Bitcoin Forum
November 19, 2017, 07:02:34 AM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 »  All
  Print  
Author Topic: Blockchain.info  (Read 1998 times)
LFC_Bitcoin
Legendary
*
Offline Offline

Activity: 1162


★777Coin.com★ Fun BTC Casino!


View Profile
September 24, 2014, 04:25:04 PM
 #1

How secure are my coins in the blockchain.info wallet?

I don't like the bitcoin.org official system, I don't trust my laptop even though it's fairly new.

I'm planning to be a long term hoarder so I need my wallet to be 100% trustworthy without worrying about some kind of website collapse.

I'm not a tech wizard so don't understand paper wallets, scanning etc.

1511074954
Hero Member
*
Offline Offline

Posts: 1511074954

View Profile Personal Message (Offline)

Ignore
1511074954
Reply with quote  #2

1511074954
Report to moderator
Join ICO Now A blockchain platform for effective freelancing
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
hilariousandco
Global Moderator
Legendary
*
Offline Offline

Activity: 1470


How does one bitcoin?


View Profile WWW
September 24, 2014, 04:29:54 PM
 #2

It's only as safe as you are. Set up all - and I mean all - the security features and you'll be fine. 2-factor authentication can keep your coins very safe so that is the bare minimum I'd recommend and it can actually keep your coins safer than a desktop wallet. Make sure to keep a back-up of your wallet.dat stored offline though too.

Supercrypt
Legendary
*
Offline Offline

Activity: 1092


View Profile
September 24, 2014, 04:31:13 PM
 #3

you don't have to worry
your coins are safe with blockchain.info
btchris
Hero Member
*****
Offline Offline

Activity: 672

a.k.a. gurnec on GitHub


View Profile WWW
September 24, 2014, 04:44:42 PM
 #4

How secure are my coins in the blockchain.info wallet?

There are several different ways you could lose bitcoin stored at blockchain.info.

  • 1- Hackers break into blockchain.info's servers, steal your encrypted wallet, and then brute-force the password (if the password isn't strong enough).
  • 2- Hackers break into blockchain.info's servers, steal your encrypted wallet, and replace the website with a look-alike which then steals your password. This type of password-stealing attack would eventually be detected, but it's impossible to guess how long it would go undetected. You would be vulnerable if you log into your wallet while the attack was still undetected.
  • 3- An insider at blockchain.info executes the attack described above. Also as above, the attack would eventually be detected.
  • 4- A piece of malware finds it's way onto your PC which targets blockchain.info. The next time you log into blockchain.info (even if you've enabled 2FA), the malware can steal your bitcoin.
  • 5- You do not maintain backups of your blockchain.info wallets, and blockchain.info loses your wallet or closes up shop. By maintain, I mean that you need to back up your wallet after each new receiving address is created.

It's impossible to estimate the likelihood of any of the above happening... are there one or more of the above that particularly concern you?

I don't like the bitcoin.org official system, I don't trust my laptop even though it's fairly new.

Can you be more specific? Is it that Bitcoin Core is too resource-heavy? Are you talking about malware? Something else?

I'm planning to be a long term hoarder so I need my wallet to be 100% trustworthy without worrying about some kind of website collapse.

The only wallets which approach 100% trustworthiness are cold storage wallets and hardware wallets. If you're (like me) unwilling to deal with the inconvenience or cost of these solutions, you'll need to make some compromises...
btchris
Hero Member
*****
Offline Offline

Activity: 672

a.k.a. gurnec on GitHub


View Profile WWW
September 24, 2014, 04:56:27 PM
 #5

It's only as safe as you are. Set up all - and I mean all - the security features and you'll be fine. 2-factor authentication can keep your coins very safe so that is the bare minimum I'd recommend and it can actually keep your coins safer than a desktop wallet. Make sure to keep a back-up of your wallet.dat stored offline though too.

I agree with most of this, but I have to disagree with "it can actually keep your coins safer than a desktop wallet."

One disadvantage of desktop wallets (as I'm sure you know) is that they are vulnerable to malware. Some types of online wallets (and mobile wallets in some cases, too) offer very good resistance against locally installed malware, but only if the online wallet implements per-transaction two-factor authentication. Blockchain.info only offers login two-factor authentication, which can protect against online (but not offline) brute-force attacks, but it doesn't prevent locally installed malware from stealing bitcoin after a user has logged in.

