Bitcoin Forum
November 07, 2024, 04:56:20 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 [2] 3 »  All
  Print  
Author Topic: Wallet Encryption Password,  (Read 2145 times)
rhkazani1 (OP)
Hero Member
*****
Offline Offline

Activity: 504
Merit: 500



View Profile
August 08, 2014, 04:33:09 PM
 #21

No. If you want to secure the wallet, you should move its funds out into a new wallet asap. As stated earlier, locally changing the wallet's password from A to B does not secure the wallet if a stranger owns the wallet.dat file which was encrypted with password A and knows password A. If you change it to B, that has no effect on the compromised wallet.

What will the best way to move funds, rename old wallet.dat let the QT create a new one, generate a new address on the new wallet and then go back to old wallet transfer to new wallet?
Amph
Legendary
*
Offline Offline

Activity: 3248
Merit: 1070



View Profile
August 08, 2014, 04:33:14 PM
 #22

No. If you want to secure the wallet, you should move its funds out into a new wallet asap. As stated earlier, locally changing the wallet's password from A to B does not secure the wallet if a stranger owns the wallet.dat file which was encrypted with password A and knows password A. If you change it to B, that has no effect on the compromised wallet.

This is exactly what i thought, but you guys have spent more time on it, so wanted a clarification. Thanks.

he said "and knows password A", my case talk about the contrary, he don't know the password
rhkazani1 (OP)
Hero Member
*****
Offline Offline

Activity: 504
Merit: 500



View Profile
August 08, 2014, 04:36:02 PM
 #23

No. If you want to secure the wallet, you should move its funds out into a new wallet asap. As stated earlier, locally changing the wallet's password from A to B does not secure the wallet if a stranger owns the wallet.dat file which was encrypted with password A and knows password A. If you change it to B, that has no effect on the compromised wallet.

This is exactly what i thought, but you guys have spent more time on it, so wanted a clarification. Thanks.

he said "and knows password A", my case talk about the contrary, he don't know the password

The point is wallet password is stored locally, so if you have my point in time wallet.dat copy with password 123456, now matter if i change 10 password you have the wallet.dat with password 123456.
instacalm
Hero Member
*****
Offline Offline

Activity: 798
Merit: 500



View Profile
August 08, 2014, 04:37:26 PM
 #24

No. If you want to secure the wallet, you should move its funds out into a new wallet asap. As stated earlier, locally changing the wallet's password from A to B does not secure the wallet if a stranger owns the wallet.dat file which was encrypted with password A and knows password A. If you change it to B, that has no effect on the compromised wallet.

What will the best way to move funds, rename old wallet.dat let the QT create a new one, generate a new address on the new wallet and then go back to old wallet transfer to new wallet?

Yes, that would be a way. Or send it to an exchange and then to an address of your new wallet.
rhkazani1 (OP)
Hero Member
*****
Offline Offline

Activity: 504
Merit: 500



View Profile
August 08, 2014, 04:37:54 PM
 #25

No. If you want to secure the wallet, you should move its funds out into a new wallet asap. As stated earlier, locally changing the wallet's password from A to B does not secure the wallet if a stranger owns the wallet.dat file which was encrypted with password A and knows password A. If you change it to B, that has no effect on the compromised wallet.

What will the best way to move funds, rename old wallet.dat let the QT create a new one, generate a new address on the new wallet and then go back to old wallet transfer to new wallet?

Yes, that would be a way. Or send it to an exchange and then to an address of your new wallet.

Got it, thanks.
Amph
Legendary
*
Offline Offline

Activity: 3248
Merit: 1070



View Profile
August 08, 2014, 04:37:59 PM
 #26

No. If you want to secure the wallet, you should move its funds out into a new wallet asap. As stated earlier, locally changing the wallet's password from A to B does not secure the wallet if a stranger owns the wallet.dat file which was encrypted with password A and knows password A. If you change it to B, that has no effect on the compromised wallet.

This is exactly what i thought, but you guys have spent more time on it, so wanted a clarification. Thanks.

he said "and knows password A", my case talk about the contrary, he don't know the password

The point is wallet password is stored locally, so if you have my point in time wallet.dat copy with password 123456, now matter if i change 10 password you have the wallet.dat with password 123456.

it should work like an account, if someone steal my aka(and he don't change the pass) then if i change it he can't access anymore

of i forgot that we are talking about a decentralized thing..yeah it makes sense
BowieMan
Full Member
***
Offline Offline

Activity: 154
Merit: 100


Is there life on Mars?


