|
rhkazani1 (OP)
|
 |
August 08, 2014, 04:33:09 PM |
|
No. If you want to secure the wallet, you should move its funds out into a new wallet asap. As stated earlier, locally changing the wallet's password from A to B does not secure the wallet if a stranger owns the wallet.dat file which was encrypted with password A and knows password A. If you change it to B, that has no effect on the compromised wallet.
What will the best way to move funds, rename old wallet.dat let the QT create a new one, generate a new address on the new wallet and then go back to old wallet transfer to new wallet? |
|
|
|
|
Amph
Legendary
 Offline
Activity: 3248
Merit: 1070
|
|
August 08, 2014, 04:33:14 PM |
|
No. If you want to secure the wallet, you should move its funds out into a new wallet asap. As stated earlier, locally changing the wallet's password from A to B does not secure the wallet if a stranger owns the wallet.dat file which was encrypted with password A and knows password A. If you change it to B, that has no effect on the compromised wallet.
This is exactly what i thought, but you guys have spent more time on it, so wanted a clarification. Thanks. he said "and knows password A", my case talk about the contrary, he don't know the password |
|
|
|
|
|
rhkazani1 (OP)
|
|
August 08, 2014, 04:36:02 PM |
|
No. If you want to secure the wallet, you should move its funds out into a new wallet asap. As stated earlier, locally changing the wallet's password from A to B does not secure the wallet if a stranger owns the wallet.dat file which was encrypted with password A and knows password A. If you change it to B, that has no effect on the compromised wallet.
This is exactly what i thought, but you guys have spent more time on it, so wanted a clarification. Thanks. he said "and knows password A", my case talk about the contrary, he don't know the password The point is wallet password is stored locally, so if you have my point in time wallet.dat copy with password 123456, now matter if i change 10 password you have the wallet.dat with password 123456. |
|
|
|
|
|
instacalm
|
|
August 08, 2014, 04:37:26 PM |
|
No. If you want to secure the wallet, you should move its funds out into a new wallet asap. As stated earlier, locally changing the wallet's password from A to B does not secure the wallet if a stranger owns the wallet.dat file which was encrypted with password A and knows password A. If you change it to B, that has no effect on the compromised wallet.
What will the best way to move funds, rename old wallet.dat let the QT create a new one, generate a new address on the new wallet and then go back to old wallet transfer to new wallet? Yes, that would be a way. Or send it to an exchange and then to an address of your new wallet. |
|
|
|
|
|
rhkazani1 (OP)
|
|
August 08, 2014, 04:37:54 PM |
|
No. If you want to secure the wallet, you should move its funds out into a new wallet asap. As stated earlier, locally changing the wallet's password from A to B does not secure the wallet if a stranger owns the wallet.dat file which was encrypted with password A and knows password A. If you change it to B, that has no effect on the compromised wallet.
What will the best way to move funds, rename old wallet.dat let the QT create a new one, generate a new address on the new wallet and then go back to old wallet transfer to new wallet? Yes, that would be a way. Or send it to an exchange and then to an address of your new wallet. Got it, thanks. |
|
|
|
|
Amph
Legendary
Offline
Activity: 3248
Merit: 1070
|
|
August 08, 2014, 04:37:59 PM |
|
No. If you want to secure the wallet, you should move its funds out into a new wallet asap. As stated earlier, locally changing the wallet's password from A to B does not secure the wallet if a stranger owns the wallet.dat file which was encrypted with password A and knows password A. If you change it to B, that has no effect on the compromised wallet.
This is exactly what i thought, but you guys have spent more time on it, so wanted a clarification. Thanks. he said "and knows password A", my case talk about the contrary, he don't know the password The point is wallet password is stored locally, so if you have my point in time wallet.dat copy with password 123456, now matter if i change 10 password you have the wallet.dat with password 123456. it should work like an account, if someone steal my aka(and he don't change the pass) then if i change it he can't access anymore of i forgot that we are talking about a decentralized thing..yeah it makes sense |
|
|
|
|
BowieMan
Full Member
Offline
Activity: 154
Merit: 100
Is there life on Mars?
|
|
August 08, 2014, 04:38:16 PM |
|
Let's say I encrypted my wallet with a password "123456" and I kept the same password for 2 months. I then somehow realized that my wallet is hacked, or I had a trojan/malware or some one might have my wallet.dat, I plan to change my password to "98765".
