First, let’s talk about how Bitcoins addresses work.
A picture of Bitcoin addresses as a series of secure deposit boxes in the bank can lead to many questions. Anyone with a box key can open and retrieve content. As with Bitcoin, anyone with the key to a given Bitcoin address can use the bitcoins stored at that address.
When you create a new Bitcoin address, you create both a public address and a private key associated with it. A secret key is a random sequence of numbers and letters. You are the only one who has the keys, but you can give a public address to anyone without any worries. Others may send bitcoins to your public address, and then you can use those bitcoins using the secret key associated with that public address. In Bitcoin software, all of this is done behind the scenes.
Back in our example, if the key to the deposit box is stolen, the thief can access the contents of that box. Similar to Bitcoin, if someone steals a private key, you will be able to use any bitcoins within the address associated with that private key. And to be clear, the thief only needs a copy of those randomly looking letters and numbers – it does not actually remove anything from your device.
Typical methods of stealing those secret keys include malicious software/viruses that can read files on your computer and track down buttons, cybercrime websites that may collect information about users of online services, and fake online services that pretend to secure your bitcoins, then the user. sweep all the bitcoins stored at his Bitcoin address.
To protect private keys, some people enter them with passwords. While this makes the storage more secure, it is not tricky (a malicious computer keylogging program can detect your password and remove encryption). Another way is to use a hardware device like the Trezor – so far, this has proven to be completely safe. Others use computers to create an offline address, remotely offline and then print out those addresses. This is called paper wallet storage.
Many people recommend anti-bitcoins storage services on behalf of users, so the service should be trusted not to steal bitcoins. This would be like having a bank with another key to your security deposit box – as long as you trust your bank, that’s fine, but you wouldn’t keep anything valuable in that box with that trust.
Importantly, without a mindless tool like Trezor, it can be difficult to ensure that your bitcoins will never be stolen. It is my strong recommendation that such a device be used by anyone who has just studied computer security and electronics.
