i have btc in wallet created in 2018 by bitaddress.org site and i havent touched them till now.
back then i didnt knew what gpg signature is so i didnt verified.
But i worry too much are my funds safe.
Should i send them in new address generated via better methods(like linux electrum{python better randomness} offline gpg verified).
It is as safe as your password. If it is multiple words, that are nowhere written in the internet or your computer, or at least 8 random characters with uppercase, lowercase and numbers, then it is safe:
https://en.wikipedia.org/wiki/Password_strength#Guidelines_for_strong_passwordsThe problem with moving it is that if you have a malware installed, then it can get stolen when you try to move it.
And nowadays 30% of all computers in the US are malware infected:
https://dataprot.net/statistics/malware-statistics/And there are new and more sophisticated malware every day. So a hardware wallet is the only safe solution for the average user. Or a computer which is not connected to the internet, and then create and sign the transactions offline. But the average user can't do this.
I think Trezor is a good hardware wallet. It is like a strong brainwallet, but you can still use your coins regularly without the fear that malware steals it. And if you write down the passphrase for it (only on paper, never on any computer or password manager app), the hardware can even get lost or destroyed, and you can just enter it in a new Trezor device to get it back.
It has also a nice feature to create an addtional hidden wallet. In case of a
$5 wrench event, you can just tell them the first decoy wallet with less value, and your main value is in the hidden wallet.