Bitcoin Wallet Security Best Practices

[101111]

http://www.cryptocoinsnews.com/news/bitcoin-wallet-security-best-practices/2014/08/21

Some of you might find this article useful.

[Hashforfun]

Offline wallet for larger money, using paid antivirus, being aware of phising attempts and using  2 step authentication are the ones I use:)

[Kprawn]

What AV are you using? { I just do not trust these free AV programs } Makes you feel secure, but it's lacking all the best features.

Go for the premium packages, and have some peace of mind. If you take the cost, and divide that by 12, it's very little money per month.

Best protection, for me, is to keep the BTC offline, and to keep only enough BTC online to buy some coffee etc. every day. 

[odolvlobo]

Unfortunately, the most important steps are listed near the bottom. The most important steps are to encrypt your wallet and to back it up. Both should be done before any bitcoins are sent to it.

[bornil267645]

wallet encryption is the most significant option.

[LeMiner]

You're all thinking way too difficult about spreading out everything between online web wallets, online PC wallets and offline wallets or even brain wallets. Take 2 laptops, clean install of Ubuntu, full disk encryption with complicated long pass-phrase.

Apply security patches and harden the OS. Install armory.

First laptop will NEVER connect to the internet again (take a laptop with a hardware WIFI switch). Create an offline wallet on the offline laptop. Send bitcoins in whatever illogical small amount per address (0.9, 0.35, never more than 5btc per address). Setup a multiple offline paper wallet backup. Distribute fragments of offline wallet to people that you trust (people should not know about each others fragments for extra security)(in case you die for heritage means). Have a USB stick digital backup of wallet.dat fully encrypted multiple times for yourself in case of hard drive failure.

Second laptop will ONLY be used to sync the blockchain THROUGH TOR and to create a watch only address.



Have a normal PC (windows/whatever) for separate hot wallet (multibit/electrum/whatever). Send signed transactions from offline PC THROUGH online watch only laptop to Hot wallet.

There u have it, perfect security. Feel free to ask any questions.


edit: Good article on basic security tough.

[varChar]

I got an online computer, but I never use it to more then bitcoin transactions and storage.
When I need to send or receive anything I take an usb and transfer the address between my regular computer and my 'bitcoin-computer'.

I know this isn't the best solution. BUT I bought my bitcoin computer only to have it as a cold storage computer, and to verify transactions. But my other computer ran out of space on the ssd when I started to download the blockchain.

So my only solution is to buy another computer with a HD > 300gb so I can have that as an online computer with a watch-only wallet. Or change HD on my computer, but that computer is a work computer. So I will need some space, and a SSD. So 400 gig ssd will due nearly enough.

Any idea what I should do? Actually this solution feels safe, but it isn't 100% secure. I know that
Perhaps it's wurth to buy a theird. And always cary 2 computers when Im traveling in work. My work computer and the one that I will buy. And have two wallets on that one. One watch only and one that is 'hot'.
Because I still want to make payments with bitcoin when Im in work.

And in that case I will ofc reinstall windows/ubuntu and create a new wallet.

[LeMiner]

I got an online computer, but I never use it to more then bitcoin transactions and storage.
When I need to send or receive anything I take an usb and transfer the address between my regular computer and my 'bitcoin-computer'.

I know this isn't the best solution. BUT I bought my bitcoin computer only to have it as a cold storage computer, and to verify transactions. But my other computer ran out of space on the ssd when I started to download the blockchain.

So my only solution is to buy another computer with a HD > 300gb so I can have that as an online computer with a watch-only wallet. Or change HD on my computer, but that computer is a work computer. So I will need some space, and a SSD. So 400 gig ssd will due nearly enough.

Any idea what I should do? Actually this solution feels safe, but it isn't 100% secure. I know that
Perhaps it's wurth to buy a theird. And always cary 2 computers when Im traveling in work. My work computer and the one that I will buy. And have two wallets on that one. One watch only and one that is 'hot'.
Because I still want to make payments with bitcoin when Im in work.