More technically speaking, malware can wait for you to log in, and then capture your password (it doesn't need to capture your 2FA code). Once you've logged in, your PC downloads the encrypted blockchain.info wallet. At this point, the malware has access to both your just-downloaded wallet and the decryption key (your just-captured password), and that's all it needs to steal bitcoin. In this manner, blockchain.info is essentially the same as a desktop wallet, except that the software and the encrypted wallet file are loaded from a remote server during each use.
DannyHamilton
Legendary
*
Offline Offline

Activity: 1974



View Profile
September 24, 2014, 05:31:46 PM
 #6

How secure are my coins in the blockchain.info wallet?

That depends on how strong your password is, how good you are at keeping malware off your computer and other devices, and what process you've implemented for maintaining backups of your wallet.

I don't like the bitcoin.org official system,

Bitcoin.org has an "official" system?  What system is that?

I don't trust my laptop even though it's fairly new.

Then how do you access your blockchain.info wallet?  If your laptop has malware and you access the blockchain.info wallet from the laptop, then the malware has access to the wallet.

I'm planning to be a long term hoarder so I need my wallet to be 100% trustworthy without worrying about some kind of website collapse.

Then you need to create secure backups of whatever wallet you choose.  You might want to look into creating paper wallets, or running either Armory or Electrum offline.

I'm not a tech wizard so don't understand paper wallets, scanning etc.

You don't need to be a tech wizard to understand paper wallets, or scanning private keys.  You do need to put a small amount of effort into protecting yourself against theft and loss.

LFC_Bitcoin
Legendary
*
Offline Offline

Activity: 1162


★777Coin.com★ Fun BTC Casino!


View Profile
September 24, 2014, 06:13:01 PM
 #7

Blockchain.info  have a google drive & drop box option to back up your wallet.

Would anybody recommend either?

btchris
Hero Member
*****
Offline Offline

Activity: 672

a.k.a. gurnec on GitHub


View Profile WWW
September 24, 2014, 07:22:45 PM
 #8

Blockchain.info  have a google drive & drop box option to back up your wallet.

Would anybody recommend either?

As long as your password is strong enough, I wouldn't have an objection to either (or even better, both).

By default, blockchain.info wallet passwords use poor key stretching. Before backing up your wallet online, I'd go into Account Settings -> Debugging, and change the PBKDF2 Iterations setting from its default of 10 to the max available of 20000. (For comparison, Bitcoin Core typically uses an iteration count that's about 10x higher than this).
Velkro
Legendary
*
Offline Offline

Activity: 1260


<3 Vanity Addresses :)


View Profile
September 24, 2014, 08:16:37 PM
 #9

its not safe, never loose control over your private key (your bitcoins)

LFC_Bitcoin
Legendary
*
Offline Offline

Activity: 1162


★777Coin.com★ Fun BTC Casino!


View Profile
September 24, 2014, 08:26:56 PM
 #10

If Blockchain.info did a MtGox are my coins safe as I have a note of my bitcoin address (the long number/letter thing)

btchris
Hero Member
*****
Offline Offline

Activity: 672

a.k.a. gurnec on GitHub


View Profile WWW
September 24, 2014, 08:38:26 PM
 #11

If Blockchain.info did a MtGox are my coins safe as I have a note of my bitcoin address (the long number/letter thing)

That depends on what "did a MtGox" means, since we still don't know exactly what happened there...

I thought I answered all of these in my first post here, but maybe I was unclear.

If blockchain.info is hacked or if they have a crooked employee, there's some chance they will be able to steal your bitcoin (see my first post...)

If blockchain.info disappears, than as long as you have a recent* backup, (via one of the backup mechanisms on their web page), than you will be able to recover your bitcoin.

*by recent, I mean you haven't created any new receiving addresses since your last backup.

(ignore the generalization from Velkro which doesn't apply to blockchain.info...)
LFC_Bitcoin
Legendary
*
Offline Offline

Activity: 1162


★777Coin.com★ Fun BTC Casino!


View Profile
September 24, 2014, 08:40:43 PM
 #12

If Blockchain.info did a MtGox are my coins safe as I have a note of my bitcoin address (the long number/letter thing)

That depends on what "did a MtGox" means, since we still don't know exactly what happened there...

I thought I answered all of these in my first post here, but maybe I was unclear.

If blockchain.info is hacked or if they have a crooked employee, there's some chance they will be able to steal your bitcoin (see my first post...)

