Bitcoins Stolen From Me In My Lifetime: 0

Let me explain one difference between ME and most of YOU:  For the low price of $319 (http://www.theposwarehouse.com/wasp-wdi4500-2d-barcode-scanner-usb/), I own one of these, and you don't.



Because of this, I can practice safe Bitcoin without going out of my way.  Seriously, if you handle other people's money, you should invest in one of these.  The way this scanner works is, if I point it at a QR code and squeeze the trigger, it types whatever's in that code on my computer by pretending to be a USB keyboard.  As a result, moving coins to and from paper wallets is ridiculously easy.

When scanning QR codes is easy as aiming and pulling a trigger, it seems like so much less of a hassle to just throw that online bitcoin balance to a paper wallet before leaving or going to bed.

Whenever you make a purchase on Casascius.com, you are paying an offline wallet.  The concept is simple - I generated a large number of addresses, but only put the bitcoin addresses on the server, not the private keys.  Such wallets can be generated via BitAddress.org, or via my free open-source Casascius Bitcoin Address utility.  When I need to access the money you sent me, I pull out the paper wallet and start scanning.

For what it's worth, if you make a particularly large order, you get served an address that's even colder: an encrypted one kept partially in a safety deposit box.

I could still get hacked, but my losses would be limited to what the attacker could do with my website until I noticed it, such as making it serve his own bitcoin addresses instead of ones belonging to my offline wallet.  Bottom line, there is rarely a moment in my life where I have large numbers of BTC (of my own or anybody else's) anywhere it could be stolen from me.

If you MUST accept deposits into a hot wallet, consider only accepting your smaller deposits/incoming payments into the hot wallet, and having your largest ones go straight to paper.  If you have a way to know when you expect a large incoming deposit/payment, you could program your server to serve an address from your coldest paper wallet, so it never goes online.  For example, if you're an exchange that gives bigger limits to some customers, they will probably be the biggest depositors, so have the limit-raised customers always receive addresses belonging to cold storage and use the hot wallet for the rest.

Why am I hyping this today?  Because if more people followed these easy steps and invested in a $319 barcode scanner, we wouldn't be seeing so many big thefts.