instructions are instructions when creating a wallet you are told to write your private keys down(not on email or on your device).
Your email can not key your private key safe it's still could be hacked and the information collected.

 It's basic instructions and rules when over looked causes damages.
1711634127
Hero Member
*
Offline Offline

Posts: 1711634127

View Profile Personal Message (Offline)

Ignore
1711634127
Reply with quote  #2

1711634127
Report to moderator
You get merit points when someone likes your post enough to give you some. And for every 2 merit points you receive, you can send 1 merit point to someone else!
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
Pmalek
Legendary
*
Offline Offline

Activity: 2716
Merit: 7030


Farewell, Leo. You will be missed!


View Profile
April 07, 2019, 07:19:52 PM
Merited by OgNasty (2), TryNinja (1)
 #2

A private key should never be sent or shared online either via email or saved on clouds, drives etc. Consider it compromised and funds protected by it.
Instruct your students to invest in a hardware wallet if they are serious about crypto currencies since the private keys in hardware wallets never leave the safety of the device.

..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
nakamura12
Hero Member
*****
Offline Offline

Activity: 2226
Merit: 669


Bitcoin Casino Est. 2013


View Profile
April 07, 2019, 08:18:10 PM
 #3

Saving private key online will only expose your private key to hackers out there where cloud save as an example can be hacked by hackers then they will be able to get your private key to access your crypto savings. It is already discussed here already on where or what is the best solution to save your private key which most cases is written on a piece of paper or a device where there is no internet connection like a USB for example.

███▄▀██▄▄
░░▄████▄▀████ ▄▄▄
░░████▄▄▄▄░░█▀▀
███ ██████▄▄▀█▌
░▄░░███▀████
░▐█░░███░██▄▄
░░▄▀░████▄▄▄▀█
░█░▄███▀████ ▐█
▀▄▄███▀▄██▄
░░▄██▌░░██▀
░▐█▀████ ▀██
░░█▌██████ ▀▀██▄
░░▀███
▄▄██▀▄███
▄▄▄████▀▄████▄░░
▀▀█░░▄▄▄▄████░░
▐█▀▄▄█████████
████▀███░░▄░
▄▄██░███░░█▌░
█▀▄▄▄████░▀▄░░
█▌████▀███▄░█░
▄██▄▀███▄▄▀
▀██░░▐██▄░░
██▀████▀█▌░
▄██▀▀██████▐█░░
███▀░░
LTU_btc
Legendary
*
Offline Offline

Activity: 3010
Merit: 1323


Slava Ukraini!


View Profile WWW
April 07, 2019, 09:10:47 PM
Merited by DdmrDdmr (1)
 #4

Storing private in email is stupid idea definitely. It's something similar like to lock your house and leave keys in the lock.
I heard some similar stories when people keep their private keys, back up file or recovery phrase in cloud storages like Google Drive because they consider that is safer place in case if something will happen to their computer. Also, I know that some people just take photo of their private key or recovery phrase and just keep it on their phone.
When I was less experienced user, I also had dilemma where to keep these things. I instantly rejected idea to write down it, because sheet of paper doesn't looks like safest thing. I also didn't saved it on my PC or online storages. It was difficult to choose where to keep these things. Finally I decided to USB flash, but I'm not sure that's safest place.

akamit
Hero Member
*****
Offline Offline

Activity: 1470
Merit: 595


View Profile
April 07, 2019, 10:11:33 PM
 #5

Finally I decided to USB flash, but I'm not sure that's safest place.
Storing private keys in USB FLASH is safe as long as they aren’t in the hands of an attacker. I hope you have hidden the USB Flash is a safe place.

But the first safest option is HARDWARE WALLETS, second USB FLASH, third is a paper wallet in my opinion. But paper wallets has some risks unless the user laminates it.



@OP, you may want to check this article for all the best possible options.
madrogue
Member
**
Offline Offline

Activity: 98
Merit: 15


View Profile
April 08, 2019, 12:01:13 AM
 #6

Storing private keys in USB FLASH is safe as long as they aren’t in the hands of an attacker. I hope you have hidden the USB Flash is a safe place.
More than 2 Years i save my private key to USB Flash and this is very safe i think.
But you must be carefull to access your wallet with private key,. If you login in phising website, hacker can steal your wallet too.

Bookmark website is important but with Bruteforce they can move a website you visited to their phising site.
So, don't bookmark in your Searching Browser. Better you save it as text file and save to your USB Flash.
bitmover
Legendary
*
Offline Offline

Activity: 2254
Merit: 5835


bitcoindata.science


View Profile WWW
April 08, 2019, 12:06:31 AM
 #7

A private key should never be sent or shared online either via email or saved on clouds, drives etc. Consider it compromised and funds protected by it.
Instruct your students to invest in a hardware wallet if they are serious about crypto currencies since the private keys in hardware wallets never leave the safety of the device.

That's 100% correct.

Bitcoin is genius because the keys are hold offline, they cannot be hacked. If you hold them online, you are doing it wrong and making them available for hackers

You can just note down your seed and store in a safe physical location, hidden.

.
.BLACKJACK ♠ FUN.
█████████
██████████████
████████████
█████████████████
████████████████▄▄
░█████████████▀░▀▀
██████████████████
░██████████████
████████████████
░██████████████
████████████
███████████████░██
██████████
CRYPTO CASINO &
SPORTS BETTING
▄▄███████▄▄
▄███████████████▄
███████████████████
█████████████████████
███████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████████████
█████████████████████
███████████████████
▀███████████████▀
█████████
.
whotookmycrypto
Full Member
***
Offline Offline

Activity: 168
Merit: 214


WhoTookMyCrypto.com


View Profile WWW
April 08, 2019, 02:00:27 AM
Merited by vapourminer (1)
 #8

Trezor has made a good article on this: https://blog.trezor.io/https-blog-trezor-io-keep-your-seed-phrase-away-from-lions-edcc105457a0

While they talk about seed phrase instead of private keys, the recommendations provided are equally applicable to securing your private keys.

mk4
Legendary
*
Offline Offline

Activity: 2716
Merit: 3816


🪸 NotYourKeys.org 🪸


View Profile
April 08, 2019, 02:22:32 AM
 #9

or a device where there is no internet connection like a USB for example.

Yes, but only IF you know and you're actually very sure that you know what you're doing. Your private keys can still be compromised even a USB flashdrive is offline, if you manage to mess something up when you're on the process of generating the keys and saving it to the USB flashdrive on your computer.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
whotookmycrypto
Full Member
***
Offline Offline

Activity: 168
Merit: 214


WhoTookMyCrypto.com


View Profile WWW
April 08, 2019, 02:44:21 AM
 #10

Yes, but only IF you know and you're actually very sure that you know what you're doing. Your private keys can still be compromised even a USB flashdrive is offline, if you manage to mess something up when you're on the process of generating the keys and saving it to the USB flashdrive on your computer.

Yeap, even air gaps aren't sufficient to protect your keys since there are ways to bypass it. For example, see how Stuxnet spread.

Found this good illustration online to demonstrate how USB can be used to exfiltrate private keys.


joniboini
Legendary
*
Offline Offline

Activity: 2142
Merit: 1785



View Profile WWW
April 08, 2019, 03:36:59 AM
 #11

Yeap, even air gaps aren't sufficient to protect your keys since there are ways to bypass it. For example, see how Stuxnet spread.

Found this good illustration online to demonstrate how USB can be used to exfiltrate private keys.

If I get the image correctly, it seems the reason why the private key was stolen is that the user downloaded malicious software from the internet and install it on his cold wallet. That's definitely not what we should do.

███████████████████████████
███████▄████████████▄██████
████████▄████████▄████████
███▀█████▀▄███▄▀█████▀███
█████▀█▀▄██▀▀▀██▄▀█▀█████
███████▄███████████▄███████
███████████████████████████
███████▀███████████▀███████
████▄██▄▀██▄▄▄██▀▄██▄████
████▄████▄▀███▀▄████▄████
██▄███▀▀█▀██████▀█▀███▄███
██▀█▀████████████████▀█▀███
███████████████████████████
.
.Duelbits.
..........UNLEASH..........
THE ULTIMATE
GAMING EXPERIENCE
DUELBITS
FANTASY
SPORTS
████▄▄█████▄▄
░▄████
███████████▄
▐███
███████████████▄
███
████████████████
███
████████████████▌
███
██████████████████
████████████████▀▀▀
███████████████▌
███████████████▌
████████████████
████████████████
████████████████
████▀▀███████▀▀
.
▬▬
VS
▬▬
████▄▄▄█████▄▄▄
░▄████████████████▄
▐██████████████████▄
████████████████████
████████████████████▌
█████████████████████
███████████████████
███████████████▌
███████████████▌
████████████████
████████████████
████████████████
████▀▀███████▀▀
/// PLAY FOR  FREE  ///
WIN FOR REAL
..PLAY NOW..
pooya87
Legendary
*
Offline Offline

Activity: 3402
Merit: 10433



View Profile
April 08, 2019, 04:24:47 AM
 #12

Yeap, even air gaps aren't sufficient to protect your keys since there are ways to bypass it. For example, see how Stuxnet spread.

Found this good illustration online to demonstrate how USB can be used to exfiltrate private keys.

If I get the image correctly, it seems the reason why the private key was stolen is that the user downloaded malicious software from the internet and install it on his cold wallet. That's definitely not what we should do.

no, it is saying that there are malwares that can hide on your USB disk and be transferred to your cold storage alongside the raw unsigned tx which you are transferring to be signed and they can steal your keys while you are transferring the USB disk back to the online computer to broadcast the signed tx.

a simple solution which 100% solves this is usage of QR codes with a camera instead of USB disk.

..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
Chikito
Copper Member
Legendary
*
Offline Offline

Activity: 2338
Merit: 2048



View Profile WWW
April 08, 2019, 06:13:59 AM
 #13

even they are student and familiar with pen and pencil, you have to instruting them of all to write private key on paper, double check spelling of private key, then laminated paper on very safe place

.
.BLACKJACK ♠ FUN.
█████████
██████████████
████████████
█████████████████
████████████████▄▄
░█████████████▀░▀▀
██████████████████
░██████████████
████████████████
░██████████████
████████████
███████████████░██
██████████
CRYPTO CASINO &
SPORTS BETTING
▄▄███████▄▄
▄███████████████▄
███████████████████
█████████████████████
███████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████████████
█████████████████████
███████████████████
▀███████████████▀
█████████
.
sheenshane
Legendary
*
Offline Offline

Activity: 2366
Merit: 1206


🔰Buy/Sell Cryptocurrencies🔰


View Profile WWW
April 08, 2019, 06:55:55 AM
Merited by suchmoon (9), Yamifoud (2), pooya87 (1), BitMaxz (1)
 #14

no, it is saying that there are malwares that can hide on your USB disk and be transferred to your cold storage alongside the raw unsigned tx which you are transferring to be signed and they can steal your keys while you are transferring the USB disk back to the online computer to broadcast the signed tx.

a simple solution which 100% solves this is usage of QR codes with a camera instead of USB disk.
You can hide your USB through like this I'm sure it is impossible to hack or steal from scammers or even one of your family member. Cheesy

Anyone who wants to try this just sent me a PM. Grin

There's a lot way of keeping your private, that is our responsibility to keep them safe. But in a small amount, I think that is not necessary to keep in USB, just a piece of paper would be fine and put into your personal pocket wallet.

.BEST..CHANGE.███████████████
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
███████████████
..BUY/ SELL CRYPTO..
Kakmakr
Legendary
*
Offline Offline

Activity: 3402
Merit: 1944

This space is availlable for advertising


View Profile
April 08, 2019, 07:01:55 AM
 #15

Well, not entirely true. If you and the recipient have come to some sort of agreement to obscure the whole private key, by for example breaking it up and sending it with other numbers/letters in several different emails, then people will not be able to extract the private key from your emails.

Let's say the sender and the recipient agrees that the first 3 numbers or letters will be ignored and then the 5th and the 7th and replaced with something else, then it would not make up a recognisable private key.  Grin  <You further break up the numbers and send them in separate emails.>  Tongue

Signature space availlable -Just DM me if you need some advertising.
dothebeats
Legendary
*
Offline Offline

Activity: 3598
Merit: 1352


Excel is fun


View Profile
April 08, 2019, 10:33:35 AM
 #16

Of course. Knowing how easy it is to actually get in on one's email and snoop on all of the contents of it, no one in their sane mind would even think of saving their private keys and other vital information on their email. If life's really that tough, then perhaps save your keys on your phone or write it down somewhere safe. It should be common knowledge that emails are insecure places to store sensitive data be it private keys, banking details, personal info.. the list goes on.

