DER GOBBLE. Good Secure Crypto Wallet Practices. What is your wallet?

Similar documents
How to Build a Culture of Security

It starts like this...

Newcomer Finances Toolkit. Fraud. Worksheets

XP: Backup Your Important Files for Safety

Burning CDs in Windows XP

Clickbank Domination Presents. A case study by Devin Zander. A look into how absolutely easy internet marketing is. Money Mindset Page 1

Bonus Chapter: Going Live. Lesson One: Check Your Site

Clean & Speed Up Windows with AWO

Creating a new form with check boxes, drop-down list boxes, and text box fill-ins. Customizing each of the three form fields.

The Frugal Computer Guy

(Refer Slide Time: 02.06)

Instruction manual Gulden desktop wallet 1.6.1

What every attorney should know about E-security Also, ESI

Unit 9 Tech savvy? Tech support. 1 I have no idea why... Lesson A. A Unscramble the questions. Do you know which battery I should buy?

Discover How to Watch the Mass Ascension of the Albuquerque International Balloon Fiesta Even if You Can t Be There

The 10 Disaster Planning Essentials For A Small Business Network

7, 8, 8.1, 10. You can still get windows ten upgrade from 7, 8 and 8.1 now. Just need the right file to upgrade, I have it.

Incident Response Tools

1/19/2011 1

Click on a link below for additional information.

Password Managers: Devil s in the Details

The name of our class will be Yo. Type that in where it says Class Name. Don t hit the OK button yet.

Data Structures and Algorithms Dr. Naveen Garg Department of Computer Science and Engineering Indian Institute of Technology, Delhi.

Make $400 Daily. With Only. 5 Minutes Of Work

Cybersecurity For The Small Business & Home User ( Geared toward Windows, but relevant to Apple )

Frequently Asked Questions. Question # Page #

Guide to Getting Started. Personal Online Banking & Bill Pay

What is a Backup, Anyway? Why Do I Need to Backup My Files? Top 10 Files to Backup. Why Do I Need to Backup My Files?

Storage Systems Dr. K. Gopinath Department of Computer Science and Engineering Indian Institute of Science, Bangalore

Westpac phone banking

Card Reader User Guide

Cyber Smarts Using Social Media Wisely

CheckBook Pro 2 Help

GUARANTEED DIRECT REFERRALS

LEOcoin Private Chat wallet FAQ V 1

Certificate-based authentication for data security

Phone banking Fast, reliable and convenient service by phone.

E-Discovery Protection: Insurance Coverage & Electronic Records

Online Scams. Ready to get started? Click on the green button to continue.

The Studio Director QuickBooks Help

What I Do After Clicking Publish

Sky Social Media Guidelines for Contributors

Amber Weyland: [to cameraman] Just hold it there so we can see Mollie.

Accounts and Passwords

Personal Internet Security Basics. Dan Ficker Twin Cities DrupalCamp 2018

Module 6. Campaign Layering

6 counterintuitive strategies to put your list building efforts into overdrive

Ready for a Technology Disaster? Really? Let s Get Ready! Michael Price, President of MPA Networks, Silicon Valley

Operating system. Hardware

LeakDAS Version 4 The Complete Guide

An Introduction to Business Disaster Recovery

The Benefits of SMS as a Marketing and Communications Channel From The Chat Bubble written by Michael

Cold, Hard Cache KV? On the implementation and maintenance of caches. who is

Hey there, I m (name) and today I m gonna talk to you about rate of change and slope.

Hacking Bootcamp: Learning The Basics Of Hacking PDF

COMPUTING FUNDAMENTALS I

DATA DISASTER AVERTED! HOW TO BACK UP YOUR ANDROID SMARTPHONE

Backend IV: Authentication, Authorization and Sanitization. Tuesday, January 13, 15

Hans Karlsen. MDriven The book. Doing effective Business by taking control of Information. Hans Karlsen, Stockholm Sweden

Lecture 44 Blockchain Security I (Overview)

OpenDrives storage solutions facilitate smart business continuity strategies.

Introduction! 2. Why You NEED This Guide 2. Step One: Research! 3. What Are Your Customers Searching For? 3. Step Two: Title Tag!

Close Your File Template

Introduction. Read on and learn some facts about backup and recovery that could protect your small business.

