Wallet Security Dos and Don'ts: Difference between revisions

From Bitcoin Wiki
Jump to navigation Jump to search
Rnicoll (talk | contribs)
m Rephrase "trusted software" to "recommended software" to make it clearer
Luke-jr (talk | contribs)
Remove bad advice
 
(11 intermediate revisions by one other user not shown)
Line 1: Line 1:
This article should not be considered as a replacement for the more in-depth articles on best practices, however key points in wallet security:
This article should not be considered as a replacement for the more in-depth articles on best practices, however key points in wallet security:


* DO encrypt your wallet
== Do ==
* DO backup your wallet
 
* DO seek to understand what you are doing, before you do it
* DO verify understanding by testing with [[testnet]]
* DO encrypt your wallet with a strong passphrase
* DO use recommended software from the list at https://bitcoin.org/en/choose-your-wallet
* DO use recommended software from the list at https://bitcoin.org/en/choose-your-wallet
* DO make multiple redundant backups of your wallet
* DO keep your OS up to date and run a virus scanner
* DO keep your OS up to date and run a virus scanner
* DO use a paper/hardware wallet for storing significant amounts
* DO manage significant amounts in offline wallets
* DO prepare for black swan disaster scenarios when dealing with large sums (e.g., fire & water damage, theft, head injury and death)
 
== Don't ==
 
* DO NOT trust an untrustworthy device or program to generate your wallet keys
* DO NOT generate cold storage keys on Internet-connected machines.
* DO NOT reconnect to the Internet a machine that has had access to cold storage keys.
* DO NOT reuse a wallet encryption passphrases with online services
* DO NOT store your wallet on cloud storage (Dropbox, etc.)
* DO NOT store your wallet on cloud storage (Dropbox, etc.)
* DO NOT re-use addresses (this also applies to paper wallet addresses)
* DO NOT re-use addresses
* DO NOT generate cold store keys on Internet-connected machines. If it's for cold storage, it should never be Internet connected
 
If for whatever reason you are developing your own software wallet, DO NOT implement cryptographic tools yourself. See Sony losing the master signing key from the PS3 as an illustrative lesson in what can go wrong: http://www.exophase.com/20540/hackers-describe-ps3-security-as-epic-fail-gain-unrestricted-access/


For more detail, please see the main article at https://en.bitcoin.it/wiki/Securing_your_wallet or the related articles:
== See also ==


* https://en.bitcoin.it/wiki/Paper_wallet
* [[Securing your wallet]]
* https://en.bitcoin.it/wiki/Paper_ECDSA_private_keys
* [[Hardware wallet]]
* https://en.bitcoin.it/wiki/Hardware_wallet
* [[Cold storage]]
* [[How to set up a secure offline savings wallet]]

Latest revision as of 20:29, 23 January 2017

This article should not be considered as a replacement for the more in-depth articles on best practices, however key points in wallet security:

Do

  • DO seek to understand what you are doing, before you do it
  • DO verify understanding by testing with testnet
  • DO encrypt your wallet with a strong passphrase
  • DO use recommended software from the list at https://bitcoin.org/en/choose-your-wallet
  • DO make multiple redundant backups of your wallet
  • DO keep your OS up to date and run a virus scanner
  • DO manage significant amounts in offline wallets
  • DO prepare for black swan disaster scenarios when dealing with large sums (e.g., fire & water damage, theft, head injury and death)

Don't

  • DO NOT trust an untrustworthy device or program to generate your wallet keys
  • DO NOT generate cold storage keys on Internet-connected machines.
  • DO NOT reconnect to the Internet a machine that has had access to cold storage keys.
  • DO NOT reuse a wallet encryption passphrases with online services
  • DO NOT store your wallet on cloud storage (Dropbox, etc.)
  • DO NOT re-use addresses

See also