Wallet Safety Help

[Fishbones78]

Hi,
I've been into bitcoin a while now, I sold off 1 CEX.IO GH for $5 in BTC to get myself started. I sold the GH a while back now and I have been working on my BTC balance for a long time. I am determined to get all of my BTC (other than the $5 worth) for free. I now hold 0.0254658 BTC.

My question, is although I hold little BTC (Personally I am proud of this  ), how can i be sure it is safe and are their improvements I could make?

My current security measures are:
- On my desktop I have my .wallet .info and wallet-data (I use multibit, you'll see why in a second). All of these files are encrypted using the built in Windows encryption tool.

- On a flash drive, I have the actual multibit program (so every time I plug the drive in it doesn't take years to update (Multibit is a lite wallet)) along with all of its files and another copy of my .wallet. When I send and receive BTC, I use the flash drive and do not touch the wallet on my desktop.

- Both wallets use multibits encryption, so if i want to send BTC, i have to type in a passcode.

The reasoning behind having the full wallet on my flash drive is because I like to be able to know that if my laptop HDD does break (again) i can simply plug the drive into another PC and it will require no setup. If my flash drive dies, I can simply buy a new one and take the wallet from my desktop (after decrypting).

If im keeping my BTC secure in all of the wrong ways, please let me know but don't be harsh, im 14

Thankyou!

[jonald_fyookball]

definitely safer than most people!  good job.
an upgrade would be to keep the backup that
is on your online machine on some other
offline device like another flash drive or
CD-ROM, encrypted of course.  Probably
you wouldn't use windows encryption for
that...maybe bip38?

but for 0.02 BTC your setup sounds good.

[Fishbones78]

Hi!
Thanks for the reply, a CD-ROM sounds like a great idea for an extra backup.
Thankyou

[cech4204a]

I whish more people would be that secure like you are, i've been reading about 1170 BTC lost due to the hacker attack. Don't forget cold wallet, it might be usefull.

[WootKung]

paper wallet OP!

[Fishbones78]

I whish more people would be that secure like you are, i've been reading about 1170 BTC lost due to the hacker attack. Don't forget cold wallet, it might be usefull.

Haha, thats what made me ask the question, i was reading that to!

[btchris]

As others have said, it sounds like you're off to a great start!

All of these files are encrypted using the built in Windows encryption tool.

Which version of Windows? Do you mean using EFS (where you right click, go to Properties, Advanced, and then check off Encrypt), or BitLocker?

- Both wallets use multibits encryption, so if i want to send BTC, i have to type in a passcode.

There's nothing wrong with MultiBit's encryption, as long as you realize that running brute-force guessers against MultBit wallets is quite a bit faster than against many other wallet types. Brute-forcers can guess around 500,000 to 1,000,000 passwords per second (compared to say 50 per second with Bitcoin Core for example) on a CPU, and possibly faster with a GPU or ASIC. As long as you have a nice long passphrase, you have nothing to worry about from brute-forcing, just be aware that in order to be secure it does have to be longer than you'd need with other wallet types.

Regarding privacy: MultiBit doesn't really encourage the use of multiple addresses, and this leads to some loss of privacy. I think this is fine if it doesn't matter to you (it doesn't matter much to me), as long as you're aware of it.

Regarding backups: Every time you add a new receiving address in MultiBit, your wallet file changes and it must be re-synced with your backups. If you don't often add new receiving addresses, this shouldn't be much of a problem.

Regarding malware: All the encryption and backups in the world won't do you any good if you have malware running on your PC. Along with running some anti-malware software, keeping your PC up-to-date, and so on, I posted some more Bitcoin-specific advice regarding how to avoid trojans over in the bottom half of this post. Most of it's basic common sense sort of stuff which you already seem to have a lot of though... 

[allsopfree]

As others have said, it sounds like you're off to a great start!

All of these files are encrypted using the built in Windows encryption tool.

Which version of Windows? Do you mean using EFS (where you right click, go to Properties, Advanced, and then check off Encrypt), or BitLocker?

- Both wallets use multibits encryption, so if i want to send BTC, i have to type in a passcode.