An introductory guide to Disaster Recovery and how it can ultimately keep your company alive. A Publication of

CFMG Training Modules Classified Ad Strategy Module

============================================================================

Home Computer and Internet User Security

FAQ: Privacy, Security, and Data Protection at Libraries

APPENDIX B. Fortran Hints

BASELINE GENERAL PRACTICE SECURITY CHECKLIST Guide

Direct DataSafe for Dazzle Pawn SETUP and USE of program

The Problem with Privileged Users

CREDITS Web-version 2 Web-version specification CREDITS Desktop Client vs. Web-client What is the CREDITS Wallet? 2 1.

COMPREHENSIVE LIST OF CASHLESS FAQs (GUESTS)

Taskbar: Working with Several Windows at Once

CS125 : Introduction to Computer Science. Lecture Notes #11 Procedural Composition and Abstraction. c 2005, 2004 Jason Zych

What's the Slope of a Line?

Password & Tutorials Packet

How To Save $30,000 a Month Using

NET 311 D INFORMATION SECURITY

Top 10 Considerations for Securing Private Clouds

Text Input and Conditionals

How to Improve Your Campaign Conversion Rates

Boot Camp. Dave Eckhardt Bruce Maggs

Lead Magnet Cheat Sheet

2016 All Rights Reserved

Nerds Support Saves You Money and Storage with Incremental Backup Software. nerdssupport.com

Restech. User Security AVOIDING LOSS GAINING CONFIDENCE IN THE FACE OF TODAY S THREATS

Term Definition Introduced in: This option, located within the View tab, provides a variety of options to choose when sorting and grouping Arrangement

06 May 2011 CS 200. System Management. Backups. Backups. CS 200 Fall 2016

BACKUP, CLONE OR IMAGE? WHY YOU SHOULD BE INTERESTED

EADS up. stop think connect

How To Factory Reset Locked Iphone 4 Without Computer

If you like this guide and you want to support the community, you can sign up as a Founding Member here:

MITOCW ocw f99-lec07_300k

Circle Link 1 "Know Before You Go" Web Literacy Tips:

SOLUTIONS GUIDE. I Don t Know What to or

Plug into more places

Securing today s identity and transaction systems:! What you need to know! about two-factor authentication!

Transcription:

DER GOBBLE Good Secure Crypto Wallet Practices When it comes to crypto currencies and securing your money, the absolute best 99% guaranteed security for your wallets is YOU. You are the one that will expose your keys improperly to the world and loose your money. You are the one using that unsecured, infected machine to trust your money to. Therefore you are the one that must know what you are doing to secure yourself. Arrrrrr, I know where the Secret Key is! Follow meeeeeeee. What is your wallet? When we buy a particular crypto coin, that coin is stored in a piece of software. A coin itself is a piece of software, nothing more. To own that coin, it must be linked to you in the coin universe or it is not really yours. Every crypto coin Good Secure Crypto Wallet Practices 1

whether it is XRP, BTC, BCN, DGB or whatever, has. Its own software designed to store your coins. There are also third party programs designed to do the same. That software is called the Wallet. Just because you have the software on your computer still does not mean your coins are yours. There is one single element that makes that wallet yours and that is the SECRET KEY. With that secret key, you control the spending and transfer of your crypto coins. The reason is because it acts like your signature on a check. Coin can not go out of your wallet, without being signed with that key. Coin can come in and you can look into your wallet without the key, in fact anyone can look into your wallet, but it most definitely can not go out without it. If you loose your wallet, by computer crash, fire or water damage, data loss or Global Thermal Nuclear War, you can recover your wallet with only that secret key. So in actuality the key itself is your wallet, not the software. The software only manages your wallet and provides an interface to your wallet. Since the software only provides the interface to your wallet, we are not going to recommend any to you. Rather it would be better to describe your risks so that you can choose wisely. There are many wallets out there that pretty much do the same. The point is to protect yourself. Stealing a Wallet Stealing your wallet is fun! It is a sport. There is nothing better than writing a little bot to go to your computer and get your secret key and send it to me. (Not really) but the bad guys are thinking the same thing. There are three main methods that your key code will be stolen from you. You put pictures of you and Secret Key traveling the world on Facebook. You Tweeted about Secret Key having babies. Good job Virus: A virus designed to search your computer for the pattern in which your key is constructed. It is an easily distinguishable looking line of text. A virus can record that key and send it home. Physical Access: A bad guy that gets physical access to your computer of course has access to everything else. Think of the terror of a bad guy, friend or even Mom, getting your secret key, writing it down and then storing it under their very own pillow so it will whisper sweet nothings to them in their sleep. Oh the horror. USRERROR: this is the most serious and most risk of them ALL. It is impossible to stop. You will loose everything because of this stupid error. You have no chance to survive. This is USER ERROR. It will be all your fault. You are the one that personally gave your key to the world. You are the one that posted your Good Secure Crypto Wallet Practices 2

