Securing your wallet – Bitcoin Wiki

Securing your wallet

It has been suggested that this article is merged with Ways_to_store_Bitcoins.

Contents

Introduction

Wallet security can be violated down into two independent goals:

  1. Protecting your wallet against loss.
  2. Protecting your wallet against theft.

In the case that your current wallet hasn’t been protected adequately (e.g. put online with a weaker password):

  1. Making a fresh secure wallet, using suitable long-term protection.

Cold wallets

A cold wallet generates and stores private wallet keys offline on a clean air-gapped computer. Unsigned transactions are generated online, transferred offline for verification and signing, and the signed transaction is transferred online to be transmitted to the Bitcoin network.

This permits funds to be managed offline in Cold storage. Used correctly a cold wallet is protected against online threats, such as viruses and hackers. Cold wallets are similar to hardware wallets, except that a general purpose computing device is used instead of a special purpose peripheral.

Hardware wallets

Hardware wallets are special purpose security hardened devices for storing Bitcoins on a peripheral that is trusted to generate wallet keys, verify and sign transactions.

A hardware wallet typically holds the private keys in its internal storage and is designed to be malware resistant. The device signs the transactions internally and only transmits the signed transactions to the computer. The separation of the private keys from the vulnerable environment permits the user to spend bitcoins on a compromised computer with diminished risk.

Multisignature wallets

A multisignature wallet is one where numerous private keys are required to stir the bitcoins instead of a single key. These private keys can be spread across numerous machines with the assumption that malware and hackers are unlikely to at the same time infect your laptop, desktop and smartphone. The multisig wallet can be of the m-of-n type where any m private keys out of a possible n are required to stir the money. For example a 2-of-3 multisig wallet might have your private keys spread across a laptop, smartphone and paper backup; any two of those are required to stir the money but the loss of any one does not result in loss of money.

Multisignature wallets have the advantage of being cheaper than hardware wallets since they are implemented in software and can be downloaded for free, as well as being convenient as all keys are online and the wallet user interfaces are typically good. Wallet software Electrum and Armory can create multisig wallets.

Hot wallets: minimizing risks

An Internet connected computer that stores your Bitcoins is often referred to as a “hot wallet”. However there are several things that can be done to lower the threat, hot wallets are unavoidably risky.

Modern operating systems are very complexity, leading to a large attack surface. They also permanently leak information without the user’s skill or consent. It is very hard to ensure your wallet is secure on an Internet connected computer.

For low value wallets, the risk may be acceptable but it is recommended not to keep more in a hot wallet than you can afford to lose. For sums beyond that use one of the more secure methods above (e.g.

To minimize risk, take care that the system is free of malware, viruses, keyloggers, remote access instruments, and other implements that may be used to make remote copies of your wallet, Bitcoin-related passwords, or Bitcoin private keys. When your computer is compromised, the precautions taken below may provide extra protection.

Securing the Bitcoin-Qt or bitcoind wallet

Bitcoin transactions send Bitcoins to a specific public key. A Bitcoin address is an encoded hash of a public key. In order to use received Bitcoins, you need to have the private key matching the public key you received with. This is sort of like a super long password associated with an account (the account is the public key). Your Bitcoin wallet contains all of the private keys necessary for spending your received transactions. If you delete your wallet without a backup, then you no longer have the authorization information necessary to claim your coins, and the coins associated with those keys are lost forever.

The wallet contains a pool of queued keys. By default there are one hundred keys in the key pool. The size of the pool is configurable using the “-keypool” instruction line argument. When you need an address for whatever reason (send, “new address”, generation, etc.), the key is not actually generated freshly, but taken from this pool. A brand fresh address is generated to pack the pool back to 100. So when a backup is very first created, it has all of your old keys plus one hundred unused keys. After sending a transaction, it has ninety nine unused keys. After a total of one hundred new-key deeds, you will commence using keys that are not in your backup. Since the backup does not have the private keys necessary for authorizing spends of these coins, restoring from the old backup will cause you to lose Bitcoins.

Creating a fresh address generates a fresh pair of public and private keys, which are added to your wallet. Each keypair is mostly random numbers, so they cannot be known prior to generation. If you backup your wallet and then create more than one hundred fresh addresses, the keypair associated with the newest addresses will not be in the old wallet because the fresh keypairs are only known after creating them. Any coins received at these addresses will be lost if you restore from the backup.