Lets say someone hacked my wallet before I changed the password, So what password is now effective? Is 123456 or 98765? Which password does he need to get the coins?
No password is 'in effect'. Spending the Bitcoins is possible only if someone has the private key to the address. The private key is encrypted in the wallet. If an attacker now has access to the private key, it doesn't matter how you encrypt the private key, since it already has been compromised! Makes sense? Any questions? |
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
PRIMEDICE The Premier Bitcoin Gambling Experience @PrimeDice
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
|
|
|
|
rhkazani1 (OP)
|
|
August 08, 2014, 04:40:19 PM |
|
Let's say I encrypted my wallet with a password "123456" and I kept the same password for 2 months. I then somehow realized that my wallet is hacked, or I had a trojan/malware or some one might have my wallet.dat, I plan to change my password to "98765".
Lets say someone hacked my wallet before I changed the password, So what password is now effective? Is 123456 or 98765? Which password does he need to get the coins?
No password is 'in effect'. Spending the Bitcoins is possible only if someone has the private key to the address. The private key is encrypted in the wallet. If an attacker now has access to the private key, it doesn't matter how you encrypt the private key, since it already has been compromised! Makes sense? Any questions? What extra level of security / protection does "Encrypt Wallet" feature has? |
|
|
|
|
|
instacalm
|
|
August 08, 2014, 04:42:02 PM |
|
Let's say I encrypted my wallet with a password "123456" and I kept the same password for 2 months. I then somehow realized that my wallet is hacked, or I had a trojan/malware or some one might have my wallet.dat, I plan to change my password to "98765".
Lets say someone hacked my wallet before I changed the password, So what password is now effective? Is 123456 or 98765? Which password does he need to get the coins?
No password is 'in effect'. Spending the Bitcoins is possible only if someone has the private key to the address. The private key is encrypted in the wallet. If an attacker now has access to the private key, it doesn't matter how you encrypt the private key, since it already has been compromised! Makes sense? Any questions? What extra level of security / protection does "Encrypt Wallet" has? Well if somebody happens to compromise your wallet, there's an additional layer of security for encrypted wallets since one would need to know its password as well in order to be able to spend its funds. |
|
|
|
|
BowieMan
Full Member
Offline
Activity: 154
Merit: 100
Is there life on Mars?
|
|
August 08, 2014, 04:42:14 PM |
|
Let's say I encrypted my wallet with a password "123456" and I kept the same password for 2 months. I then somehow realized that my wallet is hacked, or I had a trojan/malware or some one might have my wallet.dat, I plan to change my password to "98765".
Lets say someone hacked my wallet before I changed the password, So what password is now effective? Is 123456 or 98765? Which password does he need to get the coins?
No password is 'in effect'. Spending the Bitcoins is possible only if someone has the private key to the address. The private key is encrypted in the wallet. If an attacker now has access to the private key, it doesn't matter how you encrypt the private key, since it already has been compromised! Makes sense? Any questions? What extra level of security / protection does "Encrypt Wallet" feature has? Well, if your wallet is encrypted, attackers can't get hold of your Bitcoins if they get your Wallet.dat for example. They'd still have to have your encryption password in order to get to steal the Bitcoins! |
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
PRIMEDICE The Premier Bitcoin Gambling Experience @PrimeDice
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
|
|
|
|
rhkazani1 (OP)
|
|
August 08, 2014, 04:43:49 PM |
|
Let's say I encrypted my wallet with a password "123456" and I kept the same password for 2 months. I then somehow realized that my wallet is hacked, or I had a trojan/malware or some one might have my wallet.dat, I plan to change my password to "98765".