If blockchain.info disappears, than as long as you have a recent* backup, (via one of the backup mechanisms on their web page), than you will be able to recover your bitcoin.

*by recent, I mean you haven't created any new receiving addresses since your last backup.

(ignore the generalization from Velkro which doesn't apply to blockchain.info...)


Thank you.

One last question - Say if I back up via drop box, if blockchain.info was to have problems where/how would you transfer the coins somewhere else as obviously dropbox isn't designed for bitcoin?

Would you be able to get them into another wallet provider?

Sorry for the stupid question, I only have 10 BTC, have never bought anything with them or had any other wallets.

Juan007
Newbie
*
Offline Offline

Activity: 11


View Profile
September 24, 2014, 11:02:01 PM
 #13

i do not use any web wallets. i am VERY security conscious. this thread has me concerned mostly about android malware. Smiley
xcapator
Sr. Member
****
Offline Offline

Activity: 322

Here I Am !!


View Profile
September 25, 2014, 03:21:47 AM
 #14

I cant open blockchain.info, it gave me an error message :

Secure Connection Failed

An error occurred during a connection to blockchain.info. The OCSP response contains out-of-date information. (Error code: sec_error_ocsp_old_response)


What about you guys ?

letyouearn
Hero Member
*****
Offline Offline

Activity: 798


You can always expect instant reply from my side.


View Profile
September 25, 2014, 04:40:37 AM
 #15

The Best Option to store your Bitcoins are bitpay wallet or  Coinbase wallet .

Those are 100% safe to use and store your precious Bitcoins.

twister
Hero Member
*****
Offline Offline

Activity: 672



View Profile WWW
September 25, 2014, 04:43:09 AM
 #16

The Best Option to store your Bitcoins are bitpay wallet or  Coinbase wallet .

Those are 100% safe to use and store your precious Bitcoins.

Really? I was under the impression that off-line wallets which have never been on-line and of which no one but only you know the private key are the safest ones.

 

██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
█████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
 
Get Free Bitcoin Now!
  ¦¯¦¦¯¦    ¦¯¦¦¯¦    ¦¯¦¦¯¦    ¦¯¦¦¯¦   
0.8%-1% House Edge
[/
Swordsoffreedom
Hero Member
*****
Offline Offline

Activity: 938


Trumpin it up for a bit


View Profile WWW
September 25, 2014, 04:56:27 AM
 #17

Safeish
It's not as safe as an encrypted to a USB stick full version Bitcoin client
But its not an instantwallet or inputs.io

I would say to keep a small amount in the blockchain wallet but for larger amounts go to cold storage if you don't trust your laptop.

OH and Online Wallets can scam you so even if its coinbase or bitpay would not give it all my trust could always end up goxed someday in the future.
zetaray
Hero Member
*****
Offline Offline

Activity: 661


View Profile
September 25, 2014, 05:18:41 AM
 #18

I would not save any wallet backups anywhere online even with a strong password. It is not secure. I would at least use Electrum to generate an address, and enter that address into blockchain.info as read-only. Then send most of your coins to that address. Then make sure you keep your 12 word seed safe, uninstall Electrum from your computer and delete the Electrum wallet file.

.CryptoTotal.com.
                              l█████████▇▀
                              ████████▇▀
                              ███████▇▀
                              ██████▇▀
                              █████▇▀
                              ████▇▀
                              ███▇▀
                              ██▇▀
                              █▇▀
                              ▇▀
▇▇
▇▇

Express.Crypto.Checkout
Accepts Multiple Cryptos
Worldwide Shipping
dancupid
Hero Member
*****
Offline Offline

Activity: 956



View Profile
September 25, 2014, 05:34:53 AM
 #19

You could also download the My Wallet add-on for Firefox.

This means you don't need to download the java-script from their servers each time (which may be compromised by a hack).
Only 790 people have downloaded this amazingly.

https://addons.mozilla.org/en-US/firefox/addon/my-wallet/?src=api


For a little additional security you could run it in Firefox portable and keep it on a USB stick away from your normal browser.

And use watch only addresses for large amounts of Bitcoin - with the private key secured on a paper-wallet or equivalent


Gallah
Newbie
*
Offline Offline

Activity: 18


View Profile
September 25, 2014, 05:48:06 AM
 #20

I would go with a bitcoin core encrypted wallet.

1GwTAJWwaATn8XvG8amWXGb94gN6Dt6LQ8
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!