The situation is made somewhat more confusing because the receiving addresses shown in the UI are not the only keys in your wallet. Each Bitcoin generation is given a fresh public key, and, more importantly, each sent transaction also sends some number of Bitcoins back to yourself at a fresh key. When sending Bitcoins to anyone, you generate a fresh keypair for yourself and at the same time send Bitcoins to your fresh public key and the actual recipient’s public key. This is an anonymity feature – it makes tracking Bitcoin transactions much more difficult.

So if you create a backup, and then do more than one hundred things that cause a fresh key to be used, and then restore from the backup, some Bitcoins will be lost. Bitcoin has not deleted any keys (keys are never deleted) – it has created a fresh key that is not in your old backup and then sent Bitcoins to it. A backup is therefore recommended toughly every fifty transactions (or address creations) just to be safe.

Importance of security updates

No software is ideal, and from time to time there may be security vulnerabilities found in your Bitcoin client as well. Be sure you keep your client updated with the latest bug fixes, especially when a fresh vulnerability is discovered. We maintain a list a known vulnerabilities on this wiki – you can witness that page to get updates. Note that you don’t need to be running the latest major client version: some clients, including the popular Bitcoin-Qt, have older versions available with bugfix-only updates.

Making a fresh Bitcoin-Qt or bitcoind wallet

If a wallet or an encrypted wallet’s password has been compromised, it is wise to create a fresh wallet and transfer the total balance of bitcoins to addresses contained only in the freshly created wallet. Examples of ways a wallet may be compromised are through password re-use, minimal strength passwords, computer hack or virus attack.

There are a number of ways to create a fresh wallet with Bitcoin-Qt or bitcoind but this is a process that has been tested with bitcoind 0.6.Three. We use the copy instruction to minimize the chance of any data loss but you are warned to make backups of any wallet.dat that holds a balance for you.

1. Shut down the Bitcoin program. Two. Find and make a backup of the “compromised” wallet.dat file and rename it, perhaps adding a brief description: wallet.dat -> wallet-compromised.dat Depending on your OS, the wallet file will be located at: Windows: %APPDATA%\Bitcoin\ Linux:

/Library/Application Support/Bitcoin/ Trio. Commence the Bitcoin program and it will create a fresh wallet.dat. You may then encrypt the wallet as desired and make a fresh backup. Four. Once you’ve made a fresh wallet, you can obtain one or more addresses and copy them into a text editor. After obtaining the fresh address(es), shut down the Bitcoin program, make a backup of the fresh wallet.dat file and copy it to a fresh file named wallet-new.dat. Five. Copy the wallet-compromised.dat file back to wallet.dat, commence the Bitcoin program and transfer your balance to the fresh address(es) you put in your text editor. Once the balance is back to zero for your compromised wallet, you may want to wait a duo minutes or for a confirmation or check block explorer to be sure the transactions have been broadcasted. Then you may shut down the Bitcoin program. 6. Rename wallet.dat to wallet-compromised.dat. 7. Rename wallet-new.dat to wallet.dat.

You should now have a fresh wallet with all the bitcoins from the old wallet.

Debian-based Linux

Store all into an encrypted folder (Tomb)

Tomb is a ordinary contraption to manage encrypted storage on GNU/Linux. Among its features are bind-hooks to set up a tomb’s contents in the place where other programs expect them, for example in our case climb on -o tie the .bitcoin directory in a user’s home.

Among the requirements: zsh, cryptsetup, pinentry-curses, gnupg, sudo.

Recommended: wipe, dcfldd, steghide, qrencode.

Then create a tomb (we name it bitcoin) with three directions:

tomb dig -s one hundred bitcoin.tomb

tomb forge bitcoin.tomb.key

tomb lock bitcoin.tomb -k bitcoin.tomb.key

tomb open bitcoin.tomb

This will require you to input again the password you selected.

Once open the tomb contents are in /media/bitcoin.tomb

Budge there your bitcoin wallet:

Then create a file “/media/bitcoin.tomb/bind-hooks” and put a single line:

Which means that every time the tomb is open, the directory my-safe-wallet needs to be tied to

/.bitcoin. Just make sure an empty

/.bitcoin directory exists in your home.

Now close the tomb and store its keys securely, make sure you memorize the password. Have a look at Tomb’s documentation, there is a number of things you can do like steganography or printing out keys on a paper to hide and such.

