Bitcoin Forum
December 06, 2016, 04:08:36 PM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: « 1 [2]  All
  Print  
Author Topic: Suggestion: A simple way to protect new users from losing their wallet.dat's  (Read 5329 times)
Matt Corallo
Hero Member
*****
expert
Offline Offline

Activity: 751


View Profile
May 04, 2011, 05:14:12 PM
 #21

Why only one?
Might be useful for people who don't want their entire wallet to be re-creatable given the password but might want to backup a single address.  Though at that point, printing out the private key would probably just be more secure.

Bitcoin Ubuntu PPA maintainer - donate to me personally: 1JBMattRztKDF2KRS3vhjJXA7h47NEsn2c
http://bitcoinrelaynetwork.org maintainer
PGP ID: 07DF 3E57 A548 CCFB 7530  7091 89BB B866 3E2E65CE
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481040516
Hero Member
*
Offline Offline

Posts: 1481040516

View Profile Personal Message (Offline)

Ignore
1481040516
Reply with quote  #2

1481040516
Report to moderator
ffe
Sr. Member
****
Offline Offline

Activity: 297



View Profile
May 04, 2011, 06:11:34 PM
 #22

Is there any way in the current client to enter a key-pair not generated in that client?
Matt Corallo
Hero Member
*****
expert
Offline Offline

Activity: 751


View Profile
May 04, 2011, 06:19:17 PM
 #23

Is there any way in the current client to enter a key-pair not generated in that client?
Not currently but there are patches to allow importing keys from other wallets and it isn't theoretically too hard.

Bitcoin Ubuntu PPA maintainer - donate to me personally: 1JBMattRztKDF2KRS3vhjJXA7h47NEsn2c
http://bitcoinrelaynetwork.org maintainer
PGP ID: 07DF 3E57 A548 CCFB 7530  7091 89BB B866 3E2E65CE
ffe
Sr. Member
****
Offline Offline

Activity: 297



View Profile
May 04, 2011, 06:38:41 PM
 #24

Well then, if the import-keys function is added, I suggest adding the ability to create a new key-pair seeded by a password entered then and there.

This way you could create one of those keys, park a bit of coin in it and have it available at any time in the future at any client simply by entering the same password.

Not only useful for you, but a neat way to transfer coin using a human memorable password. You and your buddy are having dinner and you need to transfer 10 BTC to him. Your client on your phone creates a temporary key solely for this transfer, based on a simple password you both agree on, and loads it with 10 BTC. He enters the same password on his phone client and moves the coin to one of his permanent keys. The temporary password is not needed any more and can be dropped by both parties.

Of course if a password generated key-pair is used to store coin long term, make the password a strong one and print it out!
Garrett Burgwardt
Sr. Member
****
Offline Offline

Activity: 350



View Profile
May 04, 2011, 08:20:16 PM
 #25

Well then, if the import-keys function is added, I suggest adding the ability to create a new key-pair seeded by a password entered then and there.

This way you could create one of those keys, park a bit of coin in it and have it available at any time in the future at any client simply by entering the same password.

Not only useful for you, but a neat way to transfer coin using a human memorable password. You and your buddy are having dinner and you need to transfer 10 BTC to him. Your client on your phone creates a temporary key solely for this transfer, based on a simple password you both agree on, and loads it with 10 BTC. He enters the same password on his phone client and moves the coin to one of his permanent keys. The temporary password is not needed any more and can be dropped by both parties.

Of course if a password generated key-pair is used to store coin long term, make the password a strong one and print it out!

Bad idea. What happens when two people use the same password?
ffe
Sr. Member
****
Offline Offline

Activity: 297



View Profile
May 04, 2011, 08:40:12 PM
 #26

Well then, if the import-keys function is added, I suggest adding the ability to create a new key-pair seeded by a password entered then and there.

This way you could create one of those keys, park a bit of coin in it and have it available at any time in the future at any client simply by entering the same password.

Not only useful for you, but a neat way to transfer coin using a human memorable password. You and your buddy are having dinner and you need to transfer 10 BTC to him. Your client on your phone creates a temporary key solely for this transfer, based on a simple password you both agree on, and loads it with 10 BTC. He enters the same password on his phone client and moves the coin to one of his permanent keys. The temporary password is not needed any more and can be dropped by both parties.

Of course if a password generated key-pair is used to store coin long term, make the password a strong one and print it out!

Bad idea. What happens when two people use the same password?

Nothing worse than if you save your wallet on a public forum, as far as I can tell. If you're stupid, you lose your coin.  No one is storing any coin long term in these keys and if someone is stupid enough to use "password" as the password he should expect a collision sometimes.

If we want to protect stupid users I suppose the client could perform basic checks like password quality indicators and checking that the new key-pair has never been seen before in the block chain. My experience is it's a losing game trying to protect stupid people from themselves.
Garrett Burgwardt
Sr. Member
****
Offline Offline

Activity: 350



View Profile
May 04, 2011, 09:07:01 PM
 #27

People will always want to use simple phrases or words. Collisions will abound, and it will only serve to cause trouble. Leave it out I say.
casascius
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1344


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
May 05, 2011, 03:37:12 AM
 #28

People will always want to use simple phrases or words. Collisions will abound, and it will only serve to cause trouble. Leave it out I say.

For single uses, I would suggest it's already feasible to do this, just use a throwaway MyBitcoin account, and using passwords to generate single addresses is outside the scope of the original suggestion.  Using MyBitcoin, the security needs of passing a password as a proxy for a single transfer could be met with a weaker password since using an online service takes away the opportunity to brute force billions and trillions of possibilities per second.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper wallets instead.
Pages: « 1 [2]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!