Yes, my recommendation would be to use a publicly available library like phpass (if your website is PHP based).  The public libraries have had more sets of eyes to look them over and find potential security problems:

http://www.openwall.com/phpass/

And here is an example of how to code this:

http://stackoverflow.com/questions/1581610/help-me-make-my-password-storage-safe/1581919#1581919

Not really - multi-iteration salting doesn't scale with Moore's law.  When faster CPUs/GPUs come out next year you would have to keep increasing the number of salting iterations.  All of these salting iterations are hand-coded as well, making it tremendously tedious to keep updating.

Normal hash functions like MDA5, SHA-1, SHA-256 are designed to be incredibly fast.  We don't want figuring out passwords to be this fast, so bcrypt is a perfect algorithm because it was designed to have a work factor so that it can be made slower.

I would much rather have to wait 100ms to login to a secure BTC exchange rather than have my password brute-forced by a GPU cracker in just a few seconds.

If you think your user's passwords are secure because you're using a 512-bit iterated hash salting algorithm, you're incredibly mistaken.

This article tells you why bcrypt should be the proper way to securely store our passwords:

http://codahale.com/how-to-safely-store-a-password/

Every day we hear about more systems being compromised, and frankly, I'm sick of my passwords getting stolen.  Let's start using secure password storage mechanisms instead of generic hashing algorithms and make the entire community more secure.

Thanks for all the replies.  The more I consider this, it would need to be a service like LastPass, but integrated with the Bitcoin client.  So, essentially, all wallet decyption is done locally on your machine and we never get a copy of your wallet that is unencrypted.

If you have used LastPass you know how this works.  Never trust anyone with your wallet is right.  Personally I would not want to guarantee other people's wallets, because who knows what will happen?  MtGox being hacked has proven what the risk can be.

The first step to scamming^Wmaking money from Viral bitcoins is to:

Write an eBook about making money with viral bitcoins!!!  Spam your referral link inside the book, telling everybody else to write their own book about making Bitcoins, with your referral link in it.

Genius - I can't believe someone didn't think of this before... (lol)

Welcome.  It sounds like there is a demand for a service like this.  When you say you provide 100 percent coverage of your bitcoin wallet, regardless of what happens to it, what are you guaranteeing?  Are you refunding the contents of customers wallets in case they get compromised?  I don't see how you can do this if the customer keeps a copy.  If the customer uploads a copy that you encrypt, and they keep an unencrypted copy on their home computer, it will still be vulnerable to loss or theft.

Also, how can you prove the the coins were not just spent by the customer?  The only way to really guarantee that nobody will spend the coins except an authorized user is to keep a single copy of the wallet in a highly secure place, with strong encryption.

Basically, by keeping your wallet on a remote server, if someone hacks your home computer, they never get a copy of it, so they can't spend your Bitcoins.  Even if that person installs a virus, trojan, or keylogger on your home computer and steals your password to our site, unless they steal your cellphone too, they can't spend your coins because our service will send you a text message with a 4 digit code every time you try to spend coins.

If done properly, it should be more secure than keeping an unencrypted wallet on your home computer.

This is an interesting concept as well, although it is different than what I had in mind.  I think your idea is great for a vaulting service for high value Bitcoin wallets, although I want my service to be much more liquid and easy to get BTC in and out.

Right, if you could do it in javascript, preferably (Wallet API or something similar) you could theoretically do it on any browser.  The paranoid among us could peruse the javascript to verify that passphrases are never sent across the wire.

None taken.  This is why I wanted to discuss the idea first before implementing it, to let you guys poke holes in it and see if it's a worthy project.  For the advanced option, what if we took the same approach that Hushmail uses, where encryption is done in either client side javascript or a full java/flash app (although I dislike having to run plugins just to access your wallet)?  That would probably be a better option for the truly paranoid (which I admit I am one myself)...   

Meatspace storage of wallets would be a good idea for very large sums of money, but I think most people are better off doing this themselves through a bank safe deposit box.  It's also a very customer service intensive business and requires hiring a lot of staff.