Lets say someone hacked my wallet before I changed the password, So what password is now effective? Is 123456 or 98765? Which password does he need to get the coins?
No password is 'in effect'. Spending the Bitcoins is possible only if someone has the private key to the address. The private key is encrypted in the wallet. If an attacker now has access to the private key, it doesn't matter how you encrypt the private key, since it already has been compromised! Makes sense? Any questions? What extra level of security / protection does "Encrypt Wallet" has? Well if somebody happens to compromise your wallet, there's an additional layer of security for encrypted wallets since one would need to know its password as well in order to be able to spend its funds. "If one compromises an encrypted wallet, you can spend its funds right away" How could you spend right away if it is encrypted? |
|
|
|
|
|
instacalm
|
|
August 08, 2014, 04:44:53 PM |
|
"If one compromises an encrypted wallet, you can spend its funds right away" How could you spend right away if it is encrypted?
that was a typo  |
|
|
|
|
|
rhkazani1 (OP)
|
|
August 08, 2014, 04:46:05 PM |
|
"If one compromises an encrypted wallet, you can spend its funds right away" How could you spend right away if it is encrypted?
that was a typo lol, you scared the hell out of me, I was like I need to go to school again  Thanks mate! |
|
|
|
|
|
rhkazani1 (OP)
|
|
August 08, 2014, 04:46:30 PM |
|
Let's say I encrypted my wallet with a password "123456" and I kept the same password for 2 months. I then somehow realized that my wallet is hacked, or I had a trojan/malware or some one might have my wallet.dat, I plan to change my password to "98765".
Lets say someone hacked my wallet before I changed the password, So what password is now effective? Is 123456 or 98765? Which password does he need to get the coins?
No password is 'in effect'. Spending the Bitcoins is possible only if someone has the private key to the address. The private key is encrypted in the wallet. If an attacker now has access to the private key, it doesn't matter how you encrypt the private key, since it already has been compromised! Makes sense? Any questions? What extra level of security / protection does "Encrypt Wallet" feature has? Well, if your wallet is encrypted, attackers can't get hold of your Bitcoins if they get your Wallet.dat for example. They'd still have to have your encryption password in order to get to steal the Bitcoins! Yup, perfect, thanks for the clarification. |
|
|
|
|
BowieMan
Full Member
Offline
Activity: 154
Merit: 100
Is there life on Mars?
|
|
August 08, 2014, 04:46:38 PM |
|
Let's say I encrypted my wallet with a password "123456" and I kept the same password for 2 months. I then somehow realized that my wallet is hacked, or I had a trojan/malware or some one might have my wallet.dat, I plan to change my password to "98765".
Lets say someone hacked my wallet before I changed the password, So what password is now effective? Is 123456 or 98765? Which password does he need to get the coins?
No password is 'in effect'. Spending the Bitcoins is possible only if someone has the private key to the address. The private key is encrypted in the wallet. If an attacker now has access to the private key, it doesn't matter how you encrypt the private key, since it already has been compromised! Makes sense? Any questions? What extra level of security / protection does "Encrypt Wallet" has? Well if somebody happens to compromise your wallet, there's an additional layer of security for encrypted wallets since one would need to know its password as well in order to be able to spend its funds. "If one compromises an encrypted wallet, you can spend its funds right away" How could you spend right away if it is encrypted? I think he meant "If someone got hold of your wallet". Because if that happens with an unencrypted wallet, the funds can be spend right away. But if there's still the encryption, they'd need to break that first! |
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
PRIMEDICE The Premier Bitcoin Gambling Experience @PrimeDice
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
|
|
|
|
rhkazani1 (OP)
|
|
August 08, 2014, 04:47:17 PM |
|
Let's say I encrypted my wallet with a password "123456" and I kept the same password for 2 months. I then somehow realized that my wallet is hacked, or I had a trojan/malware or some one might have my wallet.dat, I plan to change my password to "98765".