There's nothing wrong with MultiBit's encryption, as long as you realize that running brute-force guessers against MultBit wallets is quite a bit faster than against many other wallet types. Brute-forcers can guess around 500,000 to 1,000,000 passwords per second (compared to say 50 per second with Bitcoin Core for example) on a CPU, and possibly faster with a GPU or ASIC. As long as you have a nice long passphrase, you have nothing to worry about from brute-forcing, just be aware that in order to be secure it does have to be longer than you'd need with other wallet types.

Regarding privacy: MultiBit doesn't really encourage the use of multiple addresses, and this leads to some loss of privacy. I think this is fine if it doesn't matter to you (it doesn't matter much to me), as long as you're aware of it.

Regarding backups: Every time you add a new receiving address in MultiBit, your wallet file changes and it must be re-synced with your backups. If you don't often add new receiving addresses, this shouldn't be much of a problem.

Regarding malware: All the encryption and backups in the world won't do you any good if you have malware running on your PC. Along with running some anti-malware software, keeping your PC up-to-date, and so on, I posted some more Bitcoin-specific advice regarding how to avoid trojans over in the bottom half of this post. Most of it's basic common sense sort of stuff which you already seem to have a lot of though... 

i didn't notice trojan there, is it there?

[BigMac]

For 0.025 btc, your setup is good enough IMO.
If you have more bitcoin in the future, you may want to keep most of your bitcoin in a paper wallet / offline wallet.

[btchris]

Along with running some anti-malware software, keeping your PC up-to-date, and so on, I posted some more Bitcoin-specific advice regarding how to avoid trojans over in the bottom half of this post. Most of it's basic common sense sort of stuff which you already seem to have a lot of though... 

i didn't notice trojan there, is it there?

The second half of that post talked about how to be safer when it comes to downloading suspicious executables... in other words, software that might actually be a trojan.

[InwardContour]

You are susceptible to a potential key-logging attack, as an attacker could potentially monitor your keyboard for your passwords for you wallet file and your mulibit password and then download a copy of your wallet file

IMO the most important way to secure your wallet is to simply keep a low profile and make it so not many people know that you are holding bitcoin on your computer. This will make it so people would likely not even try to attack your security setup as the chances of them finding bitcoin would be low.

[rbscebu]

I use a Multibit wallet in conjunction with Keepass.

My Multibit wallet is encrypted with a very strong (and long) password generated (and saved) with Keepass. I also save my .key file backup as an attachment to the Keepass entry for my Multibit wallet.

My Keepass is secured with a good strong password (that I can remember) + keyfile. My Keepass database is stored on my Network Attached Storage (NAS) hard disk drive that is regularly backed up (including an off-site back up).

In addition, my brother has the password and keyfile to my Keepass. I regularly email to him a current copy of my Keepass data. This covers me in the event of my death.

[Bitsaurus]

Please check out the alternative client section of the forum. Wallets like Armory and Mycellium offer the same or increased level of security and they have step by step guides for new users.  You don't want to make a wallet retrieval so difficult than should an emergency strike you would not be able to recover your funds easily.

[dipal]

this is good article and it will definitely help me here . I am thankful for all the info and knowledge i got from my fellow investors here
it is some time hard to know from internet and you keep on searching information on net and finally you end of with bunch of information and from which it is difficult to dig out to the point info.

Here topic initiator did really good job by summarizing all safety tips in one roof

thanks again

[earnabit]

Any bitcoins that you don't plan on spending in the next month ought to be put in a cold wallet. I'd suggest a paper wallet from bitaddress.org. if you want to be really paranoid you would generate the key on a computer that you permanently disconnect from the internet, sign all your transactions there, then broadcast them on another computer

[ranochigo]

Since malware can get your key stroke, securing a wallet on your desktop could be dangerous as the attacker can easily get your password and wallet.dat. The best is to create a offline paper wallet on a offline linux computer that have never touched the internet. This way, you can secure your wallet since no malware will be on your computer. Do format your computer after use.

[Lamigo]

You are doing a good job there.

Btw, I prefer Electrum over Multibit, since the Electrum wallet is deterministic and so you just need to make backup once and for all.