Bitcoin 12 word code in 1Password?

The_caveman
The_caveman
Community Member

Hi,
Been dipping my toes in the murky bitcoin waters and have a question: almost every wallet specifically states NOT to save the 12 words in a password manager.

Why?

Most of us store others bank information in there, so why not this?
Thanks.

Comments

  • Hi @The_caveman,

    I’m not familiar with Bitcoin so I’m not sure why Bitcoin wallet apps would make such a claim. If you find an answer (perhaps by asking the makers of the wallet apps that say so) we’d be interested to hear the reasoning.

    Ben

  • jessyc
    jessyc
    1Password Alumni
    edited September 2017

    Hi @The_caveman,

    Although I never convinced myself to invest in the Bitcoin (I feel it's too late now, what do you think?), I'm quite familiar with its technology and community.

    What I've came to understand is that everyone is being EXTRA careful with the Bitcoin – and slightly paranoid if you want my personal opinion.

    Yes, there's a risk associated with storing data digitally, there will always be a risk as hacking methods become more advanced – and I'm sure 1Password is monitoring that! But the same can be said of physical supports.

    I'm quite convinced 1Password is the safest option of all though.

    I too would be interested to hear what the makers of those wallet apps have to say, too. Maybe we are missing something that only true Bitcoin insiders figured out.

    Ultimately, the safest vaults are our brains… unless we get hit in the head :chuffed:

  • AGAlumB
    AGAlumB
    1Password Alumni

    @The_caveman: I'd take it with a grain of salt unless there's a good reason. One of my banks says exactly the same thing: "don't use a password manager, remember your password, type it in by hand". I guess they don't realize that most people read this as "use your pet's name" or something equally terrible.

    @jessyc: Yeah, I feel like it's too late for me as well...though we may all just end up using some cryptocurrency in the future anyway, without the benefit of being a speculator in the early days. haha

    But I think you hit the nail on the head. Like you, I can't think of a safer place to put something like that. But I'd be interested to hear the reasoning behind the recommendation. Maybe it's related to high-profile vulnerabilities found in other password managers.

  • I think they are simply doing cya, both the bank and bitcoin. One is highly regulated, the other, hmmm, not really (though apparently its hard to launder huge amounts of stolen coin). The first one, so if your password is hacked they can say I told you not to do that, the second because there is little if any recourse to the law or a regulator. Recommending a or any password manager puts them all on the hook if you pick notepad as your password manager or if they pick a specific vendor and there are issues.

  • AGAlumB
    AGAlumB
    1Password Alumni

    @AlwaysSortaCurious: I think you're probably right. ;)

  • The_caveman
    The_caveman
    Community Member
    edited September 2017

    Thanks all for the comments!

    You are probably correct in that nobody wants to recommend a service in case of future issues...
    About bitcoin, the boat has probably sailed for those who want to get really rich with it, but I'm just curious as to how it works and where it may go in x years...

  • AGAlumB
    AGAlumB
    1Password Alumni

    I've definitely been following it closely from the beginning. Even if I'm not willing to invest in it, it's incredibly interesting. :)

  • Smudge
    Smudge
    Community Member

    I would recommend that the email address associated to your BitCoin account is your own private account that is very secure and not a potentially less secure account like your work email address.

    I recently heard about a co-worker on our China development team have over $80k stolen from his BitCoin account. Someone knew that his work email was attached to BitCoin so they managed to get into his work email account, used the "Forgot my password" link to reset his BitCoin password, which was sent to his work email address, then they logged into BitCoin and transferred out the money. Due to the nature of BitCoin, he was not able to track where the money went or any way to get it back.

  • AGAlumB
    AGAlumB
    1Password Alumni

    Email can definitely be a weak link in our security. Thanks for mentioning it! Better safe than sorry.

This discussion has been closed.