Possible Compromised Laptop With Seed in Password Manager?

[jerry0]

My issue with this is in order for me to access my software wallet, I need to enter my seed on that computer.  I have my seed on paper but also in my password manager.  Thus me entering my seed into the laptop could compromise it if if already wasn't compromised.



So based on that, what should i do?  Im typing this on another computer right now.  But I can't use this computer to download the software wallet because this computer does not support windows.



So is best option to get a new computer and then install those software and then enter my seed in it?  Then if my coins are there, create another seed for that coin and send all my coins there?  Thus do this all on another device?  Then when I use my possible compromised laptop and log into my password manager, even if they could see everything, well the coins are moved from there?



Someone recommended me to download kapersky total and scan for virus/malware.  But would that work?  Such that if it finds any malware/trojan or browser hijacking, then it could remove all of it?  And thus I could continue to use my possible compromised laptop as is?



Advice on this? 

[o_e_l_e_o]

Yes I know to not store seeds in password manager.  But I did do that with some of them.  But I guess this situation is similar to using software wallet.

Except it isn't because you unlock your password manager constantly every single time you use your computer, whereas you might only enter your wallet password a couple of times a month.

So you telling me if it finds nothing at all, then my computer is safe from anytype of malware/keylogger etc?

There is no malware scanner or similar in existence which can guarantee it will find 100% of viruses/malware.

But I can't use this computer to download the software wallet because this computer does not support windows.

What OS are you using? What software wallet are you trying to use? Why not just use something like Electrum?

[Pmalek]

My issue with this is in order for me to access my software wallet, I need to enter my seed on that computer.  I have my seed on paper but also in my password manager.  Thus me entering my seed into the laptop could compromise it if if already wasn't compromised.

Forget about the password manager if you have that same seed on your computer. You have a Ledger Nano S. Why are your coins not on the Ledger?

Someone recommended me to download kapersky total and scan for virus/malware.  But would that work?  Such that if it finds any malware/trojan or browser hijacking, then it could remove all of it?  And thus I could continue to use my possible compromised laptop as is?

You ask for advice. People give you advice. Then you ask if the given advice is good or if you should do it in a different way. Ultimately, you are probably not going to listen to what people tell you anyway. An anti-virus or anti-malware software is not some magical eraser that undoes your mistakes. It could find and neutralize a malware on your computer, but it is also possible that it doesn't detect it at all. In case of new malware, the software might not have the definitions to classify it as malicious. We don't know what you clicked on and if the site was configured to automatically download and execute some type of malware.

Advice on this?

You have played with fire and now you got burned. You have been told multiple times not to store your seed digitally and you keep finding excuses why that's OK for you.

Your computer might be compromised. If you are lucky, it wasn't. Buying a new computer won't solve the problem that the files you have on your old one are potentially infected. If your coins are your priority, reformat your computer, and start from scratch.

If your coins are gone, they are gone. There is very little you can do about it. Buying a new computer just to restore your wallet will only tell you if they are there or not. What are you going to do with the old one and the data you keep on it?

[bob123]

I truly hope this is a joke.

You are asking these questions for years now.
We have exchanged multiple PM's. And there were way more people in contact with you via PM to help you set up something secure.

Every single person told you to not store your mnemonic code / seed of the hardware wallet on your PC.. and you still did that?

You know.. you are probably lucky.
Simply visiting a phishing site doesn't result in your computer getting compromised. Especially since the people behind phishing sites usually aren't the smartest one. Definitely not smart enough to find an exploit for the browsers sandbox.
However.. how could you possibly store your mnemonic code on your daily computer? Didn't you listen to everyone talking to you?

[n0nce]

~

He has a Nano S? He should just import the paper seed into a fresh Electrum wallet or even BlueWallet on his mobile if he only has that one infected machine; then send all funds to the Ledger & that's it. Coins secured. That's the simplicity of hardware wallets.. Of course he could also buy a new laptop, rip out connectivity & set it up as an airgapped, dedicated Bitcoin machine, but that will probably need more money and time.

After that, backup files & pictures that are important, however stay careful, as you said, since they could all be infected. So maybe scan them or shit like that before putting them back onto a 'clean' machine.

[Pmalek]

I truly hope this is a joke.

I don't think it is.
 

Every single person told you to not store your mnemonic code / seed of the hardware wallet on your PC.. and you still did that?

I think his seed was already saved in a password manager before he started asking if that is ok to do. He was probably looking for confirmation from someone that it's a good way to protect the seed. But even after multiple people told him it isn't, he felt there was no reason to change anything.

However.. how could you possibly store your mnemonic code on your daily computer? Didn't you listen to everyone talking to you?