And in that case I will ofc reinstall windows/ubuntu and create a new wallet.

Have enough coins in your hot wallet to be covered during work (multibit/electrum("light wallet" doesn't take space) and leave the cold offline PC at home. Upgrade work PC to support a full watch address just case you do need to make a transfer or simply broadcast transactions made by the offline pc through blockchain! Objective is to use the offline laptop as little as possible.

edit: You could even leave a signed transaction to your "hot" wallet  from the offline wallet on a usb stick.... Broadcast when you need more coins on your hot wallet. That way only one laptop needed instead of carrying around 2 laptops everywhere.

[itsAj]

I got an online computer, but I never use it to more then bitcoin transactions and storage.
When I need to send or receive anything I take an usb and transfer the address between my regular computer and my 'bitcoin-computer'.

I know this isn't the best solution. BUT I bought my bitcoin computer only to have it as a cold storage computer, and to verify transactions. But my other computer ran out of space on the ssd when I started to download the blockchain.

So my only solution is to buy another computer with a HD > 300gb so I can have that as an online computer with a watch-only wallet. Or change HD on my computer, but that computer is a work computer. So I will need some space, and a SSD. So 400 gig ssd will due nearly enough.

Any idea what I should do? Actually this solution feels safe, but it isn't 100% secure. I know that
Perhaps it's wurth to buy a theird. And always cary 2 computers when Im traveling in work. My work computer and the one that I will buy. And have two wallets on that one. One watch only and one that is 'hot'.
Because I still want to make payments with bitcoin when Im in work.

And in that case I will ofc reinstall windows/ubuntu and create a new wallet.

Have enough coins in your hot wallet to be covered during work (multibit/electrum("light wallet" doesn't take space) and leave the cold offline PC at home. Upgrade work PC to support a full watch address just case you do need to make a transfer or simply broadcast transactions made by the offline pc through blockchain! Objective is to use the offline laptop as little as possible.

edit: You could even leave a signed transaction to your "hot" wallet  from the offline wallet on a usb stick.... Broadcast when you need more coins on your hot wallet. That way only one laptop needed instead of carrying around 2 laptops everywhere.

I don't think most people conduct enough bitcoin related business so that this would be necessary. I think the majority of people who have enough coins to need a cold wallet would very rarely need to have BTC transferred out of their cold wallet.

The only kinds of people who have an actual need to be transferring between cold and hot wallets often are people who conduct serious amounts of business, but even then they should manage their hot wallet so that it rarely gets to the point that it needs to be replenished. 

[moriartybitcoin]

Do NOT download files, for one.  Keep your Bitcoin OFFLINE, for another. 

I actually have a separate computer that I use just for my Bitcoin and altcoin wallets.  It is NEVER exposed to the internet, period.

[wordman267645]

Yes that's an useful article..wallet encryption is the most important steps.

[Bitbirdhunt]

Thanks for the article. I personally use malwarebytes-antimalware, its quite effective in eradicating malware

[BitcoinBadger]

Keyscrambler is a great software which encrypts keystrokes so keyloggers will log only encrypted text. Use that too.

[LeMiner]

I got an online computer, but I never use it to more then bitcoin transactions and storage.
When I need to send or receive anything I take an usb and transfer the address between my regular computer and my 'bitcoin-computer'.

I know this isn't the best solution. BUT I bought my bitcoin computer only to have it as a cold storage computer, and to verify transactions. But my other computer ran out of space on the ssd when I started to download the blockchain.

So my only solution is to buy another computer with a HD > 300gb so I can have that as an online computer with a watch-only wallet. Or change HD on my computer, but that computer is a work computer. So I will need some space, and a SSD. So 400 gig ssd will due nearly enough.