▄▄███████▄▄
▄██████████████▄
▄██████████████████▄
▄████▀▀▀▀███▀▀▀▀█████▄
▄█████████████▄█▀████▄
███████████▄███████████
██████████▄█▀███████████
██████████▀████████████
▀█████▄█▀█████████████▀
▀████▄▄▄▄███▄▄▄▄████▀
▀██████████████████▀
▀███████████████▀
▀▀███████▀▀
.
 MΞTAWIN  THE FIRST WEB3 CASINO   
.
.. PLAY NOW ..
bob123
Legendary
*
Offline Offline

Activity: 1624
Merit: 2481



View Profile WWW
April 08, 2019, 01:22:58 PM
Merited by Foxpup (3), vapourminer (1), o_e_l_e_o (1)
 #17

Your email can not key your private key safe it's still could be hacked and the information collected.


It seems like the majority of people still don't know how the email protocol works.

EVERY mail server (again: EVERY) between you and your recipient can read the mail in plain text.

It is (and never was) a good idea using (non-encrypted) emails to transmit sensitive information.
The email protocol is from 1980. It is extremely outdated and not secure at all.

Just because it is used everywhere, it doesn't mean it is something good / safe / secure.


Actually, you shouldn't store private keys on a device which is connected to the internet at all. Storing them on a mail server is just plain dumb.

jademaxsuy
Full Member
***
Offline Offline

Activity: 924
Merit: 220


View Profile WWW
April 08, 2019, 02:05:54 PM
 #18

no, it is saying that there are malwares that can hide on your USB disk and be transferred to your cold storage alongside the raw unsigned tx which you are transferring to be signed and they can steal your keys while you are transferring the USB disk back to the online computer to broadcast the signed tx.

a simple solution which 100% solves this is usage of QR codes with a camera instead of USB disk.
You can hide your USB through like this I'm sure it is impossible to hack or steal from scammers or even one of your family member. Cheesy

Anyone who wants to try this just sent me a PM. Grin

There's a lot way of keeping your private, that is our responsibility to keep them safe. But in a small amount, I think that is not necessary to keep in USB, just a piece of paper would be fine and put into your personal pocket wallet.
This is more secure than I thought of saving a private key in a usb for sometimes it could be misplaced or stolen by someone and could compromise your holdings.

BTW, do this USB has a safety feature to which if one will going to eat it will prevent damage from the liquids passed through the mouth? I hope so, so that it could be really helpful and it could be one of great saving device for wallet private key.
LTU_btc
Legendary
*
Offline Offline

Activity: 3010
Merit: 1323


Slava Ukraini!


View Profile WWW
April 08, 2019, 07:31:55 PM
 #19

Storing private keys in USB FLASH is safe as long as they aren’t in the hands of an attacker. I hope you have hidden the USB Flash is a safe place.

But the first safest option is HARDWARE WALLETS, second USB FLASH, third is a paper wallet in my opinion. But paper wallets has some risks unless the user laminates it.
Offcourse hardware wallets is the best choice, I already use it for almost few years. But still, USB flash is needed for me to keep recovery phrase. I have written it down to a sheet of paper, but as already said, paper isn't very safe thing - Iover the time ink fades, and paper deteriorates, it's easy to destroy it with water and it can get lost easily.

o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18497


View Profile
April 08, 2019, 08:04:22 PM
Merited by Foxpup (3)
 #20

Let's say the sender and the recipient agrees that the first 3 numbers or letters will be ignored and then the 5th and the 7th and replaced with something else, then it would not make up a recognisable private key.
This is essentially security through obscurity, and is generally a bad way to store any sensitive information. If you absolutely must send something sensitive via email, the best way is an encrypted file with a previously (and securely) agreed upon key.

The same advice throughout this thread obviously applies to mnemonic seeds as well. Too many people store electronic copies of their mnemonic seed, which again, is a terrible idea. Write it down or engrave it, and store it somewhere physically secure.
Kakmakr
Legendary
*
Offline Offline

Activity: 3402
Merit: 1944

This space is availlable for advertising


View Profile
April 09, 2019, 05:41:47 AM
 #21

Let's say the sender and the recipient agrees that the first 3 numbers or letters will be ignored and then the 5th and the 7th and replaced with something else, then it would not make up a recognisable private key.
This is essentially security through obscurity, and is generally a bad way to store any sensitive information. If you absolutely must send something sensitive via email, the best way is an encrypted file with a previously (and securely) agreed upon key.

The same advice throughout this thread obviously applies to mnemonic seeds as well. Too many people store electronic copies of their mnemonic seed, which again, is a terrible idea. Write it down or engrave it, and store it somewhere physically secure.

How sure are you that encryption technology are safe and that it would stay safe in the future? Let's say the "No Such Agency" finds a way to decrypt that encrypted email in the future, then your sensitive information would be exposed and used against you in the future. <They are already collecting large amounts of data> and encrypted data would be an ideal target for them.>

Security through obscurity can constantly change and it makes it very difficult for them to decipher the hidden messages. <You can change it with every message if you wanted to.>  Cool

Signature space availlable -Just DM me if you need some advertising.
o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18497


View Profile
April 09, 2019, 10:05:17 AM
Merited by Foxpup (2)
 #22

Security through obscurity can constantly change and it makes it very difficult for them to decipher the hidden messages. <You can change it with every message if you wanted to.> 
You can only change it with every message if you have a separate and 100% secure way of communicating with the recipient to reveal your new method, (in other words, meeting up in person with no electronic devices around), in which case you are far better just using that secure method to transfer for the information you need to. I make a point of keeping anything truly sensitive well away from the internet, email, cloud servers, etc., even if it is encrypted.

Additionally, if an agency had the computing power to break 256-bit, then they can certainly brute force anything along the lines of swapping digits around or including extra nonsense characters.
vit05
Hero Member
*****
Offline Offline

Activity: 672
Merit: 526



View Profile
April 09, 2019, 09:31:32 PM
 #23

Emails are completely unsafe for something like that. But it is necessary that at some point we have some kind of online solution to save a key. It may be just one, of multiple keys needed to open a wallet.

There are several reasons and times that you may have to see yourself completely away from several of your physical assets. As well as wallets, usb etc. When making a trip, being arrested, staying in the hospital. The simple way is to say that online and in the clouds is always the worst option. But in fact everything carries some kind of risk. And you should always analyze case by case.

In this student situation, it is important to demonstrate why email is unsafe to store the keys and also to exchange a range of information that may be confidential. A great opportunity to teach about encryption.
leowonderful
Legendary
*
Offline Offline

Activity: 1624
Merit: 1129


Bitcoin FTW!


View Profile
April 10, 2019, 12:45:11 AM
 #24

Emails aren't a good place to keep anything valuable, period. Even with multiple layers of security on your email like 2FA and SMS confirmation, there's still a chance your email could be compromised and you want to keep as little sensitive information as possible in your inbox when that happens. I periodically go through my emails and delete emails because of this.
CryptopreneurBrainboss
Legendary
*
Offline Offline

Activity: 2212
Merit: 4124


eXch.cx - Automatic crypto Swap Exchange.


View Profile WWW
April 10, 2019, 03:59:43 AM
 #25

Ignorance & lack of information is a major contributor to this, Here are some of the possible reason why newbies think storing of private on email is the best solution;
  • They could easily remember where they stored their private key
  • It can be easily access from any device as far they're connected to the internet
  • They have been earlier misinformed that storing sensible information on their email is safe

Again the type of wallet they use play a major role in them storing their private key carelessly. A user making use of an online (web) or APP wallet is likable to store their private key in their email than a user making use of a hardware wallet. So again they need to be informed on the best wallet to use to prevent issues like this (them storing private key in emails) from occuring.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
Siren
Sr. Member
****
Offline Offline

Activity: 826
Merit: 265



View Profile
April 10, 2019, 05:18:08 AM
 #26

Finally I decided to USB flash, but I'm not sure that's safest place.
Storing private keys in USB FLASH is safe as long as they aren’t in the hands of an attacker. I hope you have hidden the USB Flash is a safe place.

But the first safest option is HARDWARE WALLETS, second USB FLASH, third is a paper wallet in my opinion. But paper wallets has some risks unless the user laminates it.



@OP, you may want to check this article for all the best possible options.
Yups that’s totally safe as long as the USB will remain safe and other than that i guess writing in paper will also beneficial for us and our successors as we really don’t know what will happen in future and accidents happen in none expected occasion
I have written my private keys in separate formats an gave to my children each they deserve so when time comes I’ll passed in unexpected ways they will continue my legacy here in crypto
bob123
Legendary
*
Offline Offline

Activity: 1624
Merit: 2481



View Profile WWW
April 10, 2019, 07:17:20 AM
Merited by Foxpup (2), o_e_l_e_o (1)
 #27

How sure are you that encryption technology are safe and that it would stay safe in the future?

Simple answer: Mathematics.

Even with constantly increasing computing power, there are encryption algorithms which are (mathematically proven) secure.
RSA with a key length of 2048+ bit is safe for the next 10 years for example. 4096 bit keys are secure beyond 2030.

Same applies to AES with 256 bit. It is safe to use beyond 2030. Another good alternative is to use ECC.


In 10+ years, you could simply send all of your coins to a different address and encrypt that private key with a (more modern) encryption algorithm to have it secured for another period.



Let's say the "No Such Agency" finds a way to decrypt that encrypted email in the future

They don't find a way to "decrypt that encrypted mail", but to "break an encryption". And this - depending on the algorithm - is not possible, which is proven mathematically.



Security through obscurity can constantly change and it makes it very difficult for them to decipher the hidden messages. <You can change it with every message if you wanted to.>  Cool

Security through obscurity is a very very VERY bad approach.
Just google it, you will find tons of arguments why you should never rely on this.

TheHas
Full Member
***
Offline Offline

Activity: 616
Merit: 167


View Profile
April 10, 2019, 10:35:21 AM
 #28

Just treat your private address with a corresponding level of security to its value.

If you've got ten bucks in an address, sure you could save that in an email or on your desktop, the repercussions are fairly minor if someone gets access.

If you've got hundreds, or even thousands then write it down manually and put in a safe. Just use commonsense.
Velkro
Legendary
*
Offline Offline

Activity: 2296
Merit: 1014



View Profile
April 10, 2019, 01:09:49 PM
 #29

Re: Saving your private key in your email is a lethal move
Agree, its like actually saving it on someone else computer. You never know how many people have access to this data, its huge risk of your private key beign compromised.
Security need to be adjusted to person need's. Less money demands less security, more money demands more security.
efrenbilantok
Member
**
Offline Offline

Activity: 576
Merit: 39


View Profile
April 10, 2019, 05:18:37 PM
 #30

Flashdrives might get corrupted so does computer/laptop, cloud storage can be hacked, so does email and Social media accounts. The best choice is to make a hardcopy of your private key and lock it somewhere safe, but you might forgot where you place it or might stolen. Hmm looks like everything is lethal huh? XD
sheenshane
Legendary
*
Offline Offline

Activity: 2366
Merit: 1206


🔰Buy/Sell Cryptocurrencies🔰


View Profile WWW
April 10, 2019, 06:01:52 PM
Last edit: April 10, 2019, 06:41:26 PM by sheenshane
 #31

Re: Saving your private key in your email is a lethal move
Agree, its like actually saving it on someone else computer. You never know how many people have access to this data, its huge risk of your private key beign compromised.
Security need to be adjusted to person need's. Less money demands less security, more money demands more security.
You are right when it comes more money demands it required more security needs. I do usually save my private key or seed phrase in the memory card from mobile, after saving my private key I'll remove it and put into my closet. But one thing that comes up in my mind, how about body implant like a microchip implant where your private key stored, I am sure it is secure but I don't know if safe for human.


Google credit

Do you think this is possible or the same on the lethal move?

.BEST..CHANGE.███████████████
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
███████████████
..BUY/ SELL CRYPTO..
r1a2y3m4
Full Member
***
Offline Offline

Activity: 504
Merit: 127


Match365> be a part of 150BTC inviting bonus


View Profile
April 10, 2019, 06:37:09 PM
 #32

Finally I decided to USB flash, but I'm not sure that's safest place.
Storing private keys in USB FLASH is safe as long as they aren’t in the hands of an attacker. I hope you have hidden the USB Flash is a safe place.