Lets say someone hacked my wallet before I changed the password, So what password is now effective? Is 123456 or 98765? Which password does he need to get the coins?
No password is 'in effect'. Spending the Bitcoins is possible only if someone has the private key to the address. The private key is encrypted in the wallet. If an attacker now has access to the private key, it doesn't matter how you encrypt the private key, since it already has been compromised! Makes sense? Any questions? What extra level of security / protection does "Encrypt Wallet" has? Well if somebody happens to compromise your wallet, there's an additional layer of security for encrypted wallets since one would need to know its password as well in order to be able to spend its funds. "If one compromises an encrypted wallet, you can spend its funds right away" How could you spend right away if it is encrypted? I think he meant "If someone got hold of your wallet". Because if that happens with an unencrypted wallet, the funds can be spend right away. But if there's still the encryption, they'd need to break that first! Correct, |
|
|
|
|
Abdussamad
Legendary
Offline
Activity: 3682
Merit: 1580
|
|
August 08, 2014, 04:56:54 PM |
|
No. If you want to secure the wallet, you should move its funds out into a new wallet asap. As stated earlier, locally changing the wallet's password from A to B does not secure the wallet if a stranger owns the wallet.dat file which was encrypted with password A and knows password A. If you change it to B, that has no effect on the compromised wallet.
What will the best way to move funds, rename old wallet.dat let the QT create a new one, generate a new address on the new wallet and then go back to old wallet transfer to new wallet? Yes, except that you should set a password on the new wallet before you send the bitcoins over. |
|
|
|
|
|
rhkazani1 (OP)
|
|
August 08, 2014, 04:57:52 PM |
|
No. If you want to secure the wallet, you should move its funds out into a new wallet asap. As stated earlier, locally changing the wallet's password from A to B does not secure the wallet if a stranger owns the wallet.dat file which was encrypted with password A and knows password A. If you change it to B, that has no effect on the compromised wallet.
What will the best way to move funds, rename old wallet.dat let the QT create a new one, generate a new address on the new wallet and then go back to old wallet transfer to new wallet? Yes, except that you should set a password on the new wallet before you send the bitcoins over. Alright, thanks, that was something new. |
|
|
|
|
BowieMan
Full Member
Offline
Activity: 154
Merit: 100
Is there life on Mars?
|
|
August 08, 2014, 05:03:38 PM |
|
No. If you want to secure the wallet, you should move its funds out into a new wallet asap. As stated earlier, locally changing the wallet's password from A to B does not secure the wallet if a stranger owns the wallet.dat file which was encrypted with password A and knows password A. If you change it to B, that has no effect on the compromised wallet.
What will the best way to move funds, rename old wallet.dat let the QT create a new one, generate a new address on the new wallet and then go back to old wallet transfer to new wallet? Yes, except that you should set a password on the new wallet before you send the bitcoins over. That actually isn't enough. If there really is malware on the computer, it could still get the unencrypted version of the wallet (which has all the keys) or intercetp the keyboard inouts via a keylogger! Every machine that's connected to the internet is at risk here. |
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
PRIMEDICE The Premier Bitcoin Gambling Experience @PrimeDice
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
|
|
|
|
rhkazani1 (OP)
|
|
August 08, 2014, 05:04:21 PM |
|
No. If you want to secure the wallet, you should move its funds out into a new wallet asap. As stated earlier, locally changing the wallet's password from A to B does not secure the wallet if a stranger owns the wallet.dat file which was encrypted with password A and knows password A. If you change it to B, that has no effect on the compromised wallet.
What will the best way to move funds, rename old wallet.dat let the QT create a new one, generate a new address on the new wallet and then go back to old wallet transfer to new wallet? Yes, except that you should set a password on the new wallet before you send the bitcoins over. That actually isn't enough. If there really is malware on the computer, it could still get the unencrypted version of the wallet (which has all the keys) or intercetp the keyboard inouts via a keylogger! Every machine that's connected to the internet is at risk here. True! |
|
|
|
|
|