Any idea what I should do? Actually this solution feels safe, but it isn't 100% secure. I know that
Perhaps it's wurth to buy a theird. And always cary 2 computers when Im traveling in work. My work computer and the one that I will buy. And have two wallets on that one. One watch only and one that is 'hot'.
Because I still want to make payments with bitcoin when Im in work.

And in that case I will ofc reinstall windows/ubuntu and create a new wallet.

Have enough coins in your hot wallet to be covered during work (multibit/electrum("light wallet" doesn't take space) and leave the cold offline PC at home. Upgrade work PC to support a full watch address just case you do need to make a transfer or simply broadcast transactions made by the offline pc through blockchain! Objective is to use the offline laptop as little as possible.

edit: You could even leave a signed transaction to your "hot" wallet  from the offline wallet on a usb stick.... Broadcast when you need more coins on your hot wallet. That way only one laptop needed instead of carrying around 2 laptops everywhere.

I don't think most people conduct enough bitcoin related business so that this would be necessary. I think the majority of people who have enough coins to need a cold wallet would very rarely need to have BTC transferred out of their cold wallet.

The only kinds of people who have an actual need to be transferring between cold and hot wallets often are people who conduct serious amounts of business, but even then they should manage their hot wallet so that it rarely gets to the point that it needs to be replenished. 

He made it sound like he had to switch a lot, which is why I suggested that solution . I almost never touch my cold wallet.

[CreamyPie]

In addition to the article, people should use a good paid antivirus like eset nod32. Works like a virus-hammer.

~Happy customer of eset

Overall thanks for the share.

[MoonRise]

Using offline wallet, paper wallet is best practice according to me. Hassle free. Secured and safe. No risk of theft.

[itsAj]

I got an online computer, but I never use it to more then bitcoin transactions and storage.
When I need to send or receive anything I take an usb and transfer the address between my regular computer and my 'bitcoin-computer'.

I know this isn't the best solution. BUT I bought my bitcoin computer only to have it as a cold storage computer, and to verify transactions. But my other computer ran out of space on the ssd when I started to download the blockchain.

So my only solution is to buy another computer with a HD > 300gb so I can have that as an online computer with a watch-only wallet. Or change HD on my computer, but that computer is a work computer. So I will need some space, and a SSD. So 400 gig ssd will due nearly enough.

Any idea what I should do? Actually this solution feels safe, but it isn't 100% secure. I know that
Perhaps it's wurth to buy a theird. And always cary 2 computers when Im traveling in work. My work computer and the one that I will buy. And have two wallets on that one. One watch only and one that is 'hot'.
Because I still want to make payments with bitcoin when Im in work.

And in that case I will ofc reinstall windows/ubuntu and create a new wallet.

Have enough coins in your hot wallet to be covered during work (multibit/electrum("light wallet" doesn't take space) and leave the cold offline PC at home. Upgrade work PC to support a full watch address just case you do need to make a transfer or simply broadcast transactions made by the offline pc through blockchain! Objective is to use the offline laptop as little as possible.

edit: You could even leave a signed transaction to your "hot" wallet  from the offline wallet on a usb stick.... Broadcast when you need more coins on your hot wallet. That way only one laptop needed instead of carrying around 2 laptops everywhere.

I don't think most people conduct enough bitcoin related business so that this would be necessary. I think the majority of people who have enough coins to need a cold wallet would very rarely need to have BTC transferred out of their cold wallet.

The only kinds of people who have an actual need to be transferring between cold and hot wallets often are people who conduct serious amounts of business, but even then they should manage their hot wallet so that it rarely gets to the point that it needs to be replenished. 

He made it sound like he had to switch a lot, which is why I suggested that solution . I almost never touch my cold wallet.

Well I think he is doing something wrong if he needs to move funds between cold and hot wallet that often. If you are doing that then you will run the risk of potentially making a copy/past error and sending BTC to an incorrect address or otherwise compromising your cold wallet.

[Wealthy]

Thanks for the share.

Offline wallet for lumpsum amounts and online wallet for max 1-2 BTC is what I prefer.