But the first safest option is HARDWARE WALLETS, second USB FLASH, third is a paper wallet in my opinion. But paper wallets has some risks unless the user laminates it.
Hardware wallets are the best option to store your private key. But put on your mind that hardware and USB are the same, they are object in which we can misplace easily since they are small. If you are a sloppy person like me, USB flash could not be an option for me.

What I'll do in storing my private key is I'll use a notepad and write all of my private keys on all wallets on one of it and will save it on my desktop. Copy a file of that on my laptop, copy of that file to my phone, to my girlfriend's phone.

o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18497


View Profile
April 10, 2019, 06:57:55 PM
 #33

I do usually save my private key or seed phrase in the memory card from mobile, after saving my private key I'll remove it and put into my closet.
This isn't a very good solution. Your plain text private key or seed phrase should ideally never touch an internet enabled device, even if the device is offline when you do it. You have no guarantees that there isn't malware on your device which will copy your key/phrase and transmit it to an attacker when internet access is restored.

If you want to save your phrase or key on a memory stick, then it should be encrypted and copied via a permanently airgapped device.
kingpin4321
Member
**
Offline Offline

Activity: 280
Merit: 14


View Profile
April 10, 2019, 10:32:25 PM
 #34

I don't support the saving of private keeps on an email that's is foolhardy a thing to do.
But where ever is it one decided to safe there private keys the major aim should be apt security and ease for the owners to get.
BitMaxz
Legendary
*
Offline Offline

Activity: 3206
Merit: 2907


Block halving is coming.


View Profile WWW
April 10, 2019, 11:08:05 PM
Last edit: April 10, 2019, 11:21:39 PM by BitMaxz
 #35

I do usually save my private key or seed phrase in the memory card from mobile, after saving my private key I'll remove it and put into my closet.
This isn't a very good solution. Your plain text private key or seed phrase should ideally never touch an internet enabled device, even if the device is offline when you do it. You have no guarantees that there isn't malware on your device which will copy your key/phrase and transmit it to an attacker when internet access is restored.

If you want to save your phrase or key on a memory stick, then it should be encrypted and copied via a permanently airgapped device.
In my own keys and seed phrase, I put them into a plain text then I archive them to a rar file with password 3 times with 3 different passwords (what I mean is after I archived it to rar with the password I archive it again and add another password.) Then the 3rd archive I use base64 encode as my password to make sure if someone trying to brute-force my archived rar seed/privkeys it will take years before they can hack and since I archived it 3 times they can brute-force my archived seed/privkeys and hack after a decade.

The file is saved privately with google drive and I have a backup on my Gmail on the draft page.


As of now, no one knows that I have a backup on my email because I used a different email and never use it for online verification just to make sure no one knows my email.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
jerry0
Full Member
***
Offline Offline

Activity: 1736
Merit: 186


View Profile
April 11, 2019, 12:43:09 AM
 #36

Well what if something happens physically in your house then and everything is destroyed or stolen?


I understand backing up your seed in your camera by taking a picture is bad and sending it to an email is foolish.  But if its encrypted, thats not good enough?


Example you type your seed in lastpass or keepass.  You need a password to open the program to reveal all your passwords.  You then upload it to dropbox or google drive.  Now the hacker would need to first hack into your dropbox or google drive account.  Then they would need to know the password for you lastpass or keepass.  So isn't that hard already for them?  I can understand it being easy if say that person targeted your computer and send you link etc to keylog you or you download something.  Also say you use axcrypt to encrypt it.  Example you encrypt lastpass or keepass. 


Now they need to


1. hack into your dropbox or gmail

2.  Know your email and password connected with your axcrypt account to encrypt the lastpass or keepass file

3.  Know the password for lastpass or keepass



So aren't these steps already pretty tough for a hacker?  The issue here though is if you do it this way, you need to remember 2 things, your lastpass/keepass password and your axcrypt password.  But the issue here is don't most ppl use a very long complicated password for axcrypt?  Thus that would mean doing this wouldn't work since you won't know your axcrypt password since its probably put in lastpass/keepass?



Also dont most of you use password managers like lastpass/keepass?  I mean u guys dont know your email and banking passwords right?  Thus keep everything there.  So if you keep everything there along with your private key but make sure you have a strong master password, that isn't safe enough?



So what i described which is the better method?  The one with the 3 steps or


1.   Hacker needs to hack into your dropbox or gmail

2.  Know the password for lastpass or keepass




The thing is i think most ppl dont know their axcrypt pw right and store that in lastpass or keepass?
o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18497


View Profile
April 11, 2019, 11:46:04 AM
 #37

In my own keys and seed phrase, I put them into a plain text then I archive them to a rar file with password 3 times with 3 different passwords (what I mean is after I archived it to rar with the password I archive it again and add another password.) Then the 3rd archive I use base64 encode as my password to make sure if someone trying to brute-force my archived rar seed/privkeys it will take years before they can hack and since I archived it 3 times they can brute-force my archived seed/privkeys and hack after a decade.
This may or may not be relatively safe, depending on what RAR archiver you are using and what encryption method it uses. Some don't encrypt the data at all, others use AES128 or AES256. A better option, in my opinion, would be use a proper encryption program like Veracrypt, and encrypt it with that, rather than relying on a RAR archiver to encrypt it for you.

The other weak link in this chain is where you are encrypting it. If you are talking about encrypting a plain text file on your usual, everyday computer which is internet enabled, you have no guarantee that the plain text data hasn't already left your machine or been otherwise accessed before you encrypt it. You should be encrypting it on a clean OS on a device without the capability for internet access, and then transferring the encrypted file to your internet enabled computer for uploading.

The best option is not to store any sensitive data, encrypted or not, anywhere near the internet, emails, cloud servers, etc.
timerland
Hero Member
*****
Offline Offline

Activity: 1526
Merit: 596


View Profile
April 11, 2019, 10:32:15 PM
 #38

Well I would not have made this post not until this week I have a cryptocurrency community on social media(telegram) we doing my own bit to enlighten and empower those I can.
We tell them about cryptocurrency wallet and how they go about it well I made it clear to them never to screenshot there private keys but rather write it down and put it away in a place safe.

But it's has occurred more times where private keys where written, sent and saved on some of my students emails...

Well this has huge consequences. I would want to reach out to the noobs never improvise instructions are instructions when creating a wallet you are told to write your private keys down(not on email or on your device).
Your email can not key your private key safe it's still could be hacked and the information collected.

 It's basic instructions and rules when over looked causes damages.

That is certainly true. And not just emails, the same thing applies to all cloud storage hosts.

A lot of people say that as long as you encrypt it with a password, it doesn't matter where you store it. But in my opinion if someone is able to gain access to your email, it is likely that they were able to crack your password in the first place which makes encrypted file easy to crack as well, since so many people reuse their passwords for everything.

Even though it may seem convenient at the time and the risks are quite far away - trust me, you don't want to be placed in a situation where you are potentially out of pocket thousands of dollars if not more simply because you failed to follow simple procedures. Store it offline.

Smiley
jerry0
Full Member
***
Offline Offline

Activity: 1736
Merit: 186


View Profile
April 11, 2019, 11:21:26 PM
 #39

Those people that say don't store it online even if you encrypt it, then what happens if something happens to your computer or usb physically?  Say a theft or fire?  Where is your backup then?  That is why i thought online backup has to be a must because if that happens, you can access dropbox or gmail and the file is there.
Thanasis
Hero Member
*****
Offline Offline

Activity: 1820
Merit: 515


★777Coin.com★ Fun BTC Casino


View Profile
April 12, 2019, 06:58:33 AM
 #40

Those people that say don't store it online even if you encrypt it, then what happens if something happens to your computer or usb physically?  Say a theft or fire?  Where is your backup then?  That is why i thought online backup has to be a must because if that happens, you can access dropbox or gmail and the file is there.
Saving the private keys online is risky. Roll Eyes

Do you think gmail is hard to hack? It is not much harder to hack and we can see many people were complaining that they bitcointalk accounts were hcked due to their registered email was hacked so saving it physically is the better solution.

o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18497


View Profile
April 12, 2019, 09:29:47 AM
 #41

Those people that say don't store it online even if you encrypt it, then what happens if something happens to your computer or usb physically?  Say a theft or fire?  Where is your backup then?
Physical back ups in a variety of secure locations, that no one knows about. Encrypt the file on an airgapped PC, copy to a couple of USBs, and store them in a safe deposit box, vault, personal safe, or similar.

Having said that, the best method is to not store your keys or seed electronically at all - you are better off using paper wallets or hardware wallets with the seeds backed up on paper.
whotookmycrypto
Full Member
***
Offline Offline

Activity: 168
Merit: 214


WhoTookMyCrypto.com


View Profile WWW
April 12, 2019, 09:46:10 AM
 #42

Those people that say don't store it online even if you encrypt it, then what happens if something happens to your computer or usb physically?  Say a theft or fire?  Where is your backup then?
Physical back ups in a variety of secure locations, that no one knows about. Encrypt the file on an airgapped PC, copy to a couple of USBs, and store them in a safe deposit box, vault, personal safe, or similar.

Having said that, the best method is to not store your keys or seed electronically at all - you are better off using paper wallets or hardware wallets with the seeds backed up on paper.


Apart from what o_e_l_e_o said, you may also consider using tools like Crypto Steel too if you are paranoid about your paper getting destroyed.

okala
Full Member
***
Offline Offline

Activity: 980
Merit: 114


View Profile
April 12, 2019, 09:01:49 PM
 #43

A private key should never be sent or shared online either via email or saved on clouds, drives etc. Consider it compromised and funds protected by it.
Instruct your students to invest in a hardware wallet if they are serious about crypto currencies since the private keys in hardware wallets never leave the safety of the device.
The ops is not saying that the private keys are shared online, there are ways you keep documents in your email for future use such as saving them in the draft folders. I have always save my private keys in my email drafts because I have strong security on my email such as the authentication of code before logging in and that is done using either my phone number or google authentication app.
o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18497


View Profile
April 13, 2019, 07:33:36 AM
 #44

The ops is not saying that the private keys are shared online, there are ways you keep documents in your email for future use such as saving them in the draft folders. I have always save my private keys in my email drafts because I have strong security on my email such as the authentication of code before logging in and that is done using either my phone number or google authentication app.
And where do you think the drafts are stored, if not online? Everything in your email (inbox, outbox, trash, drafts, etc) is copied to an unknown number of servers across the world. How do you know all of them are secure? How do you know all the employees are trustworthy? Just because your account itself wasn't broken in to, doesn't mean that all the data inside it can't be accessed by other means.

Additionally, although 2FA is obviously a good idea to have on all your accounts, having 2FA doesn't make your account immune to being hacked by any means.

Storing private keys online, especially in plain text format, and then double especially telling people on a public forum that you do that, is terrible security.
GreatArkansas
Legendary
*
Offline Offline

Activity: 2268
Merit: 1344


Buy/Sell crypto at BestChange


View Profile WWW
April 13, 2019, 04:20:51 PM
 #45

I want to ask  if it is safe to store private keys in secured .zip or .rar with password and stored it from email or any other online filehosting? Please explain also how it is risky or it is safe.

.BEST..CHANGE.███████████████
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
███████████████
..BUY/ SELL CRYPTO..
o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18497


View Profile
April 13, 2019, 08:13:00 PM
Merited by GreatArkansas (1)
 #46

I want to ask  if it is safe to store private keys in secured .zip or .rar with password and stored it from email or any other online filehosting? Please explain also how it is risky or it is safe.
Could be very risky or could be relatively safe depending on a number of factors.

Some older zip or rar archivers just slap a very easily broken password on an archive. Most up-to-date archivers will encrypt the file with AES. If you have the private key in plain text on a malware infected computer, use an old archiver which doesn't encrypt and/or use a weak password, and then upload it do an easily hacked server, the chance of you losing all your coins rapidly approaches 100%. On the other hand, if you were to encrypt it using a proper encryption program like Veracrypt, with a very strong password, on an airgapped computer, transfer it to an internet enabled device and upload it to an encrypted file server, the risk is much lower.

If you don't really know what you are doing, you are much better just writing your seed down and storing it in a physically secure location.
boyptc
Hero Member
*****
Online Online

Activity: 2954
Merit: 659


★Bitvest.io★ Play Plinko or Invest!


View Profile
April 15, 2019, 08:01:09 PM
 #47

you must be careful  to access your wallet with  private key, because if you login in phishing website you may lost your wallet data also. hackers can easily access your data so its better to remember your private key.
Even not inputting your private keys to a phishing link.