View Profile
August 08, 2014, 04:38:16 PM
 #27

Let's say I encrypted my wallet with a password "123456" and I kept the same password for 2 months. I then somehow realized that my wallet is hacked, or I had a trojan/malware or some one might have my wallet.dat, I plan to change my password to "98765".

Lets say someone hacked my wallet before I changed the password, So what password is now effective? Is 123456 or 98765? Which password does he need to get the coins?

No password is 'in effect'. Spending the Bitcoins is possible only if someone has the private key to the address. The private key is encrypted in the wallet. If an attacker now has access to the private key, it doesn't matter how you encrypt the private key, since it already has been compromised! Makes sense? Any questions?

▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
PRIMEDICE
The Premier Bitcoin Gambling Experience @PrimeDice
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
rhkazani1 (OP)
Hero Member
*****
Offline Offline

Activity: 504
Merit: 500



View Profile
August 08, 2014, 04:40:19 PM
 #28

Let's say I encrypted my wallet with a password "123456" and I kept the same password for 2 months. I then somehow realized that my wallet is hacked, or I had a trojan/malware or some one might have my wallet.dat, I plan to change my password to "98765".

Lets say someone hacked my wallet before I changed the password, So what password is now effective? Is 123456 or 98765? Which password does he need to get the coins?

No password is 'in effect'. Spending the Bitcoins is possible only if someone has the private key to the address. The private key is encrypted in the wallet. If an attacker now has access to the private key, it doesn't matter how you encrypt the private key, since it already has been compromised! Makes sense? Any questions?

What extra level of security / protection does "Encrypt Wallet" feature has?
instacalm
Hero Member
*****
Offline Offline

Activity: 798
Merit: 500



View Profile
August 08, 2014, 04:42:02 PM
 #29

Let's say I encrypted my wallet with a password "123456" and I kept the same password for 2 months. I then somehow realized that my wallet is hacked, or I had a trojan/malware or some one might have my wallet.dat, I plan to change my password to "98765".

Lets say someone hacked my wallet before I changed the password, So what password is now effective? Is 123456 or 98765? Which password does he need to get the coins?

No password is 'in effect'. Spending the Bitcoins is possible only if someone has the private key to the address. The private key is encrypted in the wallet. If an attacker now has access to the private key, it doesn't matter how you encrypt the private key, since it already has been compromised! Makes sense? Any questions?

What extra level of security / protection does "Encrypt Wallet" has?

Well if somebody happens to compromise your wallet, there's an additional layer of security for encrypted wallets since one would need to know its password as well in order to be able to spend its funds.
BowieMan
Full Member
***
Offline Offline

Activity: 154
Merit: 100


Is there life on Mars?


View Profile
August 08, 2014, 04:42:14 PM
 #30

Let's say I encrypted my wallet with a password "123456" and I kept the same password for 2 months. I then somehow realized that my wallet is hacked, or I had a trojan/malware or some one might have my wallet.dat, I plan to change my password to "98765".

Lets say someone hacked my wallet before I changed the password, So what password is now effective? Is 123456 or 98765? Which password does he need to get the coins?

No password is 'in effect'. Spending the Bitcoins is possible only if someone has the private key to the address. The private key is encrypted in the wallet. If an attacker now has access to the private key, it doesn't matter how you encrypt the private key, since it already has been compromised! Makes sense? Any questions?

What extra level of security / protection does "Encrypt Wallet" feature has?

Well, if your wallet is encrypted, attackers can't get hold of your Bitcoins if they get your Wallet.dat for example. They'd still have to have your encryption password in order to get to steal the Bitcoins!

▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
PRIMEDICE
The Premier Bitcoin Gambling Experience @PrimeDice
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
rhkazani1 (OP)
Hero Member
*****
Offline Offline

Activity: 504
Merit: 500



View Profile
August 08, 2014, 04:43:49 PM
 #31

Let's say I encrypted my wallet with a password "123456" and I kept the same password for 2 months. I then somehow realized that my wallet is hacked, or I had a trojan/malware or some one might have my wallet.dat, I plan to change my password to "98765".

