Wallet Security Dos and Don'ts: Difference between revisions

From Bitcoin Wiki
Jump to navigation Jump to search
(fixed internal links, added structure to improve readability)
(Remove bad advice)
 
(10 intermediate revisions by one other user not shown)
Line 3: Line 3:
== Do ==
== Do ==


* DO encrypt your wallet
* DO seek to understand what you are doing, before you do it
* DO backup your wallet
* DO verify understanding by testing with [[testnet]]
* DO encrypt your wallet with a strong passphrase
* DO use recommended software from the list at https://bitcoin.org/en/choose-your-wallet
* DO use recommended software from the list at https://bitcoin.org/en/choose-your-wallet
* DO make multiple redundant backups of your wallet
* DO keep your OS up to date and run a virus scanner
* DO keep your OS up to date and run a virus scanner
* DO use a paper/hardware wallet for storing significant amounts
* DO manage significant amounts in offline wallets
* DO prepare for black swan disaster scenarios when dealing with large sums (e.g., fire & water damage, theft, head injury and death)


== Don't ==
== Don't ==


* DO NOT trust an untrustworthy device or program to generate your wallet keys
* DO NOT generate cold storage keys on Internet-connected machines.
* DO NOT reconnect to the Internet a machine that has had access to cold storage keys.
* DO NOT reuse a wallet encryption passphrases with online services
* DO NOT store your wallet on cloud storage (Dropbox, etc.)
* DO NOT store your wallet on cloud storage (Dropbox, etc.)
* DO NOT re-use addresses (this also applies to paper wallet addresses)
* DO NOT re-use addresses
* DO NOT generate cold store keys on Internet-connected machines. If it's for cold storage, it should never be Internet connected


== See also ==
== See also ==
Line 19: Line 25:
* [[Securing your wallet]]
* [[Securing your wallet]]
* [[Hardware wallet]]
* [[Hardware wallet]]
* [[Brainwallet]]
* [[Cold storage]]
* [[Paper wallet]]
* [[How to set up a secure offline savings wallet]]
* [[How to set up a secure offline savings wallet]]
* [[Paper ECDSA private keys]]

Latest revision as of 20:29, 23 January 2017

This article should not be considered as a replacement for the more in-depth articles on best practices, however key points in wallet security:

Do

  • DO seek to understand what you are doing, before you do it
  • DO verify understanding by testing with testnet
  • DO encrypt your wallet with a strong passphrase
  • DO use recommended software from the list at https://bitcoin.org/en/choose-your-wallet
  • DO make multiple redundant backups of your wallet
  • DO keep your OS up to date and run a virus scanner
  • DO manage significant amounts in offline wallets
  • DO prepare for black swan disaster scenarios when dealing with large sums (e.g., fire & water damage, theft, head injury and death)

Don't

  • DO NOT trust an untrustworthy device or program to generate your wallet keys
  • DO NOT generate cold storage keys on Internet-connected machines.
  • DO NOT reconnect to the Internet a machine that has had access to cold storage keys.
  • DO NOT reuse a wallet encryption passphrases with online services
  • DO NOT store your wallet on cloud storage (Dropbox, etc.)
  • DO NOT re-use addresses

See also