Simply leaving your private key to a cloud storage or email gives you a total risk whenever the email provider gets hacked or your email has been reached and accessed by a hacker.

I want to ask  if it is safe to store private keys in secured .zip or .rar with password and stored it from email or any other online filehosting? Please explain also how it is risky or it is safe.
Better to write it down manually.



.
.BIG WINNER!.
[15.00000000 BTC]


▄████████████████████▄
██████████████████████
██████████▀▀██████████
█████████░░░░█████████
██████████▄▄██████████
███████▀▀████▀▀███████
██████░░░░██░░░░██████
███████▄▄████▄▄███████
████▀▀████▀▀████▀▀████
███░░░░██░░░░██░░░░███
████▄▄████▄▄████▄▄████
██████████████████████

▀████████████████████▀
▄████████████████████▄
██████████████████████
█████▀▀█▀▀▀▀▀▀██▀▀████
█████░░░░░░░░░░░░░████
█████░░░░░░░░░░░░▄████
█████░░▄███▄░░░░██████
█████▄▄███▀░░░░▄██████
█████████░░░░░░███████
████████░░░░░░░███████
███████░░░░░░░░███████
███████▄▄▄▄▄▄▄▄███████

██████████████████████
▀████████████████████▀
▄████████████████████▄
███████████████▀▀▀▀▀▀▀
███████████▀▀▄▄█░░░░░█
█████████▀░░█████░░░░█
███████▀░░░░░████▀░░░▀
██████░░░░░░░░▀▄▄█████
█████░▄░░░░░▄██████▀▀█
████░████▄░███████░░░░
███░█████░█████████░░█
███░░░▀█░██████████░░█
███░░░░░░████▀▀██▀░░░░
███░░░░░░███░░░░░░░░░░

██░▄▄▄▄░████▄▄██▄░░░░
████████████▀▀▀▀▀▀▀██
█████████████░█▀▀▀█░███
██████████▀▀░█▀░░░▀█░▀▀
███████▀░▄▄█░█░░░░░█░█▄
████▀░▄▄████░▀█░░░█▀░██
███░▄████▀▀░▄░▀█░█▀░▄░▀
█▀░███▀▀▀░░███░▀█▀░███░
▀░███▀░░░░░████▄░▄████░
░███▀░░░░░░░█████████░░
░███░░░░░░░░░███████░░░
███▀░██░░░░░░▀░▄▄▄░▀░░░
███░██████▄▄░▄█████▄░▄▄

██░████████░███████░█
▄████████████████████▄
████████▀▀░░░▀▀███████
███▀▀░░░░░▄▄▄░░░░▀▀▀██
██░▀▀▄▄░░░▀▀▀░░░▄▄▀▀██
██░▄▄░░▀▀▄▄░▄▄▀▀░░░░██
██░▀▀░░░░░░█░░░░░██░██
██░░░▄▄░░░░█░██░░░░░██
██░░░▀▀░░░░█░░░░░░░░██
██░░░░░▄▄░░█░░░░░██░██
██▄░░░░▀▀░░█░██░░░░░██
█████▄▄░░░░█░░░░▄▄████
█████████▄▄█▄▄████████

▀████████████████████▀




Rainbot
Daily Quests
Faucet
arpon11
Sr. Member
****
Offline Offline

Activity: 882
Merit: 282



View Profile
April 16, 2019, 05:56:20 PM
 #48

Well I would not have made this post not until this week I have a cryptocurrency community on social media(telegram) we doing my own bit to enlighten and empower those I can.
We tell them about cryptocurrency wallet and how they go about it well I made it clear to them never to screenshot there private keys but rather write it down and put it away in a place safe.

But it's has occurred more times where private keys where written, sent and saved on some of my students emails...

Well this has huge consequences. I would want to reach out to the noobs never improvise instructions are instructions when creating a wallet you are told to write your private keys down(not on email or on your device).
Your email can not key your private key safe it's still could be hacked and the information collected.

 It's basic instructions and rules when over looked causes damages.
Though it has not happened to me before but I am very careful with my private keys and password.  I have an online wallet that I have used for more than three years now and I keep the private keys offline but still afraid of friends that may lay their hands on it and withdraw my funds or coins from my wallet.  I think we are at a time that we should follow op advice and recommendations since email is no longer safe to store our private keys.  I have enabled 2 factors authentication on all my account because of hackers activities and since there is no safe system I also pray that God should keep the eyes of evil people from anywhare I store my coins.
Kasabus
Hero Member
*****
Offline Offline

Activity: 2814
Merit: 576


View Profile
April 18, 2019, 06:14:17 AM
 #49

I made this stupid idea in the past when I was still a newbie, I thought it's easier to access if I save it in email and I can access it anytime as long as there is an interne, but I realize it was a bad idea, and luckily no one were able to hack my private key with a thousand of dollars inside of the wallet.

We learn as we stay in crypto, but thanks to OP as this is necessary for newbie to know.

████████████████████████
.
.SPORTS..
███████▄███▄▄
█████████▀▀████▄▄
▄███▄▄███████▀▀████▄▄
███▀█████▄███████▀▀███▄
████████████▄▄█████████
█████████░▀▀████▄▄████▀
████████████████████
█████████░▄▄████▀▀████▄
████████████▀▀█████████
███▄█████▀███████▄▄███▀
▀███▀▀███████▄▄████▀
█████████▄▄████▀▀
███████▀███▀▀
.
.bets.io.
████████████████████████
.
..CASINO..
carlisle1
Hero Member
*****
Offline Offline

Activity: 2744
Merit: 541

Campaign Management?"Hhampuz" is the Man


View Profile
April 18, 2019, 02:22:45 PM
 #50

Totally agreed on this because saving private keys on our email is just like giving al our crypto to the hackers as they are very good on this ,but seriously never do such action if you wanna keep safe our crypto assets
Those people that say don't store it online even if you encrypt it, then what happens if something happens to your computer or usb physically?  Say a theft or fire?  Where is your backup then?  That is why i thought online backup has to be a must because if that happens, you can access dropbox or gmail and the file is there.
Well thats why i always believed about having physical copy of each so whenever theres a moments like this then we can have another sets of back ups
dvmmayowa
Jr. Member
*
Offline Offline

Activity: 122
Merit: 1


View Profile
January 07, 2020, 11:04:29 PM
 #51

Well I would not have made this post not until this week I have a cryptocurrency community on social media(telegram) we doing my own bit to enlighten and empower those I can.
We tell them about cryptocurrency wallet and how they go about it well I made it clear to them never to screenshot there private keys but rather write it down and put it away in a place safe.

But it's has occurred more times where private keys where written, sent and saved on some of my students emails...

Well this has huge consequences. I would want to reach out to the noobs never improvise instructions are instructions when creating a wallet you are told to write your private keys down(not on email or on your device).
Your email can not key your private key safe it's still could be hacked and the information collected.

 It's basic instructions and rules when over looked causes damages.
I keep on saying this same thing to a friend of mine couple of years back but he feels comfortable saving them on his emails, just last year november, his entire wallet was wiped off into multiple wallets, till now he has no idea of how the scammer got access to his wallets, so tragedic.
We need to be extra careful not to become victim of wallet hacks, cyber criminals dont sleep, they're always on the watch.
seoincorporation
Legendary
*
Offline Offline

Activity: 3108
Merit: 2855


Top Crypto Casino


View Profile
January 08, 2020, 04:58:45 AM
 #52

...
I keep on saying this same thing to a friend of mine couple of years back but he feels comfortable saving them on his emails, just last year november, his entire wallet was wiped off into multiple wallets, till now he has no idea of how the scammer got access to his wallets, so tragedic.
We need to be extra careful not to become victim of wallet hacks, cyber criminals dont sleep, they're always on the watch.

Maybe if your friend put those keys inside a ZIP with a password, it could be a 'secure' way to hold them in the mail. But you are right, save the private keys in the mail is a really insecure way to manage that sensitive information.

█████████████████████████
████▐██▄█████████████████
████▐██████▄▄▄███████████
████▐████▄█████▄▄████████
████▐█████▀▀▀▀▀███▄██████
████▐███▀████████████████
████▐█████████▄█████▌████
████▐██▌█████▀██████▌████
████▐██████████▀████▌████
█████▀███▄█████▄███▀█████
███████▀█████████▀███████
██████████▀███▀██████████
█████████████████████████
.
BC.GAME
▄▄░░░▄▀▀▄████████
▄▄▄
██████████████
█████░░▄▄▄▄████████
▄▄▄▄▄▄▄▄▄██▄██████▄▄▄▄████
▄███▄█▄▄██████████▄████▄████
███████████████████████████▀███
▀████▄██▄██▄░░░░▄████████████
▀▀▀█████▄▄▄███████████▀██
███████████████████▀██
███████████████████▄██
▄███████████████████▄██
█████████████████████▀██
██████████████████████▄
.
..CASINO....SPORTS....RACING..
█░░░░░░█░░░░░░█
▀███▀░░▀███▀░░▀███▀
▀░▀░░░░▀░▀░░░░▀░▀
░░░░░░░░░░░░
▀██████████
░░░░░███░░░░
░░█░░░███▄█░░░
░░██▌░░███░▀░░██▌
░█░██░░███░░░█░██
░█▀▀▀█▌░███░░█▀▀▀█▌
▄█▄░░░██▄███▄█▄░░▄██▄
▄███▄
░░░░▀██▄▀


▄▄████▄▄
▄███▀▀███▄
██████████
▀███▄░▄██▀
▄▄████▄▄░▀█▀▄██▀▄▄████▄▄
▄███▀▀▀████▄▄██▀▄███▀▀███▄
███████▄▄▀▀████▄▄▀▀███████
▀███▄▄███▀░░░▀▀████▄▄▄███▀
▀▀████▀▀████████▀▀████▀▀
Magkirap
Sr. Member
****
Offline Offline

Activity: 896
Merit: 267


★Bitvest.io★ Play Plinko or Invest!


View Profile
January 08, 2020, 06:35:39 AM
 #53

...
I keep on saying this same thing to a friend of mine couple of years back but he feels comfortable saving them on his emails, just last year november, his entire wallet was wiped off into multiple wallets, till now he has no idea of how the scammer got access to his wallets, so tragedic.
We need to be extra careful not to become victim of wallet hacks, cyber criminals dont sleep, they're always on the watch.

Maybe if your friend put those keys inside a ZIP with a password, it could be a 'secure' way to hold them in the mail. But you are right, save the private keys in the mail is a really insecure way to manage that sensitive information.
Even if you stored it with a password hackers will still be able to get that file and then they will open it, yes it has password but you don't know what a experienced hacker can do so to be safe do not put something that can help open your wallets in your emails because once they get in your emails your so done and also if you are really wanting to be safe then use different emails, do mot use a single one because that will make hacker's job much easier because its like a one stop hack and then he can get anything from you, internet is a very dangerous place, we are not private in their so be careful and wise on your actions.



BIG WINNER!
[15.00000000 BTC]


▄████████████████████▄
██████████████████████
██████████▀▀██████████
█████████░░░░█████████
██████████▄▄██████████
███████▀▀████▀▀███████
██████░░░░██░░░░██████
███████▄▄████▄▄███████
████▀▀████▀▀████▀▀████
███░░░░██░░░░██░░░░███
████▄▄████▄▄████▄▄████
██████████████████████
▀████████████████████▀
▄████████████████████▄
██████████████████████
█████▀▀█▀▀▀▀▀▀██▀▀████
█████░░░░░░░░░░░░░▄███
█████░░░░░░░░░░░░▄████
█████░░▄███▄░░░░██████
█████▄▄███▀░░░░▄██████
█████████░░░░░░███████
████████░░░░░░░███████
███████░░░░░░░░███████
███████▄▄▄▄▄▄▄▄███████
██████████████████████
▀████████████████████▀
▄████████████████████▄
███████████████▀▀▀▀▀▀▀
███████████▀▀▄▄█░░░░░█
█████████▀░░█████░░░░█
███████▀░░░░░████▀░░░▀
██████░░░░░░░░▀▄▄█████
█████░▄░░░░░▄██████▀▀█
████░████▄░███████░░░░
███░█████░█████████░░█
███░░░▀█░██████████░░█
███░░░░░░████▀▀██▀░░░░
███░░░░░░███░░░░░░░░░░
▀██░▄▄▄▄░████▄▄██▄░░░░
▄████████████▀▀▀▀▀▀▀██▄
█████████████░█▀▀▀█░███
██████████▀▀░█▀░░░▀█░▀▀
███████▀░▄▄█░█░░░░░█░█▄
████▀░▄▄████░▀█░░░█▀░██
███░▄████▀▀░▄░▀█░█▀░▄░▀
█▀░███▀▀▀░░███░▀█▀░███░
▀░███▀░░░░░████▄░▄████░
░███▀░░░░░░░█████████░░
░███░░░░░░░░░███████░░░
███▀░██░░░░░░▀░▄▄▄░▀░░░
███░██████▄▄░▄█████▄░▄▄
▀██░████████░███████░█▀
▄████████████████████▄
████████▀▀░░░▀▀███████
███▀▀░░░░░▄▄▄░░░░▀▀▀██
██░▀▀▄▄░░░▀▀▀░░░▄▄▀▀██
██░▄▄░░▀▀▄▄░▄▄▀▀░░░░██
██░▀▀░░░░░░█░░░░░██░██
██░░░▄▄░░░░█░██░░░░░██
██░░░▀▀░░░░█░░░░░░░░██
██░░░░░▄▄░░█░░░░░██░██
██▄░░░░▀▀░░█░██░░░░░██
█████▄▄░░░░█░░░░▄▄████
█████████▄▄█▄▄████████
▀████████████████████▀




Rainbot
Daily Quests
Faucet
o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18497


View Profile
January 08, 2020, 11:24:11 AM
Merited by pooya87 (1)
 #54

Maybe if your friend put those keys inside a ZIP with a password, it could be a 'secure' way to hold them in the mail.
I still wouldn't recommend it.