Lets say someone hacked my wallet before I changed the password, So what password is now effective? Is 123456 or 98765? Which password does he need to get the coins?

No password is 'in effect'. Spending the Bitcoins is possible only if someone has the private key to the address. The private key is encrypted in the wallet. If an attacker now has access to the private key, it doesn't matter how you encrypt the private key, since it already has been compromised! Makes sense? Any questions?

What extra level of security / protection does "Encrypt Wallet" has?

Well if somebody happens to compromise your wallet, there's an additional layer of security for encrypted wallets since one would need to know its password as well in order to be able to spend its funds.

"If one compromises an encrypted wallet, you can spend its funds right away" How could you spend right away if it is encrypted?
instacalm
Hero Member
*****
Offline Offline

Activity: 798
Merit: 500



View Profile
August 08, 2014, 04:44:53 PM
 #32

"If one compromises an encrypted wallet, you can spend its funds right away" How could you spend right away if it is encrypted?

that was a typo Wink
rhkazani1 (OP)
Hero Member
*****
Offline Offline

Activity: 504
Merit: 500



View Profile
August 08, 2014, 04:46:05 PM
 #33

"If one compromises an encrypted wallet, you can spend its funds right away" How could you spend right away if it is encrypted?

that was a typo Wink

lol, you scared the hell out of me, I was like I need to go to school again Tongue Thanks mate!
rhkazani1 (OP)
Hero Member
*****
Offline Offline

Activity: 504
Merit: 500



View Profile
August 08, 2014, 04:46:30 PM
 #34

Let's say I encrypted my wallet with a password "123456" and I kept the same password for 2 months. I then somehow realized that my wallet is hacked, or I had a trojan/malware or some one might have my wallet.dat, I plan to change my password to "98765".

Lets say someone hacked my wallet before I changed the password, So what password is now effective? Is 123456 or 98765? Which password does he need to get the coins?

No password is 'in effect'. Spending the Bitcoins is possible only if someone has the private key to the address. The private key is encrypted in the wallet. If an attacker now has access to the private key, it doesn't matter how you encrypt the private key, since it already has been compromised! Makes sense? Any questions?

What extra level of security / protection does "Encrypt Wallet" feature has?

Well, if your wallet is encrypted, attackers can't get hold of your Bitcoins if they get your Wallet.dat for example. They'd still have to have your encryption password in order to get to steal the Bitcoins!

Yup, perfect, thanks for the clarification.
BowieMan
Full Member
***
Offline Offline

Activity: 154
Merit: 100


Is there life on Mars?


View Profile
August 08, 2014, 04:46:38 PM
 #35

Let's say I encrypted my wallet with a password "123456" and I kept the same password for 2 months. I then somehow realized that my wallet is hacked, or I had a trojan/malware or some one might have my wallet.dat, I plan to change my password to "98765".

Lets say someone hacked my wallet before I changed the password, So what password is now effective? Is 123456 or 98765? Which password does he need to get the coins?

No password is 'in effect'. Spending the Bitcoins is possible only if someone has the private key to the address. The private key is encrypted in the wallet. If an attacker now has access to the private key, it doesn't matter how you encrypt the private key, since it already has been compromised! Makes sense? Any questions?

What extra level of security / protection does "Encrypt Wallet" has?

Well if somebody happens to compromise your wallet, there's an additional layer of security for encrypted wallets since one would need to know its password as well in order to be able to spend its funds.

"If one compromises an encrypted wallet, you can spend its funds right away" How could you spend right away if it is encrypted?

I think he meant "If someone got hold of your wallet". Because if that happens with an unencrypted wallet, the funds can be spend right away. But if there's still the encryption, they'd need to break that first!

▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
PRIMEDICE
The Premier Bitcoin Gambling Experience @PrimeDice
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
rhkazani1 (OP)
Hero Member
*****
Offline Offline

Activity: 504
Merit: 500



View Profile
August 08, 2014, 04:47:17 PM
 #36

Let's say I encrypted my wallet with a password "123456" and I kept the same password for 2 months. I then somehow realized that my wallet is hacked, or I had a trojan/malware or some one might have my wallet.dat, I plan to change my password to "98765".

