External links


General Security Rules

There are four major rules about bitcoin wallet security:
  1. Always protect your wallet with a strong password. This way, it will take very long before an attacker that has access to your wallet will be able to use it. That delay will give you time to move your coins to a safe place.
  2. Never let anyone else access your wallet. Even if your wallet is protected with a very strong password, that password will not hold forever. With enough time an attacker will eventually find out your password and spend your coins. To prevent that, you must not disclose your wallet either. This also includes to not store the wallet in any kind of cloud storage as Dropbox, Google Drive, etc.
  3. Never use the wallet on an untrusted computer. In this case, untrusted means both hardware and software. There exist small hardware devices that can be attached between keyboard and computer and that record your passwords. But in most cases, computers become insecure because of malicious software, e.g. viruses or trojan horses. Any computer that is not administrated by you should be considered insecure. Also any computer that is used for daily work like Internet browsing is to be considered insecure. This is the reason I created BTC Vault, so you can at least trust the software on the computer.
  4. Always keep a backup of your wallet. Even if no attacker steals your coins, they can be lost for you if you lose access to your wallet. This does not mean that you should store your wallet file in a cloud storage where someone else might possibly access it. With the electrum bitcoin client it is enough to backup the master key called "seed" as long as you did not import any other private keys:
    • You can print it out and store it in a safe place.
    • You can encrypt it and store it on another safe computer or on a usb stick.
    • You can use steganography to hide it in an image file.

BTC Vault Specific Rules

There are some rules that specificly apply to BTC Vault:

Checking BTC Vault Security

For your security it is important that you not only trust me that BTC Vault is secure but check that it actually is and nobody (including me) messed with the files you are using.
No matter whether you are using the CD image or a USB stick you can make sure that your files are secure with the following steps:

Check by Proxy

If these steps are too complicated for you, and you trust someone else who checked the files you can compare your version to the one he checked using the following command:
$ find slax -type f -exec md5sum \{\} \; | sort -k 2
This command will output a list of hashes of all files on you CD or USB stick. If they match, the contents are identical.