Using keepass to store Bitcoin private keys & seed words – is it safe?
Where do you store your private keys? If it is on memory stick then how do you keep that safe? Do you store it on cloud? No, that’s really a bad idea. Under the bed? Do you print it on paper and put it in a safe locker?
Everybody has their own way of storing private keys. Some use Mycelium. Some store it on Ledger Nano and some use Electrum on Tails OS. Wherever you store them remember to encrypt the file that holds the private keys / seed phrase. This way even though if someone gets access to those files they cannot access your coins.
Recently in our forums an user asked (link) whether; is it safe to store cryptocurrency credentials like Bitcoin private keys, wallet seed words on keepass password manager?
Cold storage: The ultimate solution
The most safest way to store your cryptocurrency long term is in a cold storage wallet such as paper wallet or hardware wallet.
The difference between cold and hot wallet is that: Hot wallet is a software application that you use on your PC / Mobile. These wallets are connected to the Internet most of the time and so they are highly vulnerable to attacks. Whereas cold wallets are something that is completely off from the Internet. It can be a paper wallet, hardware wallet or even a software wallet that is completely offline.
With paper wallet you only get to maintain one key-pair. A keypair is nothing but that holds two piece of data. A public key which is your Bitcoin address and a private key that gives you access to that address.
On the other hand with hardware wallet you get to maintain multiple key pairs. These wallets have secure private key management. When setting up your wallet you’ll be provided with a 24-word recovery phrase also known as mnemonic seed. This seed word allows you to manage multiple crypto assets and addresses from a single device.
Now if you use paper wallet you need to safeguard your private key. If you are using hardware wallet you need to secure the seed words. How do you safely store these information?
Memorizing some randomly generated phrase is not practical. This is why it is recommended to write down private keys & mnemonic seeds in a piece of paper and put it in a safe place.
If you are worried about paper getting burned or misplaced then there is also another way of securing this ultra sensitive information. By using Keepass password manager.
Keepass password manager
Password managers are not only meant to store your everyday Internet passwords. But they can also be used to store any highly sensitive data.
There are many password managers out there but the best one is Keepass or KeepassX. It is the most suitable software to store top secret cryptocurrency data’s for example: private keys and seed phrases. So why Keepass?
- Keepass is a free and an open source password manager that is been around since 2003. Since it is an open source software anybody can throw a security audit to supervise the safety of the software.
- Portable and cross platform compatible: Keepass officially supports Windows, Mac OS and Linux. Additionally there is also unofficial keepass ports available for Windows phone, Android, IOS and Blackberry.
- Stores database offline: Unlike other password managers keepass stores your information on your device. It’s not hosted anywhere and so nobody owns your database except you.
- Can be used to store various passwords and complex codes including your private keys and wallet seeds.
- Top-notch encryption – The database file that holds your information is secured using one of the most advanced encryption algorithms.
Now before you go ahead and download keepass to store your crypto details here is something to note.
keepass to store private keys; Are they safe?
With all that said remember that keepass is a software on your PC / Laptop. In any case if your machine gets compromised then keepass can also become vulnerable just like any other app. So make sure to run full malware scan before you setup the software. This way you can ensure your computer is clean and is in a healthy condition.
Another thing you need to ensure is to set a strong master password to the database file. Now this master password is the key that lets you access the database containing all your crypto keys. If you forget this password then you’ll lose access to your keys. So ensure that the password is strong enough in such a way that it cannot be brute forced and also something that is easy to remembered by you.
Storing private keys and seeds on keepass is not a good idea only if you are storing the database file on cloud or on your PC that is connected online 24/7. It is totally safe if the database file sits in an offline device such as USB stick or external hard-drive. This way it will function pretty much like a hardware wallet.
Finally to protect the file from future hardware failure you need to backup the database to two or more offline storage. If you ensure all this then keepass can provide the best method to store your crypto information.
How to use keepass to store private keys & seeds?
To get started all you need is
- A clean PC
- USB drive
- keepass software
Download the latest version keepass from here: https://keepass.info/download.html
You can either download the portable version or the installer file. Both are lite weight and easy to setup.
Once setup is done, open keepass.exe and go to File >> New which will create a new database file.
Keep database in cold storage
First thing is you’ll be prompted to specify the location where keepass should save your database file. As we mentioned earlier we recommend storing this database file directly on a USB drive.
Click OK, choose the USB drive location and name the database file. Now you’ll be prompted to set a master password. Remember that if you forget this master password, all your private keys and seeds in the database are lost, too. So ensure it is strong enough and is easy to remember.
Learn more about setting master passwords and key files.
Once the above steps are done; name the database, keep all other settings as default and click OK.
Storing crypto keys and seeds
Now this software is easy to use and pretty much self explanatory. Here lets’ see how to quickly store your crypto private keys & seed phrases.
Open the application, click on the key icon and choose add entry.
In the title field input the name of the coin. In notes enter your wallet address (public address) and in password field enter the private key.
Now before clicking Ok double check whether the private key entered is correct. Once done click OK to save your first entry.
To ensure everything is working correctly, save it, close the database and open keepass again. If everything is perfect and your entry is accurate then you can go ahead and add more entries for different coins.
To copy the public address, private key or seed phrase just double click the entry and the data will be copied to clipboard. For security reasons it will remain copied only for few seconds.
Now all you need to do is backup the database file to several offline device. Also make sure you do not forget your master password. That’s all. Hope it works out for you.
As we said earlier; when it comes to storing private keys hard wallet is the most recommended and is still unbeatable. However with this method you can make keepass serve as a budget hardware wallet. As long as your files are stored offline they are totally safe.
Now that you’ve learned how to use keepass to store private keys & seeds here are few guides on how to import them.