There is a lot of heterogeneity in how secure archiving software is, and how securely it protects files when you apply a password to an archive. Even if it using a strong encryption algorithm, then it is only as safe as the password you set. If an attacker is able to access and download the file, then they can run a brute force attack limited only by their own hardware, meaning they can check millions of passwords a second. If you have thought up your own password, then it is likely to be broken quickly, and only long, random, computer-generated passwords are likely to be safe.

Given that storing your seed online is widely considered a terrible idea, the people who are likely to do so are therefore those with low knowledge of good security practices, and so are very unlikely to be able to securely encrypt the data with a strong password.

Better to just stick to the usual advice of writing down your seed phrase on paper.
sovie
Sr. Member
****
Offline Offline

Activity: 1274
Merit: 265



View Profile
January 08, 2020, 03:38:16 PM
 #55

Private key is what hold your bitcoins. Once its compromised or hacked you can have huge lose for that. Never store them electronically rather store them offline on paper. Most of us dont do that such to make our work easy. You only know worth of these keys once you lost them.

███████████████████████████
██████████▀▀▄▄▄▄▄ ▄▀▀██████
█████████▄██████ ████ ▀████
██████▀▀ ▄▄▄▄ ▀▀███▀▄██ ███
████▀   ██████   ▀██████ ██
███ ▄▄▄████████▄▄▄ ██▄▄▄ ██
██ █████▀    ▀█████ ████ ██
██  ▀██        ███▀ ███ ███
██   ▄██▄    ▄██▄   █▀▄████
███ ▄████████████▄ ████████
████▄▀███▀▀▀▀███▀▄█████████
██████▄▄      ▄▄███████████
███████████████████████████
█▀▀▀











█▄▄▄
.
7 BTC  WELCOME BONUS!
▀▀▀█











▄▄▄█
████
██
██
██
██
██
██
██
██
██
██
██
████
█████████████████████████████████████████████████████████████████████████████████


████████████████████████▄▄▄█████▄▄▄██████████████████████████████████████████████
████▄█████▄█▄███▄█▄██████████▄██▀▀▀██████████████████████████████████████████████
████████▀████▄████▀██████████████████████████▄█████▄██▄█████▄████▄████▄████▄██
███████████▐█████▌███████████▄█████▀███▀▀████████▀▀▀▀█████▀▀▀██████▀▀███▀▀█████
████████▄████▀████▄██████████████████▄▄▄▄▄███▄▄▄▄█████▄▄▄██████████████████
██████████▀█▀███▀█▀██████████▀███████▀█████████▀█████▀██▀█████▀█████████████████
████████████████████████▀▀▀██████████████████████████████████████████████████████



█████████████████████████████████████████████████████████████████████████████████
████
██
██
██
██
██
██
██
██
██
██
██
████
█▀▀▀











█▄▄▄
.
30+  ALTCOINS AVAILABLE
▀▀▀█











▄▄▄█
███████████████████████████
████████▀▀  ▐█▌  ▀▀████████
██████▄     ▐█▌     ▄██████
████ ▀██▄▄███████▄▄██▀ ████
███    ██▀▀  ▄  ▀▀██    ███
██    ██   ▄███▄   ██    ██
████████  ███████  ████████
██    ██  ▀▀ █ ▀▀  ██    ██
███    ██▄▄ ▀▀▀ ▄▄██    ███
████ ▄██▀▀██████▀▀▀██▄ ████
██████▀     ▐█▌     ▀██████
████████▄▄  ▐█▌  ▄▄████████
███████████████████████████
tsaroz
Legendary
*
Offline Offline

Activity: 2898
Merit: 1068


★Bitvest.io★ Play Plinko or Invest!


View Profile WWW
January 08, 2020, 04:12:34 PM
 #56

Well I would not have made this post not until this week I have a cryptocurrency community on social media(telegram) we doing my own bit to enlighten and empower those I can.
We tell them about cryptocurrency wallet and how they go about it well I made it clear to them never to screenshot there private keys but rather write it down and put it away in a place safe.

But it's has occurred more times where private keys where written, sent and saved on some of my students emails...

Well this has huge consequences. I would want to reach out to the noobs never improvise instructions are instructions when creating a wallet you are told to write your private keys down(not on email or on your device).
Your email can not key your private key safe it's still could be hacked and the information collected.

 It's basic instructions and rules when over looked causes damages.

I Know I shouldn't. But my online life and lifestyle is totally depended on google and it's ecosystem. Every of my device syncs through my google account and in one way or other, my key details and even the private keys, passwords and 2FA secret codes are stored online. I can't just stay in a place or use a single device, there's no other option than living in a cloud. I don't prefer mobile OTP verification as I don't trust my government.



.
.BIG WINNER!.
[15.00000000 BTC]


▄████████████████████▄
██████████████████████
██████████▀▀██████████
█████████░░░░█████████
██████████▄▄██████████
███████▀▀████▀▀███████
██████░░░░██░░░░██████
███████▄▄████▄▄███████
████▀▀████▀▀████▀▀████
███░░░░██░░░░██░░░░███
████▄▄████▄▄████▄▄████
██████████████████████

▀████████████████████▀
▄████████████████████▄
██████████████████████
█████▀▀█▀▀▀▀▀▀██▀▀████
█████░░░░░░░░░░░░░████
█████░░░░░░░░░░░░▄████
█████░░▄███▄░░░░██████
█████▄▄███▀░░░░▄██████
█████████░░░░░░███████
████████░░░░░░░███████
███████░░░░░░░░███████
███████▄▄▄▄▄▄▄▄███████

██████████████████████
▀████████████████████▀
▄████████████████████▄
███████████████▀▀▀▀▀▀▀
███████████▀▀▄▄█░░░░░█
█████████▀░░█████░░░░█
███████▀░░░░░████▀░░░▀
██████░░░░░░░░▀▄▄█████
█████░▄░░░░░▄██████▀▀█
████░████▄░███████░░░░
███░█████░█████████░░█
███░░░▀█░██████████░░█
███░░░░░░████▀▀██▀░░░░
███░░░░░░███░░░░░░░░░░

██░▄▄▄▄░████▄▄██▄░░░░
████████████▀▀▀▀▀▀▀██
█████████████░█▀▀▀█░███
██████████▀▀░█▀░░░▀█░▀▀
███████▀░▄▄█░█░░░░░█░█▄
████▀░▄▄████░▀█░░░█▀░██
███░▄████▀▀░▄░▀█░█▀░▄░▀
█▀░███▀▀▀░░███░▀█▀░███░
▀░███▀░░░░░████▄░▄████░
░███▀░░░░░░░█████████░░
░███░░░░░░░░░███████░░░
███▀░██░░░░░░▀░▄▄▄░▀░░░
███░██████▄▄░▄█████▄░▄▄

██░████████░███████░█
▄████████████████████▄
████████▀▀░░░▀▀███████
███▀▀░░░░░▄▄▄░░░░▀▀▀██
██░▀▀▄▄░░░▀▀▀░░░▄▄▀▀██
██░▄▄░░▀▀▄▄░▄▄▀▀░░░░██
██░▀▀░░░░░░█░░░░░██░██
██░░░▄▄░░░░█░██░░░░░██
██░░░▀▀░░░░█░░░░░░░░██
██░░░░░▄▄░░█░░░░░██░██
██▄░░░░▀▀░░█░██░░░░░██
█████▄▄░░░░█░░░░▄▄████
█████████▄▄█▄▄████████

▀████████████████████▀




Rainbot
Daily Quests
Faucet
guigui371
Legendary
*
Offline Offline

Activity: 2114
Merit: 1693

C.D.P.E.M


View Profile
January 09, 2020, 03:03:33 AM
 #57

I Know I shouldn't. But my online life and lifestyle is totally depended on google and it's ecosystem. Every of my device syncs through my google account and in one way or other, my key details and even the private keys, passwords and 2FA secret codes are stored online. I can't just stay in a place or use a single device, there's no other option than living in a cloud. I don't prefer mobile OTP verification as I don't trust my government.

Well I hope you  use Lastpass ? or any other type of password manager ?  And not just google drive.


Today, so many wallets are compatible with a ledger nano S / X that it is just careless not to have one.
And you can save the seed on a piece of paper, an engraved piece of metal or in your head.


it ain't much but it's honest work
noorman0
Hero Member
*****
Offline Offline

Activity: 1764
Merit: 693


[Nope]No hype delivers more than hope


View Profile WWW
January 09, 2020, 10:06:49 AM
 #58

How about hiding the PK into the hex of a photo?
Of course that we won't put PK as a whole in a photo. For example, we distribute a PK to 3 parts as follows:

PK: E9873D79C6D87DC0FB6A5778633389F4453213303DA61F20BD67FC233AA33262
source https://en.bitcoin.it/wiki/Private_key

We prepare 3 photos, for example in the 3 of a mosaic photo

E9873D79C6D87DC0FB6A577 : photo_02.jpg
8633389F4453213303DA61F  : photo_03.jpg
20BD67FC233AA33262         : photo_01.jpg

Then save the photos on 3 different (private) cloud storage sites that we usually use to save other photos before.
Audio files can also be a pretty safe place for PK hex, or insert into the audio lyrics. IMO

This space for rent.
Available in mid January 2024 - PM me
pooya87
Legendary
*
Offline Offline

Activity: 3402
Merit: 10433



View Profile
January 09, 2020, 10:50:03 AM
 #59

How about hiding the PK into the hex of a photo?
Of course that we won't put PK as a whole in a photo. For example, we distribute a PK to 3 parts as follows:

the real question that you should be asking yourself is why are you trying so hard to avoid using the real encryption methods that are designed by cryptography experts, have been tested already and are very strong (example: AES)?
and as long as you can't come up with a reasonable answer to this important question, you should stick to using real encryption methods and follow the security recommendations.

..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
Cimmy_revenger
Sr. Member
****
Offline Offline

Activity: 1106
Merit: 252


Dextrust.org #Defi


View Profile
January 11, 2020, 03:08:41 AM
 #60

it was my mistake 4 years ago when my email was hacked and hackers got what I saved in that email.
I lost my bitcoin because of that carelessness.
since then I still use the manual method to save by taking notes in a book.
this is the old-fashioned way but it's very safe for me.

Vision2020s
Newbie
*
Offline Offline

Activity: 15
Merit: 12


View Profile
January 11, 2020, 03:57:06 AM
 #61

it was my mistake 4 years ago when my email was hacked and hackers got what I saved in that email.
I lost my bitcoin because of that carelessness.
since then I still use the manual method to save by taking notes in a book.
this is the old-fashioned way but it's very safe for me.

And that's the most recommendable way to store your sensitive information but still we have countless amount if Investors storing their information online like email, cloud etc.