If you give Jerry advice, he asks other people if the advice you gave is good. If he gets confirmation that it is, he will tell you that he has decided not to do it the way you told him to.

He has a Nano S? He should just import the paper seed into a fresh Electrum wallet or even BlueWallet on his mobile if he only has that one infected machine; then send all funds to the Ledger & that's it. Coins secured.

Yeah, he has a hardware wallet, but he doesn't always have access to it. Or more precisely to its seed. He has been asking questions about passphrases and how to set one up on Ledger for over 2 years. He never did of course. He can surely send his coins to his Nano S even if he uses a potentially vulnerable computer. But his paranoia levels are extremely high and I don't think he wants to connect it to that potentially infected PC.
@Jerry
What is the problem with the other computer you mentioned that you have? You said it doesn't have Windows. Ledger Live is available for Linux and MAC as well. I am not sure about the other software you are trying to save but you should check it out.

[ABCbits]

This thread remind of proverb You can lead a horse to water, but you can't make it drink.

My question is... is there a way to check if the website I went to indeed had malware/trojan/keylogger etc?  Such that if you post that link on a website, it would scan if there is anything malicious?  Or its possible it could be hidden where a website can't even scan it? 

You could try https://www.virustotal.com/ and choose "URL" or "Search" option, but obviously this website can't detect all kinds of malware, keylogger, etc.

~

He has a Nano S? He should just import the paper seed into a fresh Electrum wallet or even BlueWallet on his mobile if he only has that one infected machine; then send all funds to the Ledger & that's it. Coins secured. That's the simplicity of hardware wallets..

He has, check https://bitcointalk.org/index.php?topic=5371526.msg58445037#msg58445037.

Of course he could also buy a new laptop, rip out connectivity & set it up as an airgapped, dedicated Bitcoin machine, but that will probably need more money and time.

I doubt he'll bother doing it when he use password manager to store seed.

[BlackHatCoiner]

So, jerry, to sum up;

• Don't store your seed phrases anywhere electronically. Whether that's a txt file or a password manager. Consider just keeping them on paper.
• Always verify the authenticity of the software you install.
• Don't keep important information (such as money or personal stuff) on a computer that can be easily compromised.
• Don't feel unstressed or secure by installing anti-viruses on an operating system that relies on anti-viruses.

[Pmalek]

<Snip>

And most importantly, don't waste our time or your own time by asking people for help and advice on how to do things as safe and as efficient as possible only to do the exact opposite in the end. What's the purpose of it all? I don't understand the logic of asking and trying to learn about the dangers of storing mnemonics and private data digitally, only to tell us 2 years later that you disregarded everything you possibly could you put your coins in danger.     

[jerry0]

First off, I know you all say don't put your seed phrases on the password manager.  I understand that.  The thing is some seeds i want access to easily so that is why i stored it in password manager.



The thing is what should you put in your password manager then?  I got to assume most of you put your email and banking information passwords there right?  Again my email and banking passwords, i don' even know what it is because its generated by the password manager.  I heard back then you should not use a regular password and make password manager generate it for you.  Don't most of you do that?  Can't imagine you write down your password on paper for each bank and email... especially if the password could be a 50 word character etc.



The reason I couldn't use my other computer is its chromebook.  I actually got another windows computer recently.  So go and try to restore the seeds on the new device is what everyone here suggest right?  Again I didn't have a spare windows computer to just do things.   Yes i do have a nano ledger.  The issue is lot of the coins i have and the seeds, they do not support the coin.  If they did, i would transfer every single coin of mine that has a seed phrase into nano ledger.



The other thing is this.  Do you write down your google authenticator for sites like coinbase and binance etc on password manager?  So that is not safe as well?  I have to assume you all put your username/password on password manager for exchanges right?  No way you guys are writing it on paper and log in each time that way especially if its a very long seed.

[jerry0]

Also im sure people here accidentally clicked on wrong links all the time.  Again im usually very careful with this which is why i haven't had issues.  I only have windows defender and malwarebytes free.  


The issue is if i want to backup the things in my laptop, i dont want to back any infected files to it.  So what is the suggestion now?  I do not want to wipe all my files because there are some files that i did not transfer to either my usb flash drive or the cloud.



The other thing is this.  I do not see anything suspicious about my email addresses.  So would that mean most likely im not compromised?  Again when this happened, I clicked on something and it went to a website that is not a legit site because the name of the site is not suppose to end the way its suppose to.  Also windows defender scanned a lot of threats on it which I rarely ever have etc.  It did seem to remove it but im note sure if its fully removed or not.  But I clicked on the link, my password manager was opened at the time which was my concern.  But I then closed it.  Since the, I have not tried to log in to my password manager on my laptop but has turned on the laptop few times etc.