That’s it. Every time you like to access your wallet open the tomb and the .bitcoin will be in place. One can also store the bitcoin binary inwards the tomb and even embark the bitcoin client using the exec-hooks. Tomb’s manual page “man tomb” explains the possibilities.

The advantage of this treatment over an encrypted home is that it becomes enormously portable across computers and even online shells: a Tomb is just a file and its key can be stored far away, on different shells, usb rams or mobile phones.

Secure the entire user home directory

The very first step is to make a fresh user. In order for that fresh user to have an encrypted home directory, you’ll very first need the encryption utility. Run:

sudo apt-get install ecryptfs-utils

Now you’re ready to create a fresh user

sudo adduser –encrypt-home new_user_name

You’ll need to come up with a secure fresh password for that user.

When you get to the prompt ‘Inject the fresh value, or press Come in for the default’, just keep hitting Inject.

Then switch user to the fresh user. To get to the fresh user you can use the switch user icon for your system, which on Ubuntu is in the ‘System/Abandon’ screen, or if there is no switch icon on your system you can log out and log back in as the fresh user.

Since the home folder of this user is encrypted, if you’re not logged in as that user, data that is saved there can’t be browsed, even by a root user. If something goes wrong with your system, and you need to decrypt the fresh user’s files, you’ll need its decryption key.

It will ask you for your user’s password and give you the decryption key. WRITE DOWN OR SAVE THE CODE IT Comes back because you will need it if you ever have to pull your data off while the OS is not working. (You can run it again later if you need to, but run it now so that you can get your data if your Linux install gets botched.)

The encrypted folder data is not encrypted while it’s in memory, and so if it’s ever sent to the interchange partition it can be stolen from there unless that too is encrypted – be aware that this will mean you cannot use Hibernate anymore, as the bootloader won’t be able to restore the hibernation data.

Then click on a folder in the fresh user to display the file browser, then keep going up folders until you see the fresh user home directory, then right click to bring up the Properties dialog, then click on the Permissions tab, then in the Others section, set the folder access to None.

For secure browsing, open Firefox, and then go into the Edit menu and click Preferences. Embarking from the left, click on the General tab, and in the ‘Startup/When Firefox starts’ pop up menu, choose ‘Showcase a Blank Page’. Then click on the Content tab, and deselect ‘Flow photos automatically’ and deselect ‘Enable JavaScript’. Then click on the Privacy tab, and in the ‘History/Firefox will’ pop up menu, choose ‘Never reminisce history’. Then click on the Security tab, and in the Passwords section, deselect ‘Recall passwords for sites’ and deselect ‘Use a master password’. Then click on the Advanced tab, then click on the Update tab, and then in the ‘Automatically check for updates to’ section, deselect ‘Add-ons’ and ‘Search Engines’.

When JavaScript is disabled, the Linux download page will not download automatically, so you’ll have to click on the ‘direct link’ part of the “Problems with the download? Please use this ‘direct link’ or attempt another mirror.” line.

This solution does not scale; the amount of needed space can grow beyond the pic size.

Windows

Due to the frequency with which Windows computers are compromised, it is advised to encrypt your wallet or to keep your wallet on an encrypted disk picture created by third-party software, such as TrueCrypt (open source) or Jetico BestCrypt (commercial). This also applies to the storage of passwords, private keys and other data that can be used to access any of your Bitcoin balances.

Assuming that you have installed the Windows Bitcoin client and run it at least once, the process is described below.

To climb on the Bitcoin data directory on an encrypted drive

  1. Use the third-party disk pic encryption program of your choice to create and climb on an encrypted disk pic of at least 5GB in size. This procedure stores the entire block chain database with the wallet.dat file so the required size of the encrypted disk picture required may grow in the future.
  2. Locate the Bitcoin data directory, and copy the directory with all contents to the encrypted drive.

For example, if you installed Bitcoin in the default directory, mounted your Bitcoin encrypted drive as E:\ , and stored your Bitcoin data directory on it as Bitcoin , you would type the following instruction as the shortcut Target:

C:\Program Files\Bitcoin\bitcoin.exe -datadir=E:\Bitcoin

  • Open Bitcoin’s settings and configure it NOT to embark automatically when you commence Windows.

    This is to permit you to climb on the Bitcoin encrypted disk picture before beginning Bitcoin.

    After doing this, any time you want to use Bitcoin, you must very first climb on the Bitcoin encrypted disk picture using the same drive designation, and then run Bitcoin from the shortcut that you created, so that it can find its data and your wallet.

    General Solutions

    Your wallet.dat file is not encrypted by the Bitcoin program by default but the most current release of the Bitcoin client provides a method to encrypt with a passphrase the private keys stored in the wallet. Anyone who can access an unencrypted wallet can lightly steal all of your coins. Use one of these encryption programs if there is any chance someone might build up access to your wallet.

    • 7-zip – Supports strongly-encrypted archives.
    • AxCrypt by Axantum
    • lrzip – Compression software for Linux and OSX that supports very high grade password protected encryption
    • TrueCrypt – Volume-based on-the-fly encryption (for advanced users)

    Decrypting and encrypting the wallet.dat every time you commence or abandon the Bitcoin client can be tedious (and outright error-prone). If you want to keep your wallet encrypted (except while you’re actually running the Bitcoin client), it’s better to relegate the automation to a petite shell script that treats the en/decryption and embarking up Bitcoin client for you (Linux and OSX).

    There is also a method to print out and encrypt your wallet.dat as a special, scannable code. See details here: WalletPaperbackup

    Password Strength

    Brute-force password cracking has come a long way. A password including capitals, numbers, and special characters with a length of eight characters can be trivially solved now (using suitable hardware). The recommended length is at least twelve characters long. You can also use a multi-word password and there are technics to increase the strength of your passwords without sacrificing usability. The Usability of Passwords

    However, simply using dictionary words is also insecure as it opens you up to a dictionary attack. If you use dictionary words, be sure to include random symbols and numbers in the mix as well.

    If you use keyfiles in addition to a password, it is unlikely that your encrypted file can ever be cracked using brute-force methods, even when even a twelve character password might be too brief.

    Assume that any encrypted files you store online (eg. Gmail, Dropbox) will be stored somewhere forever and can never be erased.

    Choosing A Strong Password

    Make sure you pick at least one character in each group:

    Backing up your wallet

    Backing up your wallet is not necessary if you use a wallet with implemented BIP thirty two (hierarchical deterministic wallet). Today, only TREZOR, Electrum and CarbonWallet fully support BIP 0032.

    For advise on the backup process see Backing up your wallet.

    Erasing Plain-text Wallets

    In most operating systems, including Windows, Linux, and Mac OS X, simply deleting a wallet.dat file will not generally ruin it. It is likely that advanced instruments can still be used to recover the wallet.dat file, even after it has been deleted.

    The Linux shred instruction can be used to overwrite the wallet file with random data prior to deleting; this particular copy of the file will then be practically unlikely to recover. Using shred (and similar contraptions on Windows) however does not ensure that still other copies don’t exist somewhere hidden on your HD. That will depend on your system configuration and what packages you have installed. Some system restore and backup implements, for example, create periodic snapshots of your filesystem, duplicating your wallet.dat.

    In Mac OS, the equivalent of shred is srm (introduced in Leopard). Using the Finder to eliminate files, clicking “Secure Empty Trash” in the Finder menu will shred the contents of the trash can. As with any OS this doesn’t assure that there are not other copies elsewhere on your system.

    For Windows, the built-in instruction cipher /W will shred all previously-deleted files. CyberShredder can securely deleted individual files.

    Online and Mobile Wallets

    Thus far, this article has been discussing the security of a wallet file for Bitcoin-Qt or bitcoind that is under your foot control.

    Online wallets have a number of pros and cons to consider. For example, you can access your wallet on any computer in the world, but you are essentially storing your private keys or wallet with the provider of the online wallet. Depending on the level of security of such service, your bitcoins may be lost if the service is compromised.

    The invention of hardware wallets makes it possible to use online wallets in a more secure manner. A hardware wallet keeps your private keys apart from the computer and internet. An online wallet compatible with a hardware wallet (such as myTREZOR.com) then does not need to store any sensitive data (private keys, passwords or email addresses) and only serves as implement for broadcasting transactions signed in the hardware wallet out to the blockchain.

    Mobile wallet applications are available for Android devices that permit you to send bitcoins by QR code or NFC, but this opens up the possibility of loss if mobile device is compromised. It may be possible to encrypt and backup the wallet or private keys on a mobile device but it is not advisable to store a large amount of bitcoins there without doing your own research and testing. Mobile wallets are useful for puny spending and not for storing your bitcoin savings.

    Securing your wallet – Bitcoin Wiki

    Securing your wallet

    It has been suggested that this article is merged with Ways_to_store_Bitcoins.

    Contents

    Introduction

    Wallet security can be violated down into two independent goals:

    1. Protecting your wallet against loss.
    2. Protecting your wallet against theft.

    In the case that your current wallet hasn’t been protected adequately (e.g. put online with a weaker password):

    1. Making a fresh secure wallet, using adequate long-term protection.

    Cold wallets

    A cold wallet generates and stores private wallet keys offline on a clean air-gapped computer. Unsigned transactions are generated online, transferred offline for verification and signing, and the signed transaction is transferred online to be transmitted to the Bitcoin network.

    This permits funds to be managed offline in Cold storage. Used correctly a cold wallet is protected against online threats, such as viruses and hackers. Cold wallets are similar to hardware wallets, except that a general purpose computing device is used instead of a special purpose peripheral.

    Hardware wallets

    Hardware wallets are special purpose security hardened devices for storing Bitcoins on a peripheral that is trusted to generate wallet keys, verify and sign transactions.

    A hardware wallet typically holds the private keys in its internal storage and is designed to be malware resistant. The device signs the transactions internally and only transmits the signed transactions to the computer. The separation of the private keys from the vulnerable environment permits the user to spend bitcoins on a compromised computer with diminished risk.

    Multisignature wallets

    A multisignature wallet is one where numerous private keys are required to stir the bitcoins instead of a single key. These private keys can be spread across numerous machines with the assumption that malware and hackers are unlikely to at the same time infect your laptop, desktop and smartphone. The multisig wallet can be of the m-of-n type where any m private keys out of a possible n are required to budge the money. For example a 2-of-3 multisig wallet might have your private keys spread across a laptop, smartphone and paper backup; any two of those are required to budge the money but the loss of any one does not result in loss of money.

    Multisignature wallets have the advantage of being cheaper than hardware wallets since they are implemented in software and can be downloaded for free, as well as being convenient as all keys are online and the wallet user interfaces are typically good. Wallet software Electrum and Armory can create multisig wallets.

    Hot wallets: minimizing risks

    An Internet connected computer that stores your Bitcoins is often referred to as a “hot wallet”. However there are several things that can be done to lower the threat, hot wallets are unavoidably risky.

    Modern operating systems are very complexity, leading to a large attack surface. They also permanently leak information without the user’s skill or consent. It is very hard to ensure your wallet is secure on an Internet connected computer.

    For low value wallets, the risk may be acceptable but it is recommended not to keep more in a hot wallet than you can afford to lose. For sums beyond that use one of the more secure methods above (e.g.

    To minimize risk, take care that the system is free of malware, viruses, keyloggers, remote access instruments, and other contraptions that may be used to make remote copies of your wallet, Bitcoin-related passwords, or Bitcoin private keys. When your computer is compromised, the precautions taken below may provide extra protection.

    Securing the Bitcoin-Qt or bitcoind wallet

    Bitcoin transactions send Bitcoins to a specific public key. A Bitcoin address is an encoded hash of a public key. In order to use received Bitcoins, you need to have the private key matching the public key you received with. This is sort of like a super long password associated with an account (the account is the public key). Your Bitcoin wallet contains all of the private keys necessary for spending your received transactions. If you delete your wallet without a backup, then you no longer have the authorization information necessary to claim your coins, and the coins associated with those keys are lost forever.

    The wallet contains a pool of queued keys. By default there are one hundred keys in the key pool. The size of the pool is configurable using the “-keypool” directive line argument. When you need an address for whatever reason (send, “new address”, generation, etc.), the key is not actually generated freshly, but taken from this pool. A brand fresh address is generated to pack the pool back to 100. So when a backup is very first created, it has all of your old keys plus one hundred unused keys. After sending a transaction, it has ninety nine unused keys. After a total of one hundred new-key deeds, you will begin using keys that are not in your backup. Since the backup does not have the private keys necessary for authorizing spends of these coins, restoring from the old backup will cause you to lose Bitcoins.

    Creating a fresh address generates a fresh pair of public and private keys, which are added to your wallet. Each keypair is mostly random numbers, so they cannot be known prior to generation. If you backup your wallet and then create more than one hundred fresh addresses, the keypair associated with the newest addresses will not be in the old wallet because the fresh keypairs are only known after creating them. Any coins received at these addresses will be lost if you restore from the backup.

    The situation is made somewhat more confusing because the receiving addresses shown in the UI are not the only keys in your wallet. Each Bitcoin generation is given a fresh public key, and, more importantly, each sent transaction also sends some number of Bitcoins back to yourself at a fresh key. When sending Bitcoins to anyone, you generate a fresh keypair for yourself and at the same time send Bitcoins to your fresh public key and the actual recipient’s public key. This is an anonymity feature – it makes tracking Bitcoin transactions much more difficult.

    So if you create a backup, and then do more than one hundred things that cause a fresh key to be used, and then restore from the backup, some Bitcoins will be lost. Bitcoin has not deleted any keys (keys are never deleted) – it has created a fresh key that is not in your old backup and then sent Bitcoins to it. A backup is therefore recommended toughly every fifty transactions (or address creations) just to be safe.

    Importance of security updates

    No software is ideal, and from time to time there may be security vulnerabilities found in your Bitcoin client as well. Be sure you keep your client updated with the latest bug fixes, especially when a fresh vulnerability is discovered. We maintain a list a known vulnerabilities on this wiki – you can observe that page to get updates. Note that you don’t need to be running the latest major client version: some clients, including the popular Bitcoin-Qt, have older versions available with bugfix-only updates.

    Making a fresh Bitcoin-Qt or bitcoind wallet

    If a wallet or an encrypted wallet’s password has been compromised, it is wise to create a fresh wallet and transfer the utter balance of bitcoins to addresses contained only in the freshly created wallet. Examples of ways a wallet may be compromised are through password re-use, minimal strength passwords, computer hack or virus attack.

    There are a number of ways to create a fresh wallet with Bitcoin-Qt or bitcoind but this is a process that has been tested with bitcoind 0.6.Three. We use the copy instruction to minimize the chance of any data loss but you are warned to make backups of any wallet.dat that holds a balance for you.

    1. Shut down the Bitcoin program. Two. Find and make a backup of the “compromised” wallet.dat file and rename it, perhaps adding a brief description: wallet.dat -> wallet-compromised.dat Depending on your OS, the wallet file will be located at: Windows: %APPDATA%\Bitcoin\ Linux:

    /Library/Application Support/Bitcoin/ Trio. Embark the Bitcoin program and it will create a fresh wallet.dat. You may then encrypt the wallet as desired and make a fresh backup. Four. Once you’ve made a fresh wallet, you can obtain one or more addresses and copy them into a text editor. After obtaining the fresh address(es), shut down the Bitcoin program, make a backup of the fresh wallet.dat file and copy it to a fresh file named wallet-new.dat. Five. Copy the wallet-compromised.dat file back to wallet.dat, begin the Bitcoin program and transfer your balance to the fresh address(es) you put in your text editor. Once the balance is back to zero for your compromised wallet, you may want to wait a duo minutes or for a confirmation or check block explorer to be sure the transactions have been broadcasted. Then you may shut down the Bitcoin program. 6. Rename wallet.dat to wallet-compromised.dat. 7. Rename wallet-new.dat to wallet.dat.

    You should now have a fresh wallet with all the bitcoins from the old wallet.

    Debian-based Linux

    Store all into an encrypted folder (Tomb)

    Tomb is a ordinary contraption to manage encrypted storage on GNU/Linux. Among its features are bind-hooks to set up a tomb’s contents in the place where other programs expect them, for example in our case climb on -o tie the .bitcoin directory in a user’s home.

    Among the requirements: zsh, cryptsetup, pinentry-curses, gnupg, sudo.

    Recommended: wipe, dcfldd, steghide, qrencode.

    Then create a tomb (we name it bitcoin) with three guidelines:

    tomb dig -s one hundred bitcoin.tomb

    tomb forge bitcoin.tomb.key

    tomb lock bitcoin.tomb -k bitcoin.tomb.key

    tomb open bitcoin.tomb

    This will require you to input again the password you selected.

    Once open the tomb contents are in /media/bitcoin.tomb

    Budge there your bitcoin wallet:

    Then create a file “/media/bitcoin.tomb/bind-hooks” and put a single line:

    Which means that every time the tomb is open, the directory my-safe-wallet needs to be strapped to

    /.bitcoin. Just make sure an empty

    /.bitcoin directory exists in your home.

    Now close the tomb and store its keys securely, make sure you memorize the password. Have a look at Tomb’s documentation, there is a number of things you can do like steganography or printing out keys on a paper to hide and such.