The information is out there, anyone doing exactly what they're advice not to do are only doing themselves harm because they'll be the ones to bare the consequences if their emails gets hacked and the sensitive information falls into the hands of hackers. They're just acting out of ignorance. They don't value the coins they have cause if they did, they would had safeguard it like it's a national treasure.
akirasendo17
Sr. Member
****
Offline Offline

Activity: 1106
Merit: 310



View Profile
January 12, 2020, 08:41:24 AM
 #62

Putting your keys in your email address is a very risky move indeed, simply because of your email got hack, even if you have backup in your local with the keys, still they can't open your wallet, before you even know it, i suggest here is the way to secure your wallet keys even online check the link
https://bitcoin.org/en/secure-your-wallet#online

        ▄▀▀▀▀▀▀   ▄▄
    ▄  ▄▄▀▀▀▀▀▀▀▀▀▄▄▀▀▄
  ▄▀▄▀▀             ▀▀▄▀
 ▄▀▄▀         ▄       ▀▄
  ▄▀         ███       ▀▄▀▄
▄ █   ▀████▄▄███▄       █ █
█ █     ▀▀▀███████▄▄▄▄  █ █
█ █       ██████████▀   █ ▀
▀▄▀▄       ▀▀█████▀    ▄▀
   ▀▄        ▐██▄     ▄▀▄▀
  ▀▄▀▄▄       ███▄  ▄▄▀▄▀
    ▀▄▄▀▀▄▄▄▄▄████▀▀ ▄▀
       ▀   ▄▄▄▄▄▄▄
        █▄
  ▀▀█▀█▄▄█ ▄ ▄▄▄
   ▄▄▄▄▄████▄▄
 ▄▀▀ ▀▄██▄▀▀▀█▄
    ▄████▌▀█▄  ▀
    ▀▀
█▌  █
     ▄  ▀

    ▄
    █
    ▄▄▄▄▄█▀▀██
   ████████████▄█████
 ▄███████████▄████████████▄
 █████████████▄█████▄███████▄
█████████████████████████████
P L A Y   S L O T S   o n     
CRYPTO'S FASTEST
GROWING CASINO
★ ‎
‎ ★
▄▄███████▄▄
▄█████▀█▀█████▄
████▀▀▀ ▀ ▀▀█████
███████  ██  ▐█████
███████      ▀█████
███████  ███  █████
████▄▄▄   ▄▄▄████
▀█████▄█▄█████▀
▀▀███████▀▀

▄▄▄▄▄▄▄
▀▀███████▀▀
▄▄███████▄▄
▄██████▀██████▄
███████▀ ▀███████
███████     ███████
██████▄     ▄██████
██████▄▀▄▄▄▀▄██████
██████▄   ▄██████
▀██████▄██████▀
▀▀███████▀▀

▄▄▄▄▄▄▄
▀▀███████▀▀
▄▄███████▄▄
▄█████████████▄
███████▌ ▐███████
████████  █████████
█████▀▀   ▄▄███████
███████  ██████████
█████▌      ▄████
▀█████████████▀
▀▀███████▀▀

▄▄▄▄▄▄▄
▀▀███████▀▀

‎ ★
      ▄▄██▄█▄        ▄██████▄
   ▀██████████▄     ██████████
      ▄▄▄▄▄     ▐██████████▌
   ▄███████████▄   ██████████
  ████████████████▄  ▀███▀▀▄██▄
     ▀▀█████████████  ▀██████████▄
          █▀▀▀▀▀▀▀▀▀
         ▐▌
         █
        ▐▌
        █       ▄▄▄▄▄▄
   ▄▄▄▄██████████████████▄▄▄
▄█████████████████████████████▄▄▄▄
█▀▀▀▀▀▀▀











█▄▄▄▄▄▄▄
.
PLAY NOW
▀▀▀▀▀▀▀█











▄▄▄▄▄▄▄█
noormcs5
Hero Member
*****
Offline Offline

Activity: 2590
Merit: 613


Leading Crypto Sports Betting & Casino Platform


View Profile
January 12, 2020, 02:43:32 PM
 #63

Putting your keys in your email address is a very risky move indeed, simply because of your email got hack, even if you have backup in your local with the keys, still they can't open your wallet, before you even know it, i suggest here is the way to secure your wallet keys even online check the link
https://bitcoin.org/en/secure-your-wallet#online

Most of us do this mistake, since we are in a hurry we just email the private key to our email or more worse take a picture of it from our mobile as we thinking it is time talking to write it down on a piece of paper. Saving these 5 minutes can cost you a lot of financial damage. Everyone should strictly follow this and never email or take snapshot of the private key.

..Stake.com..   ▄████████████████████████████████████▄
   ██ ▄▄▄▄▄▄▄▄▄▄            ▄▄▄▄▄▄▄▄▄▄ ██  ▄████▄
   ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██  ██████
   ██ ██████████ ██      ██ ██████████ ██   ▀██▀
   ██ ██      ██ ██████  ██ ██      ██ ██    ██
   ██ ██████  ██ █████  ███ ██████  ██ ████▄ ██
   ██ █████  ███ ████  ████ █████  ███ ████████
   ██ ████  ████ ██████████ ████  ████ ████▀
   ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
   ██            ▀▀▀▀▀▀▀▀▀▀            ██ 
   ▀█████████▀ ▄████████████▄ ▀█████████▀
  ▄▄▄▄▄▄▄▄▄▄▄▄███  ██  ██  ███▄▄▄▄▄▄▄▄▄▄▄▄
 ██████████████████████████████████████████
▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█  ▄▀▄             █▀▀█▀▄▄
█  █▀█             █  ▐  ▐▌
█       ▄██▄       █  ▌  █
█     ▄██████▄     █  ▌ ▐▌
█    ██████████    █ ▐  █
█   ▐██████████▌   █ ▐ ▐▌
█    ▀▀██████▀▀    █ ▌ █
█     ▄▄▄██▄▄▄     █ ▌▐▌
█                  █▐ █
█                  █▐▐▌
█                  █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█
▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀       ▐█▌       ▀█▄
██         ▐█▌         ██
████▄     ▄█████▄     ▄████
████████▄███████████▄████████
███▀    █████████████    ▀███
██       ███████████       ██
▀█▄       █████████       ▄█▀
▀█▄    ▄██▀▀▀▀▀▀▀██▄  ▄▄▄█▀
▀███████         ███████▀
▀█████▄       ▄█████▀
▀▀▀███▄▄▄███▀▀▀
..PLAY NOW..
libert19
Hero Member
*****
Offline Offline

Activity: 2450
Merit: 930



View Profile WWW
January 13, 2020, 05:10:48 AM
 #64

When I created my first wallet (on blockchain wallet), I had private key saved on my email, stupid I know, but when you are new you don't know any better. And more often than not, you learn after that mistake costs.

███████████████████████████
███████▄████████████▄██████
████████▄████████▄████████
███▀█████▀▄███▄▀█████▀███
█████▀█▀▄██▀▀▀██▄▀█▀█████
███████▄███████████▄███████
███████████████████████████
███████▀███████████▀███████
████▄██▄▀██▄▄▄██▀▄██▄████
████▄████▄▀███▀▄████▄████
██▄███▀▀█▀██████▀█▀███▄███
██▀█▀████████████████▀█▀███
███████████████████████████
.
.Duelbits.
..........UNLEASH..........
THE ULTIMATE
GAMING EXPERIENCE
DUELBITS
FANTASY
SPORTS
████▄▄█████▄▄
░▄████
███████████▄
▐███
███████████████▄
███
████████████████
███
████████████████▌
███
██████████████████
████████████████▀▀▀
███████████████▌
███████████████▌
████████████████
████████████████
████████████████
████▀▀███████▀▀
.
▬▬
VS
▬▬
████▄▄▄█████▄▄▄
░▄████████████████▄
▐██████████████████▄
████████████████████
████████████████████▌
█████████████████████
███████████████████
███████████████▌
███████████████▌
████████████████
████████████████
████████████████
████▀▀███████▀▀
/// PLAY FOR  FREE  ///
WIN FOR REAL
..PLAY NOW..
dvmmayowa
Jr. Member
*
Offline Offline

Activity: 122
Merit: 1


View Profile
January 20, 2020, 08:22:33 PM
 #65

Putting your keys in your email address is a very risky move indeed, simply because of your email got hack, even if you have backup in your local with the keys, still they can't open your wallet, before you even know it, i suggest here is the way to secure your wallet keys even online check the link
https://bitcoin.org/en/secure-your-wallet#online
This is more common with newbies, they find it difficult or stressful saving their keys offline, forgetting that prevention is better than cure.
Personally i have my pks printed on papers and stored safely, its the best way so far and its working for me.
jerry0
Full Member
***
Offline Offline

Activity: 1736
Merit: 186


View Profile
February 15, 2020, 07:55:12 PM
 #66

What about using encryption problem like axcrypt?  Wouldn't that be good enough though like if you want to open the email document, you need to put in the axcrypt password?  Or is that still not good enough?
pooya87
Legendary
*
Offline Offline

Activity: 3402
Merit: 10433



View Profile
February 16, 2020, 05:13:39 AM
Merited by vapourminer (1), o_e_l_e_o (1)
 #67

What about using encryption problem like axcrypt?  Wouldn't that be good enough though like if you want to open the email document, you need to put in the axcrypt password?  Or is that still not good enough?

i am not familiar with AxCrypt but google tells me that it is an open-source encryption software in which case it can be a good option for encrypting as long as you choose a very strong password (long, random and have mixed case and symbols) for your encryption and use a very strong encryption technique such as AES.

but remember that whenever you store your secrets in the cloud (whether it is a cloud server or email or anything like it) your secrets could potentially be accessed by hackers and who knows maybe they could some day break the encryption you used too. but storing them offline (like printed on paper) will always remain safer even if the encryption technique was broken someday.

..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
virasog
Legendary
*
Offline Offline

Activity: 2940
Merit: 1159



View Profile
February 16, 2020, 05:48:43 AM
 #68

it was my mistake 4 years ago when my email was hacked and hackers got what I saved in that email.
I lost my bitcoin because of that carelessness.
since then I still use the manual method to save by taking notes in a book.
this is the old-fashioned way but it's very safe for me.

And that's the most recommendable way to store your sensitive information but still we have countless amount if Investors storing their information online like email, cloud etc.

The information is out there, anyone doing exactly what they're advice not to do are only doing themselves harm because they'll be the ones to bare the consequences if their emails gets hacked and the sensitive information falls into the hands of hackers. They're just acting out of ignorance. They don't value the coins they have cause if they did, they would had safeguard it like it's a national treasure.

First of all, the private key should not be stored on the cloud or any email service. But even if you think of doing so, you should first secure your email with strong password and 2fa. Also you should keep your email and 2fa devices as secure as you will like to keep your exchange accounts secure.

.
.DuelbitsSPORTS.
▄▄▄███████▄▄▄
▄▄█████████████████▄▄
▄██████████████████████▄
██████████████████████████
███████████████████████████
██████████████████████████████
██████████████████████████████
█████████████████████████████
███████████████████████████
█████████████████████████
▀████████████████████████
▀▀███████████████████
██████████████████████████████
██
██
██
██

██
██
██
██

██
██
██
████████▄▄▄▄██▄▄▄██
███▄█▀▄▄▀███▄█████
█████████████▀▀▀██
██▀ ▀██████████████████
███▄███████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
▀█████████████████████▀
▀▀███████████████▀▀
▀▀▀▀█▀▀▀▀
OFFICIAL EUROPEAN
BETTING PARTNER OF
ASTON VILLA FC
██
██
██
██

██
██
██
██

██
██
██
10%   CASHBACK   
          100%   MULTICHARGER   
Little Mouse
Legendary
*
Offline Offline

Activity: 2002
Merit: 1957


Marketing Campaign Manager |Telegram ID- @LT_Mouse


View Profile WWW
February 16, 2020, 06:19:43 AM
 #69

First of all, the private key should not be stored on the cloud or any email service. But even if you think of doing so, you should first secure your email with strong password and 2fa. Also you should keep your email and 2fa devices as secure as you will like to keep your exchange accounts secure.
It must be never, how much security you want to be, it's not possible as long as you are storing your private key or seed key in the device which has an online connection. You will be compromised although that depends on your holding value.