Lets say someone hacked my wallet before I changed the password, So what password is now effective? Is 123456 or 98765? Which password does he need to get the coins?

No password is 'in effect'. Spending the Bitcoins is possible only if someone has the private key to the address. The private key is encrypted in the wallet. If an attacker now has access to the private key, it doesn't matter how you encrypt the private key, since it already has been compromised! Makes sense? Any questions?

What extra level of security / protection does "Encrypt Wallet" has?

Well if somebody happens to compromise your wallet, there's an additional layer of security for encrypted wallets since one would need to know its password as well in order to be able to spend its funds.

"If one compromises an encrypted wallet, you can spend its funds right away" How could you spend right away if it is encrypted?

I think he meant "If someone got hold of your wallet". Because if that happens with an unencrypted wallet, the funds can be spend right away. But if there's still the encryption, they'd need to break that first!

Correct,
Abdussamad
Legendary
*
Offline Offline

Activity: 3682
Merit: 1580



View Profile
August 08, 2014, 04:56:54 PM
 #37

No. If you want to secure the wallet, you should move its funds out into a new wallet asap. As stated earlier, locally changing the wallet's password from A to B does not secure the wallet if a stranger owns the wallet.dat file which was encrypted with password A and knows password A. If you change it to B, that has no effect on the compromised wallet.

What will the best way to move funds, rename old wallet.dat let the QT create a new one, generate a new address on the new wallet and then go back to old wallet transfer to new wallet?

Yes, except that you should set a password on the new wallet before you send the bitcoins over.
rhkazani1 (OP)
Hero Member
*****
Offline Offline

Activity: 504
Merit: 500



View Profile
August 08, 2014, 04:57:52 PM
 #38

No. If you want to secure the wallet, you should move its funds out into a new wallet asap. As stated earlier, locally changing the wallet's password from A to B does not secure the wallet if a stranger owns the wallet.dat file which was encrypted with password A and knows password A. If you change it to B, that has no effect on the compromised wallet.

What will the best way to move funds, rename old wallet.dat let the QT create a new one, generate a new address on the new wallet and then go back to old wallet transfer to new wallet?

Yes, except that you should set a password on the new wallet before you send the bitcoins over.

Alright, thanks, that was something new.
BowieMan
Full Member
***
Offline Offline

Activity: 154
Merit: 100


Is there life on Mars?


View Profile
August 08, 2014, 05:03:38 PM
 #39

No. If you want to secure the wallet, you should move its funds out into a new wallet asap. As stated earlier, locally changing the wallet's password from A to B does not secure the wallet if a stranger owns the wallet.dat file which was encrypted with password A and knows password A. If you change it to B, that has no effect on the compromised wallet.

What will the best way to move funds, rename old wallet.dat let the QT create a new one, generate a new address on the new wallet and then go back to old wallet transfer to new wallet?

Yes, except that you should set a password on the new wallet before you send the bitcoins over.

That actually isn't enough. If there really is malware on the computer, it could still get the unencrypted version of the wallet (which has all the keys) or intercetp the keyboard inouts via a keylogger! Every machine that's connected to the internet is at risk here.

▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
PRIMEDICE
The Premier Bitcoin Gambling Experience @PrimeDice
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
rhkazani1 (OP)
Hero Member
*****
Offline Offline

Activity: 504
Merit: 500



View Profile
August 08, 2014, 05:04:21 PM
 #40

No. If you want to secure the wallet, you should move its funds out into a new wallet asap. As stated earlier, locally changing the wallet's password from A to B does not secure the wallet if a stranger owns the wallet.dat file which was encrypted with password A and knows password A. If you change it to B, that has no effect on the compromised wallet.

What will the best way to move funds, rename old wallet.dat let the QT create a new one, generate a new address on the new wallet and then go back to old wallet transfer to new wallet?

Yes, except that you should set a password on the new wallet before you send the bitcoins over.

That actually isn't enough. If there really is malware on the computer, it could still get the unencrypted version of the wallet (which has all the keys) or intercetp the keyboard inouts via a keylogger! Every machine that's connected to the internet is at risk here.

True!
Pages: « 1 [2] 3 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!