secret key online. You are the one that talked about your secret key. You are the one that bragged about how secure it is, where it is, and nooooobody can ever get to it. You put pictures of you and Secret Key traveling the world on Facebook. You Tweeted about Secret Key having babies. Good job. With two of these, there is one thing in common and that is your internet connection. The other one can be secured with a good hammer and some leather straps. Building a Wallet (go offline) Creating a wallet is super easy, but the most important feature of all is to remember to be OFFLINE when creating your wallet. Anytime that you expose your Secret Key to your own computer, be sure to be offline. This will severely minimise your risk of exposure. The absolute best method of using your secret key is on a cold computer that never touches the internet, but that is another story entirely. We are going to assume that the user is lazy and does not have a spare computer laying around for such an operation. No matter what software you are using to create a wallet, there will be a secret key involved since that is actually your wallet. There is crappy software out there that does not expose the secret key to you and makes you hunt for it. Then there is software that shows you the key and offers a backup method to help you secure it. Creating a wallet is done one of two ways, either you load the software and it is just there, because it was done automatically for you, or it is a creation process that the software walks you through. A good piece of wallet software will run you through the process but it really does not matter too much. What actually happens is, a wallet.dat file is created in the background. It is stored on your computer somewhere. That file is the software representation of your wallet and MUST be secured. It can be named something else, but most wallets use wallet.dat or at least let you name your wallet what you like. Creating your wallet will have three parts to the process: 1. File creation 2. File Encryption 3. Secret Key Somewhere in the process, you will be asked to create a password for your new wallet. This is very important to understand. All that password is for is to encrypt that wallet.dat file to prevent physical access or access without your permission. IT IS NOT YOUR WALLET. You can send your wallet password to 1000 Facebook friends and it will not matter, unless they get a the most important feature of all is to remember to be OFFLINE copy of your wallet.dat file of course :(. The password only allows the loading of your wallet with your permission. It is very important however that you choose a good quality password. I recommend 12 or more random characters. Then when you want to open your wallet to do a transaction, you will be asked to enter the password every time. This is important, but has nothing to do with the actual coin. Most wallet software will show you the Secret Key as part of the creation process. Here is how you back up your key. You will TAKE A SCREENSHOT of that key and even the password combination and print it out. Do not use any PRINT buttons on the software. Do not use any other method other than a screenshot. The reason is that the screenshot is unidentifiable. But clicking a button on the program could initiate a process which the key is sent to a bad guy automatically. So you can not even trust your own software :(. You print the key Good Secure Crypto Wallet Practices 3

out, label it and then hide that piece of paper. Yes I know that is stupid because we have all of this expensive hardware for security, but this is the ultimate method that guarantees no hacking, virus or USRERROR. Now when your computer crashes, the same one where you stored your secret key in a hidden file that is now inaccessible, you do not loose your money. You still have your secret key printed out on paper, which you can restore anywhere in the world. The ONLY time that you will ever be asked to enter your secret key while in any online mode, would be when restoring a lost wallet. Even then, you need to have a new wallet on standby so that once you restore your dead wallet, you can transfer all of the money out to your new wallet. Once your Secret Key is exposed or ever used from that paper, it is compromised and must be assumed that all the bad guys in the world are racing you to your wallet right that very second. NO other time will you ever use your secret key. You will however often be asked for your password. That is simply to open the wallet.dat file. Give Me Your Credit Cards. I Will Protect Them :) So you don t know me but that is ok. All of you give me your credit cards and cash to hold and I will never spend them, run away or otherwise steal them. Really? Would you really do that? Hopefully the answer is NO. Or we would have another USRERROR. So a little common sense here then. If you use one of these online wallet creators, which also generates your secret keys and sometimes even hosts the wallet.dat for you, can you really trust that your key is not recorded? The answer is no. There is no chance that you can trust me or anyone else. My recommendation is DO NOT use any online wallet creator. If you do, you are lazy and deserve to be compromised. I am sorry if that is too insensitive, but you are failing to do proper research and learn about this subject prior to going on the adventure. The fact is that you can not trust anything that is online. There are hardware wallets, that offer to store your secret keys, wallets and all sorts all for your convenience. Some store them using hardware chips and others just save them. I do not know if they are good or not, but it does not matter. Go ahead and use them. It is ok. As long as you are OFFLINE, when you use them then it does not matter. Securing Your Wallet There are many ways to secure your wallet.dat file which also include your secret key. The password is the last and final level of protection. Once it is compromised, you are done. So we need to add extra security. There is absolutely no better method of securing your wallet then a cold computer. It is a fact. Any computer that has had a brand new operating system installed and never ever touches the internet, can not be infected or compromised other than physical access. It can not send your secret key around the world and you can not accidentally enter the secret instead of your password and compromise your wallet. A cold computer is another story for another day. Otherwise, we need to secure our wallet.dat files on a non thinking or decision making device. We can use any USB stick to do it. You can use the Ledger Nano even. But you can also use a $5 stick. Personally I prefer any Sandisk USB device as it is simply better hardware and their proprietary encryption software is excellent. All we need to do is Encrypt the entire USB stick so that anything that we store on it is encrypted. This will add a second layer of security to your wallet file. Sandisk offers Encrypt Stick software to do this. I can not say that every encryption software is good because it simply is not so. Good Secure Crypto Wallet Practices 4