    That’s it. Every time you like to access your wallet open the tomb and the .bitcoin will be in place. One can also store the bitcoin binary inwards the tomb and even embark the bitcoin client using the exec-hooks. Tomb’s manual page “man tomb” explains the possibilities.

    The advantage of this treatment over an encrypted home is that it becomes enormously portable across computers and even online shells: a Tomb is just a file and its key can be stored far away, on different shells, usb jams or mobile phones.

    Secure the entire user home directory

    The very first step is to make a fresh user. In order for that fresh user to have an encrypted home directory, you’ll very first need the encryption utility. Run:

    sudo apt-get install ecryptfs-utils

    Now you’re ready to create a fresh user

    sudo adduser –encrypt-home new_user_name

    You’ll need to come up with a secure fresh password for that user.

    When you get to the prompt ‘Come in the fresh value, or press Inject for the default’, just keep hitting Inject.

    Then switch user to the fresh user. To get to the fresh user you can use the switch user icon for your system, which on Ubuntu is in the ‘System/Abandon’ screen, or if there is no switch icon on your system you can log out and log back in as the fresh user.

    Since the home folder of this user is encrypted, if you’re not logged in as that user, data that is saved there can’t be browsed, even by a root user. If something goes wrong with your system, and you need to decrypt the fresh user’s files, you’ll need its decryption key.

    It will ask you for your user’s password and give you the decryption key. WRITE DOWN OR SAVE THE CODE IT Comebacks because you will need it if you ever have to pull your data off while the OS is not working. (You can run it again later if you need to, but run it now so that you can get your data if your Linux install gets botched.)

    The encrypted folder data is not encrypted while it’s in memory, and so if it’s ever sent to the interchange partition it can be stolen from there unless that too is encrypted – be aware that this will mean you cannot use Hibernate anymore, as the bootloader won’t be able to restore the hibernation data.

    Then click on a folder in the fresh user to display the file browser, then keep going up folders until you see the fresh user home directory, then right click to bring up the Properties dialog, then click on the Permissions tab, then in the Others section, set the folder access to None.

    For secure browsing, open Firefox, and then go into the Edit menu and click Preferences. Commencing from the left, click on the General tab, and in the ‘Startup/When Firefox starts’ pop up menu, choose ‘Demonstrate a Blank Page’. Then click on the Content tab, and deselect ‘Flow photos automatically’ and deselect ‘Enable JavaScript’. Then click on the Privacy tab, and in the ‘History/Firefox will’ pop up menu, choose ‘Never reminisce history’. Then click on the Security tab, and in the Passwords section, deselect ‘Recall passwords for sites’ and deselect ‘Use a master password’. Then click on the Advanced tab, then click on the Update tab, and then in the ‘Automatically check for updates to’ section, deselect ‘Add-ons’ and ‘Search Engines’.

    When JavaScript is disabled, the Linux download page will not download automatically, so you’ll have to click on the ‘direct link’ part of the “Problems with the download? Please use this ‘direct link’ or attempt another mirror.” line.

    This solution does not scale; the amount of needed space can grow beyond the picture size.

    Windows

    Due to the frequency with which Windows computers are compromised, it is advised to encrypt your wallet or to keep your wallet on an encrypted disk picture created by third-party software, such as TrueCrypt (open source) or Jetico BestCrypt (commercial). This also applies to the storage of passwords, private keys and other data that can be used to access any of your Bitcoin balances.

    Assuming that you have installed the Windows Bitcoin client and run it at least once, the process is described below.

    To climb on the Bitcoin data directory on an encrypted drive

    1. Use the third-party disk pic encryption program of your choice to create and climb on an encrypted disk pic of at least 5GB in size. This procedure stores the entire block chain database with the wallet.dat file so the required size of the encrypted disk picture required may grow in the future.
    2. Locate the Bitcoin data directory, and copy the directory with all contents to the encrypted drive.

    For example, if you installed Bitcoin in the default directory, mounted your Bitcoin encrypted drive as E:\ , and stored your Bitcoin data directory on it as Bitcoin , you would type the following guideline as the shortcut Target:

    C:\Program Files\Bitcoin\bitcoin.exe -datadir=E:\Bitcoin

  • Open Bitcoin’s settings and configure it NOT to embark automatically when you begin Windows.

    This is to permit you to climb on the Bitcoin encrypted disk picture before beginning Bitcoin.

