Electrum Portable on External Hard Drive

[ThatDevAaron]

Is using portable on an external drive bad? I am using it as kind of a on-the-go wallet and using it for all my wallets.

Is this insecure? Feels more secure if anything.

[1714323634]

1714323634

[1714323634]

1714323634

[1714323634]

1714323634

[1714323634]

1714323634

[ranochigo]

It's not insecure per se, it's just not the best security practice. The relevant files needed for the operation will be stored in the folder which is the same as the Electrum portable exe.

The main problem arises when you're plugging your drive and running it on different computers. The rationale why portable exes are considered to be more dangerous is because users tends to run it on insecure computers that could extract the wallet files or have malwares and potentially providing an avenue for malwares to spread through your disk drive and eventually to your own computers when you plug it in.

However, if you're looking for portability, consider using a hot wallet on your phone instead. It's way more secure.

Btw using a hard disk for Electrum isn't necessary, a removable USB flash drive will be more than sufficient.

[NotATether]

You should definitely look at using disk encryption on your external drive so that malware that wants to read your wallet has to figure out the password before the disk can be mounted. This also has the benefit of being able to unmount the hard disk when you are not using Electrum, which will still prevent malware from accessing the drive. If you happen to lose your external drive then you don't have to worry about your wallet's safety either as long as you used a good password.

There used to be a software called TrueCrypt that could encrypt your drive, but that was discontinued. Bitlocker To Go for Windows is also a good choice. For Linux you can look into encrypting partitions with LUKS.

[Chikito]

Is using portable on an external drive bad? I am using it as kind of a on-the-go wallet and using it for all my wallets.

Is this insecure? Feels more secure if anything.

the best way is to create live OS Linux on your external drive and installing Appimage electrum (or you can installing tails OS with electrum inside) https://tails.boum.org/doc/first_steps/start/pc/index.en.html

[Husna QA]

the best way is to create live OS Linux on your external drive and installing Appimage electrum (or you can installing tails OS with electrum inside) https://tails.boum.org/doc/first_steps/start/pc/index.en.html

Electrum files are not as big as Bitcoin Core, although Tails OS can be installed on an external hard drive (https://www.rhunbre.com/running-tails-on-an-external-hdd-or-ssd/). However, I think using a removable USB flash drive is sufficient.

https://www.reddit.com/r/tails/comments/4izu4v/is_it_safe_to_install_tails_on_an_external_hdd/

[hugeblack]

There used to be a software called TrueCrypt that could encrypt your drive, but that was discontinued. Bitlocker To Go for Windows is also a good choice. For Linux you can look into encrypting partitions with LUKS.

also, the external drives are easy to drive damage and most of them die when they fall. I lost two devices because of that.
If you are running Electrum Portable version, managing it from an external disk will increase the difficulty and reduce security.

I can think of some alternatives that will increase the security, but it will get more complicated, so use that disk for something useful.

[bob123]

There used to be a software called TrueCrypt that could encrypt your drive, but that was discontinued. Bitlocker To Go for Windows is also a good choice.

The successor of TrueCrypt is VeraCrypt.
Definitely recommendable. Not like Bitlocker which i would avoid whenever possible.

also, the external drives are easy to drive damage and most of them die when they fall. I lost two devices because of that

This mostly happens to mechanical disks. SSD's aren't that prone to damage by falling.
Or did this happen to you with a flash drive (USB stick, SSD, .. ) ?

[bob123]

Not like Bitlocker which i would avoid whenever possible.

Because it's closed source or many possible attack vector (https://blog.elcomsoft.com/2020/05/unlocking-bitlocker-can-you-break-that-password/)?

Because it's from Microsoft 

I wouldn't ever trust Microsoft to not put a backdoor into it. The user wouldn't even notice it.
Maybe there is a backdoor already.. who knows. It's Microsoft we are talking about.. I really wouldn't be surprised.