Wallet Security Dos and Don'ts (Windows): Difference between revisions
Jump to navigation
Jump to search
m Use of pirated software now sounds a little less condoned by the community than before, as it should. |
Let's not encourage copyright infringement at all |
||
Line 12: | Line 12: | ||
*'''Don't''' run bitcoin on an untrusted or badly maintained machine. | *'''Don't''' run bitcoin on an untrusted or badly maintained machine. | ||
*'''Don't''' run software that has been copied illegally (eg, "warez") | |||
*'''Don't''' install unnecessary browser plugins. | *'''Don't''' install unnecessary browser plugins. | ||
Line 56: | Line 58: | ||
*'''Do''' use the [http://noscript.net/ NoScript] plugin (or similar) in your browser and whitelist only the sites you trust. | *'''Do''' use the [http://noscript.net/ NoScript] plugin (or similar) in your browser and whitelist only the sites you trust. | ||
*'''Do''' run programs from questionable sources inside a virtual machine | *'''Do''' run programs from questionable sources inside a virtual machine, such as [http://downloads.vmware.com/d/info/desktop_downloads/vmware_player/3_0 VMWare Player]. | ||
*'''Do''' browse questionable websites from inside a virtual machine. | *'''Do''' browse questionable websites from inside a virtual machine. |
Revision as of 22:15, 3 August 2011
- Don't keep all your bitcoins in one wallet.
- Don't send bitcoins to a wallet that hasn't been backed up beforehand.
- Don't send unencrypted copies of your wallets over the Internet.
- Don't store unencrypted copies of your wallets on online backup/storage services.
- Don't run or install programs from questionable sources on the system where you are running bitcoin.
- Don't click on questionable links in your browser.
- Don't run bitcoin on an untrusted or badly maintained machine.
- Don't run software that has been copied illegally (eg, "warez")
- Don't install unnecessary browser plugins.
- Don't use a password for wallet encryption that you use elsewhere on the web.
- Don't use weak passwords. If a password is easy to remember without rehearsal, it is probably weak.
- Don't forget your passwords. If you write them down on a piece of paper, keep that piece of paper in a safety deposit box.
- Don't store unencrypted copies of your wallets on a device that you insert into machines of friends, at work, or while traveling.
- Don't insert any devices of doubtful origin.
- Don't develop a carefree attitude towards wallet security. Handle bitcoins with the same amount of diligence as you handle physical cash.
- Do keep at least one offline savings wallet.
- Do backup your spending wallet regularly.
- Do keep dated versions of each backed up wallet.
- Do encrypt all wallets as soon as they leave your system.
- Do keep encrypted backups of all your wallets in at least 3 physically separate locations.
- Do use strong, unique passwords to encrypt your wallets.
- Do use keyfiles to encrypt your wallets, and keep backups of your keyfiles in at least 3 physically separate locations.
- Do use a good antivirus and firewall, and keep them up to date (but understand their limitations).
- Do update all your installed programs to the latest version.
- Do update your operating system with the latest security patches.
- Do uninstall all programs that you don't use regularly.
- Do uninstall all browser plugins/ add-ons that you don't use regularly.
- Do always browse in private mode.
- Do use the NoScript plugin (or similar) in your browser and whitelist only the sites you trust.
- Do run programs from questionable sources inside a virtual machine, such as VMWare Player.
- Do browse questionable websites from inside a virtual machine.
- Do always connect the bitcoin client and IRC via Tor.
- If you own a large number of bitcoins, do invest time and money in order to secure them, just like you would with other valuables. If you lack the technical expertise, ask or pay somebody else to do it for you.
- If you believe your computer has been compromised, do wipe your HD and perform a clean OS install.