Someone here suggested kaspersky and just scan it and that is the best option.  Again im overwhelmed by all of this.  So you suggest changing my email passwords on my new computer and phone for any active email im currently using?  



But wouldn't this situation happen to many people who have accounts though like with exchanges?  Thus someone has access to their username/password and then log in?  But if they have google authenticator, they are safe right?  But what if someone put their google authenticator private key or thing like that on program manager.  They are essentially screwed then?  The same with if someone click on wrong link on their iphone?  What about that?

[o_e_l_e_o]

First off, I know you all say don't put your seed phrases on the password manager.  I understand that.  The thing is some seeds i want access to easily so that is why i stored it in password manager.

Why would you need to access the seed phrase easily? That's what wallets are for. Even so, if you must access it easily then write it on paper and carry it in your pocket (although that's also an incredibly stupid thing to do).

Don't most of you do that?

Yes, I use a password manager. The difference here is I have 2FA set up on all my important accounts, and I receive a notification on my phone whenever someone who isn't me tries to log in to anything important. You don't get that with a bitcoin wallet.

Do you write down your google authenticator for sites like coinbase and binance etc on password manager?  So that is not safe as well?

Oh my god no. Write down your 2FA codes on paper! What is the point of having 2FA if you store the back up code for it in the same place as you store the password for all your accounts? It isn't two factors if they are both stored side by side.

So what is the suggestion now?

The exact same it's been the last dozen times you have asked.

[jerry0]

When I mean accessing seed easily, I mean like if you don't have your seed with you because you are in another location.  Yea writing it on paper and carrying it with me is not good.  That is why i stored my seed on the password manager.



Okay so you set up two factor authorization with all your important accounts.  Can you tell me what accounts these are that are not bitcoin wallet?  You mean like email, banking and crypto exchanges?  So basically even if someone has your username/password to the email, banking and crypto exchange passwords, unless they get your two factor authorization code, its useless for them right?  Unless you actually wrote that two factor authorization on the password manager?



I had thought you put your two factor authorization on password manager.  Then I thought that isn't good idea because if someone has that, they can just access your account on their phone.  So you are saying... when writing physically on paper... do the seed phrase and any two factor authorization codes right?  Is there anything else?  What if its like those json files that is access to a certain crypto wallet?  I forgot the name of it but its starts with a J and its like json file or something like that?  So where do you store those then?  If you have a copy on your computer, then isn't it risky if you ever catch malware then?  So that you put it in a usb flash drive an encrypt it?  I'm not sure what is the exact name of these files but I know you can't write or type it down.  Its like a file.  What is the name of this?



What two factor authorization do you use for all your accounts?  I assume google authenticator?  Or something else?  I heard things about authy which is similar to google authenticator and yubikey?



Again the issue here is many people accidentally click on links on their computer or on their phone.  On their phone is much more likely though since the screen is small.  So how do you protect yourself in situations like this?  Make sure you have kaspersky or bitdefender?  Does anyone here use these programs and it always protects them when visiting sites that might be dangerous?

[Pmalek]

Can't imagine you write down your password on paper for each bank and email... especially if the password could be a 50 word character etc.

Those can all be reset. You forget your password, you reset it and request a new one over your email. If you lose or forget your email, you contact your bank, verify yourself, and have them change whatever details are needed so you an have access to your account again. And like o_e_l_e_o mentioned, you can use 2FA with online banking. Who are you going to contact if you lose your passphrase or get it hacked/stolen? There is no customer service to change it for you and give you a new one. You are the customer service, the bank director, and the bank clerk.

I actually got another windows computer recently.  So go and try to restore the seeds on the new device is what everyone here suggest right?

Yeah do that if it's safe and malware-free. Brand-new from the shop or just recently had its OP reinstalled.   

The issue is lot of the coins i have and the seeds, they do not support the coin.  If they did, i would transfer every single coin of mine that has a seed phrase into nano ledger.

What kind of shitcoins are you into that Ledger doesn't support them? They support over 1.000 different assets. That's not a reason to store your seeds digitally, nothing is. 

The other thing is this.  Do you write down your google authenticator for sites like coinbase and binance etc on password manager?

 There is this thing called a pen and paper. Some would say that it's obsolete technology, but it still works wonders you know!

Also im sure people here accidentally clicked on wrong links all the time. 
Again im usually very careful with this which is why i haven't had issues.

How do you accidently click on wrong links all the time? Yes, it can happen sometimes, but it shouldn't. You are not careful about anything Jerry.

