Bitcoin Forum
December 04, 2016, 08:19:51 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 [3]  All
  Print  
Author Topic: what is the "scratch"? it's FUD or truth?  (Read 3771 times)
rjk
Sr. Member
****
Offline Offline

Activity: 420


1ngldh


View Profile
March 27, 2012, 02:22:26 PM
 #41

Brainstorm:

If the user have zero in his wallet, do not warn that it doesnt have password.

If the user have X amount advice the user to chose a long password they will never forget.
And some advice on how to chose such a password.

If the user have Huge amount of Bitcoins give warnings to encrypt right away?

Question is, what is considered huge and for one user 5 Btc can be much, for another 500 is much.
That's pretty much what I proposed in post 33 up above. ^^

Although I didn't mention the advice on choosing a good password. A strength meter and a reminder to REMEMBER THE DAMN PASSWORD would be appropriate.

Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1480839591
Hero Member
*
Offline Offline

Posts: 1480839591

View Profile Personal Message (Offline)

Ignore
1480839591
Reply with quote  #2

1480839591
Report to moderator
triplehelix
Member
**
Offline Offline

Activity: 84



View Profile
March 27, 2012, 06:09:29 PM
 #42

i don't think i have the most correct answer.  i just think that security isn't as hardened as it could be, and there is at least one area where it could be relatively easily strengthened, and an open discussion would probably be beneficial.
You mean like:

https://bitcointalk.org/index.php?topic=34562.0
  or
https://bitcointalk.org/index.php?topic=19080.80
  or
http://gavinthink.blogspot.com/2011/06/why-arent-bitcoin-wallets-encrypted.html
  or
https://bitcointalk.org/index.php?topic=2574.0

It has been a while since I wrote a "State of Bitcoin Development" update (too busy...), but wallet security was my second priority, behind network stability, the last time I did one. It is still right at the top of my priority list.

would have been really cool if your first post told me the discussion is ongoing, and gave me those links.  your a spokesman for bitcoin.  i know how easy it is to get frustrated and take things personal, but nobody benefits from that kind of reaction.
Syke
Legendary
*
Offline Offline

Activity: 2086


View Profile
March 28, 2012, 06:47:19 AM
 #43

i think the general population is very much used to entering passwords and remembering them for their bank account, their utility providers, email, netflix, facebook, etc.  i also don't think entering a password is more difficult or off putting than waiting for the blockchain to download.

Because for every one of those examples a password recovery option is available. People use password recoveries all the time. There is no password recovery for an encrypted wallet. Encrypted wallets by default would be a disaster.

Buy & Hold
DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218


Gerald Davis


View Profile
March 28, 2012, 01:45:02 PM
 #44

Because for every one of those examples a password recovery option is available. People use password recoveries all the time. There is no password recovery for an encrypted wallet. Encrypted wallets by default would be a disaster.

Worse many "casual" users may be confused by the very concept of irrecoverable password.  Since almost no services exist that have irrecoverable passwords casual users likely need an education.  

I would imagine enabling encryption on the 1.0 client would need to be pretty comprehensive.   Something more like a wizard explaining that losing password means a complete and irrecoverable loss of funds and that there is no "forgot password" option.  

It would also be good to:
* compare the user's password against a known password list ("your attempted password is already known to attackers please try another one")
* give the user a password strength meter with practical strengths ("your password can be guessed in less than 4 days by an attacker with a single computer"
* providing a "print out page" for safe keeping (with warnings like store this in a safe, all your funds can be stolen is this document is lost)

It would also be a good idea to provide "popup" warnings with frequency and intrusiveness directly related to the balance.

Gavin is absolutely correct in pointing out Bitcoin is 0.x.  It is 0.x for a reason. 
Dusty
Hero Member
*****
Offline Offline

Activity: 722


Libertas a calumnia


View Profile WWW
March 28, 2012, 02:02:30 PM
 #45

Since almost no services exist that have irrecoverable passwords casual users likely need an education.
Nothing educates better than losing a bunch of money  Wink

Articoli bitcoin: Il portico dipinto
MaxSan
Sr. Member
****
Offline Offline

Activity: 368


View Profile
March 28, 2012, 02:24:16 PM
 #46

Since almost no services exist that have irrecoverable passwords casual users likely need an education.
Nothing educates better than losing a bunch of money  Wink

Never herd more true words, but sadly any new regulars to bitcoin would be considerably disheartened if they lost a whack of funds, even if it was through their own stupidity.
cbeast
Donator
Legendary
*
Offline Offline

Activity: 1722

Let's talk governance, lipstick, and pigs.


View Profile
March 28, 2012, 02:30:01 PM
 #47

I would like to see a physical Bitcoin only option available someday. A client that only works via scanning a barcode or OCR that manages the physical wallets would eliminate the fear of electrons vaporizing due to forgetting a pw.

Any significantly advanced cryptocurrency is indistinguishable from Ponzi Tulips.
Pages: « 1 2 [3]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!