    After doing this, any time you want to use Bitcoin, you must very first climb on the Bitcoin encrypted disk picture using the same drive designation, and then run Bitcoin from the shortcut that you created, so that it can find its data and your wallet.

    General Solutions

    Your wallet.dat file is not encrypted by the Bitcoin program by default but the most current release of the Bitcoin client provides a method to encrypt with a passphrase the private keys stored in the wallet. Anyone who can access an unencrypted wallet can lightly steal all of your coins. Use one of these encryption programs if there is any chance someone might build up access to your wallet.

    • 7-zip – Supports strongly-encrypted archives.
    • AxCrypt by Axantum
    • lrzip – Compression software for Linux and OSX that supports very high grade password protected encryption
    • TrueCrypt – Volume-based on-the-fly encryption (for advanced users)

    Decrypting and encrypting the wallet.dat every time you begin or abandon the Bitcoin client can be tedious (and outright error-prone). If you want to keep your wallet encrypted (except while you’re actually running the Bitcoin client), it’s better to relegate the automation to a puny shell script that treats the en/decryption and beginning up Bitcoin client for you (Linux and OSX).

    There is also a method to print out and encrypt your wallet.dat as a special, scannable code. See details here: WalletPaperbackup

    Password Strength

    Brute-force password cracking has come a long way. A password including capitals, numbers, and special characters with a length of eight characters can be trivially solved now (using suitable hardware). The recommended length is at least twelve characters long. You can also use a multi-word password and there are technics to increase the strength of your passwords without sacrificing usability. The Usability of Passwords

    However, simply using dictionary words is also insecure as it opens you up to a dictionary attack. If you use dictionary words, be sure to include random symbols and numbers in the mix as well.

    If you use keyfiles in addition to a password, it is unlikely that your encrypted file can ever be cracked using brute-force methods, even when even a twelve character password might be too brief.

    Assume that any encrypted files you store online (eg. Gmail, Dropbox) will be stored somewhere forever and can never be erased.

    Choosing A Strong Password

    Make sure you pick at least one character in each group:

    Backing up your wallet

    Backing up your wallet is not necessary if you use a wallet with implemented BIP thirty two (hierarchical deterministic wallet). Today, only TREZOR, Electrum and CarbonWallet fully support BIP 0032.

    For advise on the backup process see Backing up your wallet.

    Erasing Plain-text Wallets

    In most operating systems, including Windows, Linux, and Mac OS X, simply deleting a wallet.dat file will not generally ruin it. It is likely that advanced instruments can still be used to recover the wallet.dat file, even after it has been deleted.

    The Linux shred guideline can be used to overwrite the wallet file with random data prior to deleting; this particular copy of the file will then be practically unlikely to recover. Using shred (and similar devices on Windows) however does not assure that still other copies don’t exist somewhere hidden on your HD. That will depend on your system configuration and what packages you have installed. Some system restore and backup contraptions, for example, create periodic snapshots of your filesystem, duplicating your wallet.dat.

    In Mac OS, the equivalent of shred is srm (introduced in Leopard). Using the Finder to eliminate files, clicking “Secure Empty Trash” in the Finder menu will shred the contents of the trash can. As with any OS this doesn’t assure that there are not other copies elsewhere on your system.

    For Windows, the built-in instruction cipher /W will shred all previously-deleted files. CyberShredder can securely deleted individual files.

    Online and Mobile Wallets

    Thus far, this article has been discussing the security of a wallet file for Bitcoin-Qt or bitcoind that is under your foot control.

    Online wallets have a number of pros and cons to consider. For example, you can access your wallet on any computer in the world, but you are essentially storing your private keys or wallet with the provider of the online wallet. Depending on the level of security of such service, your bitcoins may be lost if the service is compromised.

    The invention of hardware wallets makes it possible to use online wallets in a more secure manner. A hardware wallet keeps your private keys apart from the computer and internet. An online wallet compatible with a hardware wallet (such as myTREZOR.com) then does not need to store any sensitive data (private keys, passwords or email addresses) and only serves as implement for broadcasting transactions signed in the hardware wallet out to the blockchain.

    Mobile wallet applications are available for Android devices that permit you to send bitcoins by QR code or NFC, but this opens up the possibility of loss if mobile device is compromised. It may be possible to encrypt and backup the wallet or private keys on a mobile device but it is not advisable to store a large amount of bitcoins there without doing your own research and testing. Mobile wallets are useful for petite spending and not for storing your bitcoin savings.

    Related video:

  • Leave a Reply