Best Practices using BTC/ Wallet Backup

[belgianwhite]

Hi All,

I am relatively new to Bitcoin but I love what I see. I have been buying some coins from MtGox and then transferring them to my wallet at home. I have a friend that has been guiding me on the best practices which I will share here. I am very interested in what others are doing to secure their wallet, and how they use BTC in the wild.

System: Ubuntu 11.04 (32bit on a Acer Netbook) and a frew other Ubuntu systems in the background.

BTC Client: Standard 0.3.2.1 beta for linux (dloaded from btcoin)

Wallet backup: Dropbox -> Truecrypt

I copy  (cp) the file over to the truecrypt folder when I update my wallet

I am curious as to what others are doing out there to back stuff up.

Thanks to all who use and create Bitcoins!

Cheers!

[bracek]

encripted in e-mail attach

[Prze_koles]

encripted in e-mail attach

+1

[cypherdoc]

encripted in e-mail attach

that would mean the encrypted wallet would reside on my ISP's server.  would i really want to leave it there?

[mewantsbitcoins]

encripted in e-mail attach

that would mean the encrypted wallet would reside on my ISP's server.  would i really want to leave it there?

Depends what email you use

[SgtSpike]

So do you true-crypt --> email?  Or some other encryption method?

[mewantsbitcoins]

So do you true-crypt --> email?  Or some other encryption method?

truecrypt is not a method. it's software which provides various methods for encryption.

[cypherdoc]

encripted in e-mail attach

that would mean the encrypted wallet would reside on my ISP's server.  would i really want to leave it there?

Depends what email you use

why?  which ISP's do u consider unsafe?

[mewantsbitcoins]

what i meant was your encrypted email is kept on the servers of your email provider, not your isp, unless your isp is your email provider

[AaronM]

For backing up your wallet.dat, I suggest encrypting it and then using ssss, an open-source implementation of Shamir's Secret Sharing Scheme:

http://point-at-infinity.org/ssss/

With this, you can split your backup into, say, 5 sites, and require that any 2 (or 3 if you're more paranoid) are required to reconstruct your wallet.dat.  For a given number of backup sites, you have a trade-off between loss protection and theft protection.

Has anyone else used ssss besides me?

[cypherdoc]

what i meant was your encrypted email is kept on the servers of your email provider, not your isp, unless your isp is your email provider

what do you think of GoDaddy?

[mewantsbitcoins]

what i meant was your encrypted email is kept on the servers of your email provider, not your isp, unless your isp is your email provider

what do you think of GoDaddy?

I had GoDaddy account, but had to close it due to downtime and tech support incompetence. My personal view is that company is useless.
There is a detailed post by Vladimir about backing up your wallet: https://www.bitcoin.org/smf/index.php?topic=5194.msg75733
What I personally do is use cascade encryption. Truecrypt has a way of encrypting data with three algorithms. If data is encrypted you can keep it anywhere. The only problem then becomes retrieving it and that's up to you and your imagination where to store it. I keep a copy of my encrypted wallet on a few of my computers, dropbox, gmail, few friends have usb sticks that i gave them and few other places that I would not want to reveal. Now I know, that whatever happens, I'll still be able to retrieve my keys from at least one of these places.
Also, I think good practice is to use different keys for your everyday transactions and keeping bigger amounts - like having current and savings account.

This is the philosophy of a paranoid man, but it's better be safe than sorry

[cypherdoc]

what i meant was your encrypted email is kept on the servers of your email provider, not your isp, unless your isp is your email provider

what do you think of GoDaddy?

I had GoDaddy account, but had to close it due to downtime and tech support incompetence. My personal view is that company is useless.
There is a detailed post by Vladimir about backing up your wallet: https://www.bitcoin.org/smf/index.php?topic=5194.msg75733
What I personally do is use cascade encryption. Truecrypt has a way of encrypting data with three algorithms. If data is encrypted you can keep it anywhere. The only problem then becomes retrieving it and that's up to you and your imagination where to store it. I keep a copy of my encrypted wallet on a few of my computers, dropbox, gmail, few friends have usb sticks that i gave them and few other places that I would not want to reveal. Now I know, that whatever happens, I'll still be able to retrieve my keys from at least one of these places.
Also, I think good practice is to use different keys for your everyday transactions and keeping bigger amounts - like having current and savings account.

