Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Announcements (Altcoins)
Re: Nxt :: descendant of Bitcoin - Updated Information
by
bizz
on 06/12/2013, 04:33:10 UTC
Quote from: BitThink on December 06, 2013, 03:03:47 AM
Quote from: 2Kool4Skewl on December 06, 2013, 02:51:54 AM
Quote from: BitThink on December 06, 2013, 02:38:50 AM
Quote from: bizz on December 05, 2013, 10:23:24 PM
Quote from: Kyune on December 05, 2013, 10:13:16 PM
Quote from: Come-from-Beyond on December 05, 2013, 08:57:37 PM
Added warning for secret phrases < 30 symbols.
Unlike Bitcoin, Nxt presently relies solely on brainwallets as the means of user authentication.  There is no "cold storage" alternative offered.  I see this security model as a vulnerability, and as future PR problem hurting mainstream adoption if Nxt coin heists do start happening.   Brainwallets are surprisingly tough to get right for the unsophisticated user.



I just disconnected from Internet, started the client & generated offline cold storage address (wallet).
Then you have no way to put any Nxt into this address.

You can generate an address offline and then deposit funds to it.
Yes, but it does not solve the problem. Once people knows the brain-wallet password, he can withdraw the money on any computer. It does not matter whether you create the address online or offline.  Creating an address offline only avoid sniffering, but cannot avoid dictionary attacks at all.

Why the hell would I go through hurdles of creating offline account for cold storage and then use password "12345" Huh

Of course high entropy pass phrase should always be used regardless of cold/hot storage. Use 8+ (make that 10+) diceware words or random generated 30+ symbols.