██████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
██████████████████████
.SHUFFLE.COM..███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
█████████████████████
████████████████████
██████████████████████
████████████████████
██████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
██████████████████████
██████████████████████
██████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
.
...Next Generation Crypto Casino...
akopjpuge
Jr. Member
*
Offline Offline

Activity: 236
Merit: 4


View Profile
February 16, 2020, 06:27:28 AM
 #70

I always believe that a forgotten private key or wallet is still the best so far as a definition of unhackable wallet 😁.
Krislaw
Sr. Member
****
Offline Offline

Activity: 1204
Merit: 388


View Profile WWW
February 16, 2020, 08:18:49 AM
 #71

I always believe that a forgotten private key or wallet is still the best so far as a definition of unhackable wallet 😁.
Actually, that's the most unsafe wallet because you have no full control over it.
Imagine if an hack happens.
o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18497


View Profile
February 16, 2020, 08:51:16 AM
Merited by pooya87 (1)
 #72

-snip-
As an addendum to this, if you are planning to encrypt your seed/private key/wallet before uploading it to your email or cloud storage, you should do so on a clean, live OS on an airgapped machine. Much like creating a paper wallet, it doesn't matter how secure the final product is if it was created in an insecure way. Obviously you will need to have your seed or private key in plain text on your computer prior to encrypting it. If you have malware, keyloggers, screen captures, or something else malicious on the computer you are using, it could very well steal your details prior to them being encrypted. Encrypt it on a clean, airgapped machine, transfer to a live machine via clean removable media, and upload to the cloud.

However I also wouldn't recommend this. Offline backups are safer.

But even if you think of doing so, you should first secure your email with strong password and 2fa.
2FA on all your accounts is a good idea, but it should not be relied on. Depending on the type of 2FA you use, it is possible for an attacker to transfer or clone your 2FA method to a device they own, and it is also possible to disable it altogether.
Saint-loup
Legendary
*
Offline Offline

Activity: 2562
Merit: 2293



View Profile
February 17, 2020, 12:04:28 PM
 #73

First of all, the private key should not be stored on the cloud or any email service. But even if you think of doing so, you should first secure your email with strong password and 2fa. Also you should keep your email and 2fa devices as secure as you will like to keep your exchange accounts secure.
It must be never, how much security you want to be, it's not possible as long as you are storing your private key or seed key in the device which has an online connection. You will be compromised although that depends on your holding value.
But when you're not at home how do you use your seed if you haven't store it online?
Moreover people often complain about losing the sheet of paper where they've written their seed. And it can also be stolen by people accessing your home.

██
██
██
██
██
██
██
██
██
██
██
██
██
... LIVECASINO.io    Play Live Games with up to 20% cashback!...██
██
██
██
██
██
██
██
██
██
██
██
██
o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18497


View Profile
February 17, 2020, 12:37:54 PM
 #74

But when you're not at home how do you use your seed if you haven't store it online?
Why should you need to? You should only need your seed to recover access to a wallet you have otherwise lost. You don't need it day to day to use bitcoin. If I was going to be away from home for a significant period of time, I might take my seeds with me on an encrypted USB drive, but otherwise they stay firmly on paper only.

Moreover people often complain about losing the sheet of paper where they've written their seed. And it can also be stolen by people accessing your home.
Then back it up multiple times, or use a 3-of-5 (or similar) Shamir Secret Share. I'd also much rather that somebody needs to break in my to my house than needs to break in to my email account.
ScamViruS
Hero Member
*****
Offline Offline

Activity: 1708
Merit: 719


Top Crypto Casino


View Profile WWW
February 17, 2020, 01:07:12 PM
 #75

Putting your keys in your email address is a very risky move indeed, simply because of your email got hack, even if you have backup in your local with the keys, still they can't open your wallet, before you even know it, i suggest here is the way to secure your wallet keys even online check the link
https://bitcoin.org/en/secure-your-wallet#online

Most of us do this mistake, since we are in a hurry we just email the private key to our email or more worse take a picture of it from our mobile as we thinking it is time talking to write it down on a piece of paper. Saving these 5 minutes can cost you a lot of financial damage. Everyone should strictly follow this and never email or take snapshot of the private key.

Yes. I also saved it in my email. But I learned from being a hack victim. My email was hacked once and the hacker got my seed. As a result I lost some of my funds. So you should never save your seed in email. Someone else may get your seed because of your carelessness.

█████████████████████████
████▐██▄█████████████████
████▐██████▄▄▄███████████
████▐████▄█████▄▄████████
████▐█████▀▀▀▀▀███▄██████
████▐███▀████████████████
████▐█████████▄█████▌████
████▐██▌█████▀██████▌████
████▐██████████▀████▌████
█████▀███▄█████▄███▀█████
███████▀█████████▀███████
██████████▀███▀██████████
█████████████████████████
.
BC.GAME
▄▄░░░▄▀▀▄████████
▄▄▄
██████████████
█████░░▄▄▄▄████████
▄▄▄▄▄▄▄▄▄██▄██████▄▄▄▄████
▄███▄█▄▄██████████▄████▄████
███████████████████████████▀███
▀████▄██▄██▄░░░░▄████████████
▀▀▀█████▄▄▄███████████▀██
███████████████████▀██
███████████████████▄██
▄███████████████████▄██
█████████████████████▀██
██████████████████████▄
.
..CASINO....SPORTS....RACING..
█░░░░░░█░░░░░░█
▀███▀░░▀███▀░░▀███▀
▀░▀░░░░▀░▀░░░░▀░▀
░░░░░░░░░░░░
▀██████████
░░░░░███░░░░
░░█░░░███▄█░░░
░░██▌░░███░▀░░██▌
░█░██░░███░░░█░██
░█▀▀▀█▌░███░░█▀▀▀█▌
▄█▄░░░██▄███▄█▄░░▄██▄
▄███▄
░░░░▀██▄▀


▄▄████▄▄
▄███▀▀███▄
██████████
▀███▄░▄██▀
▄▄████▄▄░▀█▀▄██▀▄▄████▄▄
▄███▀▀▀████▄▄██▀▄███▀▀███▄
███████▄▄▀▀████▄▄▀▀███████
▀███▄▄███▀░░░▀▀████▄▄▄███▀
▀▀████▀▀████████▀▀████▀▀
Subbir
Full Member
***
Offline Offline

Activity: 784
Merit: 104


🎄 Allah is The Best Planner 🥀


View Profile
February 17, 2020, 02:35:38 PM
 #76

Putting your keys in your email address is a very risky move indeed, simply because of your email got hack, even if you have backup in your local with the keys, still they can't open your wallet, before you even know it, i suggest here is the way to secure your wallet keys even online check the link
https://bitcoin.org/en/secure-your-wallet#online
This is more common with newbies, they find it difficult or stressful saving their keys offline, forgetting that prevention is better than cure.
Personally i have my pks printed on papers and stored safely, its the best way so far and its working for me.

You are right that this is often more risky for beginners At first I didn't know anything about it i used to be putting my personal keys in an email and every one my information was hacked. But now i feel the USB flash is that the safest to stop. there's no fear of being hacked and no-one are going to be ready to log in to your ID easily.

vapourminer
Legendary
*
Offline Offline

Activity: 4284
Merit: 3472


what is this "brake pedal" you speak of?


View Profile
February 17, 2020, 04:23:54 PM
 #77

but remember that whenever you store your secrets in the cloud (whether it is a cloud server or email or anything like it) your secrets could potentially be accessed by hackers and who knows maybe they could some day break the encryption you used too. but storing them offline (like printed on paper) will always remain safer even if the encryption technique was broken someday.

this is my thought as well. once its in the cloud you have no control, and it WILL NOT be deleted everywhere, no matter what they say. so, sooner or later, that super dooper encryption wont be enough. out go your secrets.

this is why my backups are local (well near local i guess).
Saint-loup
Legendary
*
Offline Offline

Activity: 2562
Merit: 2293



View Profile
February 18, 2020, 08:22:50 PM
 #78

Putting your keys in your email address is a very risky move indeed, simply because of your email got hack, even if you have backup in your local with the keys, still they can't open your wallet, before you even know it, i suggest here is the way to secure your wallet keys even online check the link
https://bitcoin.org/en/secure-your-wallet#online

Most of us do this mistake, since we are in a hurry we just email the private key to our email or more worse take a picture of it from our mobile as we thinking it is time talking to write it down on a piece of paper. Saving these 5 minutes can cost you a lot of financial damage. Everyone should strictly follow this and never email or take snapshot of the private key.

Yes. I also saved it in my email. But I learned from being a hack victim. My email was hacked once and the hacker got my seed. As a result I lost some of my funds. So you should never save your seed in email. Someone else may get your seed because of your carelessness.
If you use a passphrase for your seed there are really few chances to be hacked. In reality I think they are fewer than losing your sheet of paper or being stolen by someone accessing your home.

██
██
██
██
██
██
██
██
██
██
██
██
██
... LIVECASINO.io    Play Live Games with up to 20% cashback!...██
██
██
██
██
██
██
██
██
██
██
██
██
vapourminer
Legendary
*
Offline Offline

Activity: 4284
Merit: 3472


what is this "brake pedal" you speak of?


View Profile
February 18, 2020, 08:59:47 PM
Merited by o_e_l_e_o (1)
 #79

If you use a passphrase for your seed there are really few chances to be hacked. In reality I think they are fewer than losing your sheet of paper or being stolen by someone accessing your home.

sure, IF your passphrase is something like 36 truly random characters. but even then if a seed is compromised  i would still create a new wallet (with a new seed) and move the coins over.

the passphrase will slow them down, perhaps for a long time, but would you leave your coin there knowing that? considering youll probably never know someone has accessed your email/seed till its too late?

i wouldnt.



Saint-loup
Legendary
*
Offline Offline

Activity: 2562
Merit: 2293



View Profile
February 18, 2020, 09:48:23 PM
Last edit: February 18, 2020, 11:39:31 PM by Saint-loup
Merited by vapourminer (1)
 #80

If you use a passphrase for your seed there are really few chances to be hacked. In reality I think they are fewer than losing your sheet of paper or being stolen by someone accessing your home.
sure, IF your passphrase is something like 36 truly random characters. but even then if a seed is compromised  i would still create a new wallet (with a new seed) and move the coins over.

the passphrase will slow them down, perhaps for a long time, but would you leave your coin there knowing that? considering youll probably never know someone has accessed your email/seed till its too late?

i wouldnt.
It depends on the amount you store in your seed but if it's not millions of $ it's very unlikely to happen.
The hackers will try to evaluate the amount of your funds first and they will compare it to the cost for them to try to break your passphrase... and it's huge!


██
██
██
██
██
██
██
██
██
██
██
██
██
... LIVECASINO.io    Play Live Games with up to 20% cashback!...██
██
██
██
██
██
██
██
██
██
██
██
██
vapourminer
Legendary
*
Offline Offline

Activity: 4284
Merit: 3472


what is this "brake pedal" you speak of?


View Profile
February 18, 2020, 10:54:56 PM
 #81

sure, IF your passphrase is something like 36 truly random characters. but even then if a seed is compromised  i would still create a new wallet (with a new seed) and move the coins over.

the passphrase will slow them down, perhaps for a long time, but would you leave your coin there knowing that? considering youll probably never know someone has accessed your email/seed till its too late?
It depends on the amount you store in your seed but if it's not millions of $ it's very unlikely to happen.
The hackers will check your funds in your seed first and they will compare to the cost for them to try to break your passphrase... and it's huge!



yes, today its computationally expensive, and as that chart points out its obviously less as time goes on. so long term largish amounts i would not want in any electronic form.

physical security of a printed/engraved/whatever seed is safer and easier for some, not so much for others. depends on your technical levels, the amounts, convenience, redundancy needed etc.

as long as people know how to calculate the risks they can choose what works best.

o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18497


View Profile
February 19, 2020, 09:38:51 AM
Merited by vapourminer (1), DdmrDdmr (1)
 #82

The hackers will try to evaluate the amount of your funds first and they will compare it to the cost for them to try to break your passphrase... and it's huge!
The majority of users don't use a passphrase, and of those who do, the majority likely use something that is easy to remember that they have come up with themslves, meaning it is neither long nor random.

Studies show that the average password has only 40.5 bits of entropy. The 6 lines on the table you've shared correspond to roughly 51, 54, 57, 61, 64 and 67 bits of entropy respectively. It's not clear how they have calculated their "attack costs", but since we can see that for each increment of 3 bits of entropy results in a 10 fold increase in attack cost, we can work backwards and see that a 40.5 bit entropy passphrase would only require around $1,000 to break.

Think of the millions, if not billions of online accounts, emails, cloud servers, etc. that have been hacked. It is exponentially more common than a house being broken in to. Furthermore, someone can hack your email and steal your seed without you even knowing about, so you wouldn't even know to transfer your coins out while they are busy brute forcing your passphrase.

