|
August 29, 2014, 10:52:52 AM |
|
As I see it there are two options to consider here.
Firstly, if multiple users should have access to the funds (e.g. a company) then you should be using lockboxes, which will require multiple instances of Armory installed on independent devices, where all (or some) of the devices are each required to sign each transaction to make it valid. Each instance of Armory will have its own (single) paper backup, which should not of course be kept together with the other backups (e.g. don't keep all in a single company safe). This method gets its security from having the keys required to sign the transaction in separate physical locations, with the corresponding backups also physically separated.
Next you have the "basic" 'single user' setup. A single Armory wallet is setup on a secure computer. Here, (provided the computer is secure) the backup style should provide some security for the single user: a 'm-of-n' backup should be used. Here you can choose for example 3-of-5 which will let you store 5 paper backup sheets in separate (secure!) physical locations, even letting you store them with friends or family without running the risk of them re-generating your keys unless they collude against you. Even collusion can be mitigated by choosing friends or locations which are not aware of each other. Perhaps in this setup it would be prudent to store a 'single' paper backup which you can access in an extremely secure location in case of emergencies with separated friends (strongly encrypted digital backup on dropbox or similar might suffice here).
"Advanced" 'single user' setup. Here is basically the same as above, however the Armory wallet is generated on a fresh install of Linux running on an 'offline' machine which will never again connect to a network (network cards removed, disable in BIOS or similar). Wallet backups should be distributed as above in the "basic" setup. An online machine will have Armory installed and a watching-only version of the offline wallet imported. To send transactions they can be generated on the online machine and transferred to the offline machine for signing via USB (or similar, even including hand typing for the super paranoid), being returned to the online machine for verification and transmission to the network.
Having re-read your question after typing all this I hope you don't simply mean keeping your coins in multiple wallets in a single instance of Armory rather than a single wallet, as this will provide no additional security to you (unless the backups are separate and somebody finds one).
|