Right, you would have to trust that we only generated your decrypted wallet in memory, and it was not stored to persistent storage in unencrypted format.  Also, you would have to trust that every time we decrypt it to perform a transaction, we don't keep an unencrypted copy somewhere on persistent storage.

I think the Wallet API specification is a great starting point, but it does lack the security of 2-factor authentication.  What if we extended the Wallet API to allow you to not only host your wallet on our servers, but to also sync it to any of your devices?  The extension to the wallet API would be necessary to add the SMS text message as part of the wallet sync procedure for new clients, so that if your PIN is compromised your wallet is still secure.

I appreciate the quick replies.  I've been mining for a few months now but have just been lurking on the forums and didn't feel the need to create an account earlier.

Trust is a huge issue.  I plan on offering the service for free in the beginning - people can create a wallet, send a fraction of a coin, test it out, and see how it works.  Hopefully trust will be built in the system, as I share more details about the steps I am taking to secure your wallet.

I am also thinking about adding an "advanced" feature where your wallet is encrypted on our servers using a strong passphrase that you have to remember and use every time you login.  That would provide the ultimate level of security, in that even I couldn't decrypt your wallet, however, it also means that if you forget your passphrase, your wallet is truly lost forever, along with all of the coins in it.

I believe for most people, this is too high of a level of security.  Having some secondary security questions that must be answered for a password retrieval are needed, so that coins aren't lost forever.

But, for those advanced users that want the ultimate in security - a strong passphrase that only they know, combined with a second authentication token provided by SMS, will give a security level that is stronger than even using Truecrypt on your local drive - after all, truecrypt is vulnerable to keylogging software.

I wanted to detail some of the advantages of a secure wallet service, as I see it:

• New Bitcoin users would not have to download or install any software on their computer.
• No need for each user to download the entire blockchain or store it locally.  We keep the entire blockchain updated on our servers so it creates a much lighter load on the Bitcoin peer-to-peer network.
• Access to your wallet to send or receive coins from any computer with a web browser.
• Access to your wallet from mobile devices such as iPhone, Android and iPad.
• Possible future mobile payment applications similar to Dwolla - would require merchant APIs and integration.

When you think about it - in the future Bitcoin will have many banks.  Most Bitcoin users will not be downloading and installing software on their home computers.   It is too much for the average person that just wants to add some coins to their wallet and spend them to worry about backing up their wallet, securing it, and maintaining a Bitcoin client plus the entire blockchain on their computer.

Personally I don't like the fractional reserve banking system that we have in the US, where banks receive deposits and then lend out between 10-30 times the amount of money in the form of mortgages and credit card debt.  For this reason, I think a secure wallet service where no money is lended, but the money stays in your wallet forever, is keeping with the spirit of Bitcoin.

Trust can be verified through the blockchain - you will be able to verify that I never touch your wallet except when you authorize me to.

Thanks for reading this long post, and kind regards.

Hello everyone and welcome.  I'm thinking of starting an online secure wallet service.  Basically, the current Bitcoin architecture is fine, but it has some serious security flaws.  As we've seen lately with "allinvain" losing 25,000 BTC and the trojan that steals wallet.dat files, people need an easier way to secure their wallet and prevent theft of all their coins.

What I'm proposing is a secure website where anyone can create a Bitcoin wallet.  It is stored in an encrypted format on a server, and can be accessed from any web browser.  Whenever you want to send Bitcoins from your wallet, you need to authenticate with a password that you choose, and a text message is sent to your cellphone, which you type into the website.  This 2-factor authentication is more secure than most online banks and ensures that even if someone hacks your computer and captures your password, they still can't transfer funds out of your wallet.

To clarify - this would not be a Bitcoin bank.  The wallet belongs to you and you alone.  Nobody is going to lend your Bitcoins to other users like a traditional bank.  This is just a secure wallet storage facility with 2-factor authentication.

I plan to fund this project by charging a small transaction fee for sending coins - something like 0.05%.  I realize Bitcoin was designed to be a currency without transaction fees, but there is a cost to send the text messages and designing a website that is secure is not an easy challenge.

Would anyone be interested in such a service?