Author Topic: Cold storage?  (Read 9544 times)

0 Members and 1 Guest are viewing this topic.

Offline xeroc

  • Board Moderator
  • Hero Member
  • *****
  • Posts: 12922
  • ChainSquad GmbH
    • View Profile
    • ChainSquad GmbH
  • BitShares: xeroc
  • GitHub: xeroc
wallet_create <wallet_name> <new_passphrase> (BRAINKEY)

(not adviced to use -- you all know why)

so wallet_name is a temporary wallet name until I register something on the blockchain, new_passphrase can be anything because the client is only being run once offline, and brain_key is where I put my seed?


If you are exporting the private key that's all you need. It is completely unprotected on its own. You would create a new wallet with a new passphrase and import the private key. The private key itself does not have a passphrase.

so i understand the use of each of those fields correctly?
Interestingly there is sth missing in your quote :) .. odd

type
help wallet_create
in the console to be sure

merockstar

  • Guest
wallet_create <wallet_name> <new_passphrase>

(not adviced to use -- you all know why)

so wallet_name is a temporary wallet name until I register something on the blockchain, new_passphrase can be anything because the client is only being run once offline, and brain_key is where I put my seed?


If you are exporting the private key that's all you need. It is completely unprotected on its own. You would create a new wallet with a new passphrase and import the private key. The private key itself does not have a passphrase.

so i understand the use of each of those fields correctly?

Offline Riverhead

wallet_create <wallet_name> <new_passphrase>

(not adviced to use -- you all know why)

so wallet_name is a temporary wallet name until I register something on the blockchain, new_passphrase can be anything because the client is only being run once offline, and brain_key is where I put my seed?


If you are exporting the private key that's all you need. It is completely unprotected on its own. You would create a new wallet with a new passphrase and import the private key. The private key itself does not have a passphrase.


merockstar

  • Guest
some idiot sent 10BTC to the address that belongs to that passphrase some months ago
http://cryptocoinstoday.com/2014/06/26/who-the-fuck-sent-10-8-btc-to-the-correct-horse-battery-staple-brainwallet-via-rbitcoin/

wow. just wow.

that really makes me feel like I'm not reaching my potential :(

Offline xeroc

  • Board Moderator
  • Hero Member
  • *****
  • Posts: 12922
  • ChainSquad GmbH
    • View Profile
    • ChainSquad GmbH
  • BitShares: xeroc
  • GitHub: xeroc

merockstar

  • Guest
wallet_create <wallet_name> <new_passphrase> [brain_key]

(not adviced to use -- you all know why)

so wallet_name is a temporary wallet name until I register something on the blockchain, new_passphrase can be anything because the client is only being run once offline, and brain_key is where I put my seed?

Offline Riverhead

All good points.


Also, this :)


http://xkcd.com/936/

Offline xeroc

  • Board Moderator
  • Hero Member
  • *****
  • Posts: 12922
  • ChainSquad GmbH
    • View Profile
    • ChainSquad GmbH
  • BitShares: xeroc
  • GitHub: xeroc
wallet_create <wallet_name> <new_passphrase>

(not adviced to use -- you all know why)


Actually I don't :) . Why?
http://www.reddit.com/r/Bitcoin/comments/1c13ld/i_invested_all_of_my_bitcoin_to_a_brain_wallet/
http://www.reddit.com/r/Bitcoin/comments/1zti1p/17956_hacked_brainwallet_passwords/

plenty of storys on da internet


Ah yes. There are ways to make it much harder. Like have in your seed your first and last name. Then the attack would have to come after you specifically rather than a sequential brute force scan.
If your name was Foo Bar you can probably find someone in the phonebook to be called foo and some othere guy to be called bar .. computers do the rest

google for "johnTheRipper" you will be surprised

edit:
The have a GUI already:
http://openwall.info/wiki/john/johnny

Offline Riverhead

wallet_create <wallet_name> <new_passphrase>

(not adviced to use -- you all know why)


Actually I don't :) . Why?
http://www.reddit.com/r/Bitcoin/comments/1c13ld/i_invested_all_of_my_bitcoin_to_a_brain_wallet/
http://www.reddit.com/r/Bitcoin/comments/1zti1p/17956_hacked_brainwallet_passwords/

plenty of storys on da internet


Ah yes. There are ways to make it much harder. Like have in your seed your first and last name. Then the attack would have to come after you specifically rather than a sequential brute force scan.



But I agree, humans suck at random. What I typically do is blindly flip to random parts of a paper dictionary about nine times and then throw in the first/last name of a couple cousins.
« Last Edit: August 25, 2014, 01:26:14 pm by Riverhead »

Offline xeroc

  • Board Moderator
  • Hero Member
  • *****
  • Posts: 12922
  • ChainSquad GmbH
    • View Profile
    • ChainSquad GmbH
  • BitShares: xeroc
  • GitHub: xeroc
random > brain
when it comes to security!!!!

merockstar

  • Guest
wallet_create <wallet_name> <new_passphrase> [brain_key]

(not adviced to use -- you all know why)

cool! i'll have to sit down and figure this out.

memorizing a brainwallet is hard, and that's how I prevent myself from spending money I want to save.

is it a requirement that a corresponding account name be registered on the blockchain?
« Last Edit: August 25, 2014, 01:21:48 pm by merockstar »

Offline xeroc

  • Board Moderator
  • Hero Member
  • *****
  • Posts: 12922
  • ChainSquad GmbH
    • View Profile
    • ChainSquad GmbH
  • BitShares: xeroc
  • GitHub: xeroc

Offline Riverhead

wallet_create <wallet_name> <new_passphrase>

(not adviced to use -- you all know why)


Actually I don't :). Why?

Offline xeroc

  • Board Moderator
  • Hero Member
  • *****
  • Posts: 12922
  • ChainSquad GmbH
    • View Profile
    • ChainSquad GmbH
  • BitShares: xeroc
  • GitHub: xeroc
wallet_create <wallet_name> <new_passphrase> [brain_key]

(not adviced to use -- you all know why)

merockstar

  • Guest
if I had the programming chops I'd whip up a brainwallet utility a la bitaddress.org