The issue is if i want to backup the things in my laptop, i dont want to back any infected files to it.  So what is the suggestion now?  I do not want to wipe all my files because there are some files that i did not transfer to either my usb flash drive or the cloud.

You are asking what to do, but you have already made up your mind to keep all your files, so keep them. Some of them may or may not be infected, who knows.

The other thing is this.  I do not see anything suspicious about my email addresses.  So would that mean most likely im not compromised?

Not necessarily. If I wanted to steal your crypto and your seed phrases, I don't need access to your email. 

Again when this happened, I clicked on something and it went to a website that is not a legit site because the name of the site is not suppose to end the way its suppose to.

That's why you check what you click on before you click on it.

Also windows defender scanned a lot of threats on it which I rarely ever have etc.  It did seem to remove it but im note sure if its fully removed or not.

And? What do you want us to do about it? Your AV picked something up. It could be connected to the site you visited or it's from something earlier.

So you suggest changing my email passwords on my new computer and phone for any active email im currently using?

Changing them from time to time is a good idea anyways. Why not do it now when there is a possibility of an infection.

But what if someone put their google authenticator private key or thing like that on program manager.

There is something seriously wrong with you.

So basically even if someone has your username/password to the email, banking and crypto exchange passwords, unless they get your two factor authorization code, its useless for them right?

That's the whole point of having 2FA. No one can access your accounts with just the standard login details unless they also have the 2FA code. Jesus Christ!

What if its like those json files that is access to a certain crypto wallet?

JSON files just encrypt your private keys. If you have multiple copies of your seed phrase (written down on paper Jerry, not in password managers) you don't need copies of private keys or JSON files.

What two factor authorization do you use for all your accounts?

Any of them is better than having none. Here, use this source for some more info.   

Again the issue here is many people accidentally click on links on their computer or on their phone.

That's irrelevant. If you stick your dick into a beehive, you are bound to get stung. 

[o_e_l_e_o]

When I mean accessing seed easily, I mean like if you don't have your seed with you because you are in another location.

Then carry a good hardware wallet with you. This is infinitely more secure than carrying around you seed phrase.

Can you tell me what accounts these are that are not bitcoin wallet?

Literally every account which lets me use 2FA.

I had thought you put your two factor authorization on password manager.

This defeats the entire point of 2FA. If someone compromises your password manager, then they have both your password and your 2FA code, and so your 2FA achieves nothing.

So where do you store those then?  If you have a copy on your computer, then isn't it risky if you ever catch malware then?

I have a tiny amount of coins stored on hot wallets. Yes, if I was to become infected with malware those coins would be at risk. That is a risk I am willing to take because of the tiny amount of coins and the fact that I have never once been infected with malware because I don't go around clicking on random links.

What two factor authorization do you use for all your accounts?  I assume google authenticator?  Or something else?  I heard things about authy which is similar to google authenticator and yubikey?

Aegis or a hardware key. Google Authenticator and Authy are bad choices.

So how do you protect yourself in situations like this?  Make sure you have kaspersky or bitdefender?

I don't click on random links and I don't use Windows.

[bob123]

I think his seed was already saved in a password manager before he started asking if that is ok to do.

I remember telling him 2 or 3 years ago.

First off, I know you all say don't put your seed phrases on the password manager.  I understand that.  The thing is some seeds i want access to easily so that is why i stored it in password manager.

Do whatever you want to.
Then please also accept any consequences.

I really don't get what your problem is. If you coins got stolen, you kind of asked for it. If they weren't, you were lucky.
If it is the first, stop doing nonsense and listen to the valuable advices. If it's the latter, secure your coins and do whatever you want to.

So how do you protect yourself in situations like this?  Make sure you have kaspersky or bitdefender?  Does anyone here use these programs and it always protects them when visiting sites that might be dangerous?

How? By not clicking dumb shit.
Does this software protect you? No (as mentioned multiple times already).

[jerry0]

Bob.  So let say you were googling things such as how to clean your computer or download files you need.  Or it could be something as wanting to find a recipe for cooking.  You go on google and look at links for cooking recipes etc.  Then when you click on a link that seems to get you to a recipe on google, then it gets you to a bad link.


How you do protect yourself in these situations?  You say by not clicking dumb things.  Well with my windows laptop, I am extremely careful with it throughout the years.  Only once or twice did I click on a link like that.  Last time it was through a website that is legit so I wasn't that concerned because windows defender didn't find anything.



The people that say don't click random links.  Of course i understand that.  Again im very careful with this normally until this time.  It wasn't even a link, it was an answer to a question on google where i thought it would just open up an answer,,, the link opened up.  Then i did virus scan on windows scan and it found lot of threats.  Then how in the world do you protect yourself when googling things then?  I mean are you suppose to inspect every single site you want to visit?  So imagine you looking for cooking recipes and found a bunch of sites... you have to make sure its a cooking recipe site?  So would kasperky or bitdefender alert you when you click on it that its a dangerous site and then you can go back?  This is getting beyond ridiculous because how can anyone web browse at all if things are like this.  Again im extremely careful when web browsing and downloading things.  This site just opened up when I thought all it does was give an answer to a question.

[o_e_l_e_o]

How you do protect yourself in these situations?

Don't use Windows. Keep your Linux OS and browser software up to date. Don't use Chrome. Don't use Google since they happily accept money from scammers and criminals to promote their ads. If you aren't using Tor, then use Firefox and install uBlock Origin, HTTPS Everywhere, and NoScript. Don't browse for random things on the same computer you are using to secure your bitcoin. Don't download random files.

It wasn't even a link, it was an answer to a question on google where i thought it would just open up an answer,,, the link opened up.  Then i did virus scan on windows scan and it found lot of threats.

Lots of threats? It sounds like your machine has been infected for a while and you were just unaware up until now.

[BlackHatCoiner]

Then i did virus scan on windows scan and it found lot of threats.  Then how in the world do you protect yourself when googling things then?  I mean are you suppose to inspect every single site you want to visit?  So imagine you looking for cooking recipes and found a bunch of sites... you have to make sure its a cooking recipe site?

I don't understand why you've made it such a big deal. A computer that does not have a firewall protection is more vulnerable to be compromised. Just turn on your anti-virus, it will detect malicious sites and files. It's not recommended to keep bitcoins in such computer that connects to the internet either way.

You said you have a hardware wallet? What stops you from using it?

[n0nce]

How you do protect yourself in these situations?

Don't use Google

This is a big one for me. When I stopped using Google, it delivered better results than the alternatives, but I still switched for privacy reasons. However, recently I sat at another person's PC, which used Google by default and man, those results are hideous. Not only are the first few results ads; but also visually pretty well disguised. And lots of the actual results are totally trash and obviously paid to get those high rankings. While not actually being labelled as ads at all!
I can see how it's easy to misclick on some of those when looking for innocent stuff.

However - and I'm making an assumption here - it also depends what you're searching for. While this should all be common sense, obviously when looking for example for cracked software and other kinds of piracy, the probability is higher that someone is going to try to grab your money another way. I sincerely doubt you will get scammer links when sincerely looking just for recipes or technical questions online. Of course I can only judge this as someone using DuckDuckGo and Startpage; it's possible that Google will show you scam links in top positions when looking for recipes. But on the engines I use, I would almost guarantee the results are clean.

Also, after a while on the net, you should already see from the URL if it's something familiar, normal-looking or if it looks fishy. Like, the actual domain name, for instance. Above all search results (also in Google; just checked via Incognito window), you see it; and you also see the whole link when hovering.

Long story short: this should all be considered standard, basic precautions when surfing the web; but I guess some people don't want to bother. Then it's on them.

I also agree that a few extensions like uBlock Origin and HTTPS Everywhere are adviseable; some scammer sites don't get a certificate (or don't want to - since usually proof of ID is needed) and Origin removes some scammy shit like ads on Google by default, I think. Depends on your lists. Of course also great for privacy due to tracker blocking, but that's another story.

You said you have a hardware wallet? What stops you from using it?

He already said that he invests heavily in shitcoins so shitty that Ledger doesn't even have apps for them in their list of 1300+ coins.
It also seems like he just has a ton of different coins and I just discovered the other day that you can basically just install a handful of coins onto a Ledger Nano S, even if it 'supports' hundreds.

It's totally misleading that Ledger writes on their websites how Nano S is supporting 1100+ coins and app to 6 apps installed on your device, but in reality you can't install more than 2 or 3 apps.

Yes i do have a nano ledger.  The issue is lot of the coins i have and the seeds, they do not support the coin.  If they did, i would transfer every single coin of mine that has a seed phrase into nano ledger.

To be honest, if you're dabbling with these kinds of coins; while it's not my topic of interest, from what I know, these are used as very-short-term investments. Meaning, you buy a bunch, if they skyrocket, you insta-sell and then go to the next one. So, while I'm super duper pro-cold storage, hardware wallets, and all that; it may be financially smarter to keep them on an exchange so you can sell quicker. It also seems to me that a (reputable!!!) exchange might even be a safer custodian of those coins than someone keeping the seeds in the password manager.
Just an idea.