Storing your seed online is dangerous.
Saint-loup
Legendary
*
Offline Offline

Activity: 2562
Merit: 2293



View Profile
February 19, 2020, 10:53:30 AM
Last edit: February 19, 2020, 11:27:48 AM by Saint-loup
Merited by vapourminer (1)
 #83

Studies show that the average password has only 40.5 bits of entropy. The 6 lines on the table you've shared correspond to roughly 51, 54, 57, 61, 64 and 67 bits of entropy respectively. It's not clear how they have calculated their "attack costs", but since we can see that for each increment of 3 bits of entropy results in a 10 fold increase in attack cost, we can work backwards and see that a 40.5 bit entropy passphrase would only require around $1,000 to break.
They've calculated the costs like that :

rent out an NVIDIA Tesla V100 GPU from Amazon AWS, which can compute 2160 million SHA-512 hashes per second (see hashcat benchmarks) at $3.06 per hour (see Amazon EC2 Pricing).
With the recovery seed in hand, checking one passphrase requires 2048 HMAC computations, the derivation of some public keys, and checking whether any of them appear on the blockchain. That amounts to over 4096 SHA-512 computations plus additional work checking the blockchain. Thus the attacker could check no more than 620 million passphrases for $1

https://blog.trezor.io/is-your-passphrase-strong-enough-d687f44c63af



The majority of users don't use a passphrase, and of those who do, the majority likely use something that is easy to remember that they have come up with themslves, meaning it is neither long nor random.
40.5 bits of entropy it's 7.8 random lower case alphanumeric characters, that's just 2 characters less than a $1.3M cost breakable password(9.8 char) according to this table. I don't think it's infeasible for most of people to remember 2 extra random alphanumeric characters of the same case.

██
██
██
██
██
██
██
██
██
██
██
██
██
... LIVECASINO.io    Play Live Games with up to 20% cashback!...██
██
██
██
██
██
██
██
██
██
██
██
██
o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18497


View Profile
February 19, 2020, 04:25:32 PM
 #84

40.5 bits of entropy it's 7.8 random lower case alphanumeric characters, that's just 2 characters less than a $1.3M cost breakable password(9.8 char) according to this table. I don't think it's infeasible for most of people to remember 2 extra random alphanumeric characters of the same case.
I also don't think it's infeasible for expect someone to remember a 10 character password. The majority of people in the world have memorized various phone numbers, addresses, email addresses, etc., which all contain more entropy than a 10 character password. The question isn't one of feasibility though, it's one of human nature. People choose passwords, and therefore passphrases, which are short, easy to remember, and quick to enter. Believing that everyone who owns a hardware wallet is using a long, random, and difficult to brute force passphrase is just wishful thinking. Given that only the minority do, it's not a good idea to tell people that they can safely store their seed online when in the vast majority of cases a compromised seed will lead to their funds being stolen.
Kakmakr
Legendary
*
Offline Offline

Activity: 3402
Merit: 1944

This space is availlable for advertising


View Profile
February 20, 2020, 12:29:06 PM
 #85

What if you send potions of your Private key in no specific order and with several different emails within pictures with the help of Steganography? So you insert the first few letters and numbers within a couple of boring cat pictures and then you send a few more emails with different photos containing the remainder of the Private key to another email address you own or that someone else owns?

You then phone them and discuss the pictures in order, eg. So how did you like the picture with the cat in the basket? ....etc.. Nobody listening to the conversation will know that you are actually giving the receiver of that email the order in which he or she has to reconstruct that Private key.

In any way, if you are not under surveillance or a target from a hacker, normal people will not be able to decipher something complicated like this and it will be very difficult to spot.  Tongue

Signature space availlable -Just DM me if you need some advertising.
jerry0
Full Member
***
Offline Offline

Activity: 1736
Merit: 186


View Profile
March 21, 2020, 10:01:41 PM
 #86

Thoughts on program like lastpass and typing it in there and storing it in email?  First that person needs to hack your email.  Then they need to know the master password. 


What about typing in a document but encrypting it with axcrypt?  That way someone get into your email, they still need axcrypt password?



Now what about lastpass.  But you encrypt lastpass too?  So basically you need your email password, axcrypt password and finally lastpass password?
Velkro
Legendary
*
Offline Offline

Activity: 2296
Merit: 1014



View Profile
March 22, 2020, 03:08:02 AM
 #87

Your email can not key your private key safe it's still could be hacked and the information collected.

Not to mention people that have access to your emails all the time like for example gmail server maintance team. They can pull out all private keys from gmail. They probably want to keep their job so they won't do that for now but who knows?
Its really bad idea to store your private keys (BTC) on any cloud service (email included). Cloud service/synchronization options means in reality that your informations (private keys in this example) are put on other person/company server that they have full control of which is bad.
pooya87
Legendary
*
Offline Offline

Activity: 3402
Merit: 10433



View Profile
March 22, 2020, 03:37:39 AM
 #88

Thoughts on program like lastpass and typing it in there and storing it in email?  First that person needs to hack your email.  Then they need to know the master password. 

answer me this, lets say you did encrypt it with a password. how are you going to store that password?
is it something you can memorize? if yes, then there is a good chance that the password you used is a weak one and the encryption can easily be broken.
are you going to back that up also on your cloud? that obviously is not safe!
are you going to make a physical backup like writing it on paper? then why not print the private key or seed on paper in first place?

..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
witcher_sense
Legendary
*
Offline Offline

Activity: 2296
Merit: 4308

🔐BitcoinMessage.Tools🔑


View Profile WWW
March 22, 2020, 01:05:39 PM
 #89

~
are you going to make a physical backup like writing it on paper? then why not print the private key or seed on paper in first place?
Actually, a physical backup of private key or seed phrase would be worse, than same backup of master password. The reason is that in case of random hackers attack, hackers need to know exactly what this is password for. It might be impossible for hackers to find out where to apply that password except that you were stupid enough to write all information next to it. However, both seed phase and private key have notable structure and might be easily recognized.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
bakasabo
Legendary
*
Offline Offline

Activity: 2268
Merit: 1172



View Profile
March 22, 2020, 01:13:20 PM
 #90

Look how I've saved my private key - while making a wallet, I made a photo of private key in iPhone "notes" and put a password on on.
As a picture, it cant be copy/pasted from a document (so I wont fail with that somehow).

This is not a 100% safe way to keep the key, but at least I cant imagine how someone could connect to my iPhone, navigate in apps, tap on notes and fill the password form.

R


▀▀▀▀▀▀▀██████▄▄
████████████████
▀▀▀▀█████▀▀▀█████
████████▌███▐████
▄▄▄▄█████▄▄▄█████
████████████████
▄▄▄▄▄▄▄██████▀▀
LLBIT
  CRYPTO   
FUTURES
 1,000x 
LEVERAGE
COMPETITIVE
    FEES    
 INSTANT 
EXECUTION
.
   TRADE NOW   
Pffrt
Sr. Member
****
Offline Offline

Activity: 1372
Merit: 322


View Profile
March 22, 2020, 01:49:14 PM
 #91

Look how I've saved my private key - while making a wallet, I made a photo of private key in iPhone "notes" and put a password on on.
As a picture, it cant be copy/pasted from a document (so I wont fail with that somehow).

This is not a 100% safe way to keep the key, but at least I cant imagine how someone could connect to my iPhone, navigate in apps, tap on notes and fill the password form.
Your phone can easily be compromised and a hacker can get your private key. It's never a good way to go with such a sensitive matter. It's good for a small amount of BTC but for a bigger amount, you must use a paper wallet or hardware wallet. When you generate a seed key in electrum wallet, it's written that you must not store that electronic device because these are prone to be compromised.
o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18497


View Profile
March 22, 2020, 04:20:45 PM
Merited by vapourminer (1), DdmrDdmr (1)
 #92

Look how I've saved my private key - while making a wallet, I made a photo of private key in iPhone "notes" and put a password on on.
This is terrible way to store your private key. If I were you, I would be creating a new wallet and backing it up securely, and transferring all my coins to it immediately.

Notes will sync through both iCloud and other third party applications like Gmail, meaning there is a good chance that your private key is now stored on any number of servers located anywhere in the world, protected only by a simple password which you likely though up yourself and can remember, meaning it is both short, non-random, and easily brute-forced. You are also trusting Apple 100% in terms of security, password protection, encryption algorithms, uploading process, server security, etc., etc.

There is a reason that every good wallet tells you to store you seed phrases on paper and offline.
jerry0
Full Member
***
Offline Offline

Activity: 1736
Merit: 186


View Profile
March 22, 2020, 07:02:53 PM
 #93

Best way to store your private key physically?  Heard of cryptosteel but wouldn't that have to hidden somewhere similar to like if you wrote it down on the cards?
Pffrt
Sr. Member
****
Offline Offline

Activity: 1372
Merit: 322


View Profile
March 23, 2020, 12:20:35 PM
 #94

Best way to store your private key physically?  Heard of cryptosteel but wouldn't that have to hidden somewhere similar to like if you wrote it down on the cards?
Yeah, otherwise anyone known with BTC may steal your private key. Or even someoe who don't know may throw away too  Grin In my case, I'm storing all of my crypto stuff in my room which is very safe. Be cautious if you are using paper wallet. It may easily get destroyed.
NeuroticFish
Legendary
*
Offline Offline

Activity: 3626
Merit: 6321


Looking for campaign manager? Contact icopress!


View Profile
March 23, 2020, 12:44:31 PM
 #95

Best way to store your private key physically?  Heard of cryptosteel but wouldn't that have to hidden somewhere similar to like if you wrote it down on the cards?

Laminated paper in a safe may be almost as good.
Notes in a book in your library (if you have one) can be also pretty good, but you'll need a backup in case your house gets on fire.

The really good part with cryptosteel is that you can bury it and you're fine.

..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
bakasabo
Legendary
*
Offline Offline

Activity: 2268
Merit: 1172



View Profile
March 23, 2020, 01:02:04 PM
 #96

Notes will sync through both iCloud

But they sync only with iCloud. If someone tries to login in to my iCloud account, I'll receive a notification on the phone with map (ok, person can use VPN, but doubt that he will be in exact location where I usually used to be) asking for a verification, plus he'll need to enter 6 digit code.

How can someone hack or brute that?

R


▀▀▀▀▀▀▀██████▄▄
████████████████
▀▀▀▀█████▀▀▀█████
████████▌███▐████
▄▄▄▄█████▄▄▄█████
████████████████
▄▄▄▄▄▄▄██████▀▀
LLBIT
  CRYPTO   
FUTURES
 1,000x 
LEVERAGE
COMPETITIVE
    FEES    
 INSTANT 
EXECUTION
.
   TRADE NOW   
NeuroticFish
Legendary
*
Offline Offline

Activity: 3626
Merit: 6321


Looking for campaign manager? Contact icopress!


View Profile
March 23, 2020, 01:07:30 PM
Merited by o_e_l_e_o (2)
 #97

How can someone hack or brute that?

There was quite a known hack some years ago, celebrities' private photos went online, you may remember that.
That has happened because somebody has managed to find a hole in iCloud security and exploited it.
Trusting others, especially if we talk about life changing funds, is a terrible idea.

..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18497


View Profile
March 23, 2020, 01:55:20 PM
 #98

But they sync only with iCloud. If someone tries to login in to my iCloud account, I'll receive a notification on the phone with map (ok, person can use VPN, but doubt that he will be in exact location where I usually used to be) asking for a verification, plus he'll need to enter 6 digit code.
A little bit of social engineering is enough to get your phone number and account transferred to a new SIM card. Or maybe they stole your Apple account or email account log in with a key logger or other malware. Or maybe your passwords leaked in one of the multiple data breaches which happen every week. Or maybe your passwords have been stolen via a phishing site. Or maybe you've logged in via a public WiFi and they were stolen that way. Or maybe a security flaw in your browser, OS, or some other piece of software. Or maybe Apple's security isn't top notch. Or maybe a rogue employee has been digging through backed up data looking for something valuable.

There are endless security holes with storing your data online, especially when you aren't encrypting it yourself and are relying entirely on a third party, especially a third party who have been hacked repeatedly in the past.
bob123
Legendary
*
Offline Offline

Activity: 1624
Merit: 2481



View Profile WWW
March 26, 2020, 03:44:33 PM
 #99

How can someone hack or brute that?

That actually not as hard as you might think it is.

While it indeed could be quite frustrating to break into this from a different location, the easiest approach would be to compromise your mobile phone.
You wouldn't notice the notification. The verification would be given within a split second and the 6 digit code would be sent to the attacker.
The whole security in this kind of attack relies on your mobile phone security.


And that's just one attack vector, and definitely not the only one.

Pages: 1 2 3 4 5 [All]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!