This is the philosophy of a paranoid man, but it's better be safe than sorry

i use Truecrypt with 3 cascades as well.  i know your paranoia.  i had to laugh at one guy here lamenting how he is backing up his wallet multiple times on multiple computers everyday with 15 character passwords as the price of btc keeps going up.  i'm doing the same thing as are you.  this is crazy.  again though, don't you have to back up all those copies from time to time?  whats the ideal interval or does it even matter?

[cypherdoc]

what i meant was your encrypted email is kept on the servers of your email provider, not your isp, unless your isp is your email provider

what do you think of GoDaddy?

I had GoDaddy account, but had to close it due to downtime and tech support incompetence. My personal view is that company is useless.
There is a detailed post by Vladimir about backing up your wallet: https://www.bitcoin.org/smf/index.php?topic=5194.msg75733
What I personally do is use cascade encryption. Truecrypt has a way of encrypting data with three algorithms. If data is encrypted you can keep it anywhere. The only problem then becomes retrieving it and that's up to you and your imagination where to store it. I keep a copy of my encrypted wallet on a few of my computers, dropbox, gmail, few friends have usb sticks that i gave them and few other places that I would not want to reveal. Now I know, that whatever happens, I'll still be able to retrieve my keys from at least one of these places.
Also, I think good practice is to use different keys for your everyday transactions and keeping bigger amounts - like having current and savings account.

This is the philosophy of a paranoid man, but it's better be safe than sorry

i use Truecrypt with 3 cascades as well.  i know your paranoia.  i had to laugh at one guy here lamenting how he is backing up his wallet multiple times on multiple computers everyday with 15 character passwords as the price of btc keeps going up.  i'm doing the same thing as are you.  this is crazy.  again though, don't you have to back up all those copies from time to time?  whats the ideal interval or does it even matter?

sorry, i actually mean "update" those backups from time to time?

[mewantsbitcoins]

In theory, you don't have to update your back ups because it's the keys that you are actually backing up. All the transactions are stored in the block chain on the network. Although, there might be a possibility of data corruption(on the medium you store the encrypted wallet) for whatever reason, so in practice it's probably not a bad idea to update your backup once in awhile. Also, it helps you to remember the password used for encryption. Doing it every few months should be more than enough.

[casascius]

Safest way I can think of to secure your wallet:

1. Boot from a Live CD with no network/internet connection

2. Install Bitcoin from a new USB flash drive

3. Backup the brand new wallet.dat onto the USB flash drive, so you don't lose it

4. Send your BTC to the first address that is generated by the new Bitcoin installation.

The most useful point I'm trying to make is, a Bitcoin wallet never needs to contact the Bitcoin network EVER, and you can still receive bitcoins into it.  With no network contact, there is absolutely no risk of compromise.

When ready to spend the bitcoins, simply restore the wallet, let the block chain download, and the coins will appear.

[skull88]

I encrypt the backup with a very long password with the help of Truecript, 1 copy on Wuala, 1 on my hdd, 1 on an usb stick and one on an external hdd.
Better save than sorry, and I would get an hart attack if I lose my wallet with the current rates.

[SgtSpike]

I have a weekly unencrypted backup going to my home server.

Oh, and I only have 3 BTC.  Probably makes a bit of difference when deciding on how often/securely one needs to back up. 

[cypherdoc]

I encrypt the backup with a very long password with the help of Truecript, 1 copy on Wuala, 1 on my hdd, 1 on an usb stick and one on an external hdd.
Better save than sorry, and I would get an hart attack if I lose my wallet with the current rates.

doesn't Truecrypt recommend setting up a different container or volume on each of your backup sites and then separately backing up the wallet.dat into each of them?  its a pain to open and close each container.

[dacoinminster]

IF I ever have enough bitcoins to be worried about them, I will put my "savings account" wallet on a CD-R (or two) and put it in a safety deposit box (or two).

The neat thing is, you can still send bitcoins to the savings account while it is sitting in that metal box, and they will show up on your client when you get the CD-R out and use the wallet with bitcoin "2020 edition".