Trucrypt got compromised a while back. No matter if they fixed it or not, it proves that they have no idea what they are doing and can not be trusted. With your wallet file on a USB stick inside an encrypted section and with its very own password, now you have a good level of protection for your money that is still a little bit convenient to use. But keep in mind that the more convenient it is for you, then the less secure it is for the bad guy. Now all you have to do, is disconnect from the internet anytime you use your USB stick to sign outgoing transactions. The USB can be used as your cold storage meaning that it does not sit on a connected computer all day long. You do not need the stick to read your wallet. You do not need the stick to send money to your wallet. You can lock that stick away, feed it to your dog (twice a week) or whatever you need to hide it and still send money to your wallet. You will only need it to transfer coin out of your wallet because then we will need the secret key to sign that transaction. In closing, securing your secret key form the entire world is easy. Just remember when using anything associate with your secret key, do it offline. Never enter your secret key in any device unless you are recovering a wallet. Once a secret key is used, consider it compromised garbage which must be replaced. This does not mean when you sign a transaction. I mean when you enter it on your computer, in an online form or anywhere else accidentally. Yes there are a bunch of smart guys out there that will tell you otherwise. They will tell you that you are totally secure, that the statistics are with you and that online wallets can be trusted. Go ahead and listen to them bad guys can whisper sweet nothings to you too. How do I secure My Wallet So now I will give you an example as to how I personally store all of my coins. I am not concerned with telling you because my uncles Mr. Smith and Dr Wesson are always around and secure my physical access. When I first create a wallet, I immediately set a password and also get a screenshot of the Secret Key. Then I test my wallet to be sure that all is properly recorded and now mistakes were made. I try logging into the wallet. That will prove that the password is good. Then before I send any money to any address associated with the wallet, I destroy the wallet.dat file. I then use the Secret Key to restore my wallet. This proves that I correctly recored my Secret Key and that the wallet is fully functional. Next, I record the wallet address. I then take that wallet.dat file and back it up on a fully encrypted USB stick. The password is unknown by me. I know the PIN code and that is all. The PIN code is only half of my password and another hardware device supplies the other half. So to even open my USB stick you require the stick, my PIN CODE and the Hardware Token. Next I take that USB and throw it into my 1 ton Safe. With the address I can look at the wallet and watch deposits go in. Then once every few months or with large transactions, if need be, I break out that stick and double check that all is ok. I do not send coin out very often.i primarily build a supply for cashing in, in 5-10 years :). In the event that I need to send coin out, I actually have an extra computer sitting around. That computer has the wallet software on it also. When creating a transaction or order that says to send coin form my wallet to an address, I create a text file which is that transaction but it has not been properly signed with the secret key yet, so it will not function. From my online computer where I created the Send order, I save that txt file on a USB Stick and then take that stick to my offline computer. Using the wallet software I can fully log into that wallet and use the secret key to sign the transaction. This rewrites the data in that text Good Secure Crypto Wallet Practices 5

file which I can now take back to my normal online computer and send to the coin network. That completes the sending transaction and my Secret Keys were never exposed to any network. Good Luck :) Good Secure Crypto Wallet Practices 6

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback