Securing, Encrypting & Backing up Your Peercoin Wallet

This guide provides a high level of security for minimal effort. There are other more secure methods. However, this is likely the best advice for the average user. If you own less than 1000 Peercoins, this is the guide for you.

Possible Ways to Lose Your Peercoins:
1. A hacker gets a copy of your wallet and manages to brute force your password.
2. After encrypting your wallet you forget the password.
3. Your hard drive fails.
4. A hacker gets a copy of your wallet and installs a key/action logger on your system to get your password. (This is the only threat that remains non-negligible using this guide. It is still very unlikely provided you keep your antivirus up to date and are careful with what you download.)

Using Keepass to Create & Store Your Password:
KeePass is a free, open source password manager. You can read about it and download it here

Using KeePass you can create strong, random passwords that are nearly impossible to brute force. I recommend 20 characters. Now you want to;
• Create a KeePass file with a master password that you can easily remember.
• Create an entry with a randomly generated 20 digit password. Call it something you will recognize, ie PW password, . This is the password you will use to encrypt your wallet.
• Save this file to an external storage device; USB stick, SD card. etc.

Encrypting Your Wallet:
Before encrypting your wallet it’s a good idea to print your password and hide it somewhere you will never take your wallet, ie Parent’s house. This means if you somehow lose your KeePass file you will still be able to find your password.

Now you are ready to encrypt your wallet;
Copy the password from the KeePass file by right clicking the entry and use it to encrypt your wallet in Settings, Encrypt Wallet.

Backing up Your Wallet:
Your wallet is stored as a wallet.dat file in a folder called PPCoin. Usually it’s found here; C:\Users\YourUserName\AppData\Roaming\PPCoin.
Copy the wallet.dat file. On your usb stick create a folder called something like ‘Peercoin Wallet’ and paste the wallet.dat file in there.
As long as you remember your KeePass password you can now restore and use your wallet from this USB drive. Even if you don’t, you have the printed password hidden at your parents house :wink:

Restoring Your Wallet:
To restore your wallet, simply copy the wallet.dat file from your USB stick to the PPcoin folder on your hard drive. This will write over the existing wallet.dat file in that folder, so make sure it doesn’t contain any Peercoins.

Multiple Backups:
For extra vigilance you should create at least 2 backups. Copy the wallet.dat file and KeePass file from the USB stick to an additional USB stick or SD card. Hide these safely in different locations.

If you’ve not yet sent your coins to your wallet you may wish to test your backup before you do. Send 0.1 PPC to your wallet. Delete the wallet.dat file from the hard drive on your PC. Restore the wallet from your USB stick. Send the 0.1 PPC out of your wallet using the password on the KeePass file.
After this all works you can send all your Peercoins to your wallet and be assured they are safely backed up.

Evaluating Remaining Risks:
Risk 1: It is currently almost impossible to brute force a 20 digit random password. You should be safe for the next 10 years at least.
Risk 2: As you have a printed copy and 2 KeePass files with your password. You would need to lose all 3 to lose your coins. This should be extremely unlikely.
Rick 3: If your hard drive fails, both of your backup USB drives would also have to fail for you to lose your coins. In 1 year this is a minute possibility. Over 5 years the probability becomes non negligible. Therefore you may want to buy new USB drives every few years.
Risk 4: Unfortunately this method will not protect you if your system is completely compromised. If a hacker can copy your files and log your actions you may lose your Peercoins. The most efficient method to protect against this is to always keep your Antivirus protection up to date and to be careful what you download. To fully protect your wallet even if your system is compromised you need to use a cold storage wallet. This is more difficult to setup and probably not worth the effort unless you have a lot of coins to secure.

Other Risks:
One other option is somebody could steal your USB stick and brute force the KeePass file’s master password. This would be possible as you’ve deliberately chosen something that’s easy to remember. However, physical thefts are rare and it would take time to brute force the password. In the unlikely event that your USB stick is stolen simply move the coins into another wallet asap.

Times You Need to Make a New Backup:
As transactions are stored in the blockchain and not in your wallet, you only need to backup your wallet once. You can send and receive coins after this without needed to create additional backups.

However, there are a few occasions when a new backup is needed;
• You encrypt your wallet or change the encryption password. A new backup is needed to update the encryption details.
• One of your backup USB drives fails.
• You use more than 100 addresses in your wallet. This one is tricky. Most users will only use a few addresses and won’t need to worry about this:

When your original wallet.dat file is created it stores 100 addresses associated to that wallet and stores the 100 keys for these addresses. If you add more than 100 addresses your original backup won’t hold the keys for addresses 101+. Therefore you will need to create a new backup.

Lots of good info here hanzie !!

I took a look over it and checked out keepass available on sourceforge, very good.

I did read about some incompatibility issues between an alternate project keepassX and keepass with file format inconsistencies which was annoying to read. But that was Nov 15 2009.

Thought I’d share:

For keeping my strong passwords safe, I use a pen and paper and manually type them in, it works for me.

(Oh, and a deadbolt on the front door, and a rottweiler who is very protective, and… and… )


So if my PeerCoin Wallet got corrupted did I lose the PPC in it or can I download a new wallet replace it the PPC will be there all i need is my password?

please let me know since that is what happened.

How did you know it is corrupted? What is ths symptom? Password is used to descrypt keys in the wallet. Did you try salvagewallet?

i dont know

i don’t even know how it is even still working

i seemed to have exported the wallet and deleted the peercoin app

then I downloaded a fresh version of the wallet

and now it works.

i don’t know what happened but the symptoms was that the PPC logo screen would stay and not leave with the wallet open.

i fixed the issue though.


When is the password required? Is it when you send Peercoins? I know you need the pass to open the wallet to mine but when else?

Mmh. Transactions and importing/exporting keys to start with the common ones.

Is enough with dump the private key and store offline somewhere safe ?

Can you elaborate on what importing/exporting keys means?

you can in- and export them into your wallet.

First you need to encrypt your wallet, which means encrypt your private keys(s) with a password.
The private key is used whenever coins are spent (moved) or staked (PoS minting).

So, if you want to mint you need to unlock your wallet and thus provide your password (it will store the decrypted private key in memory for as long as you want to mint). If you want to spend your coins you also have to provide your password to decrypt your private key.

In short your password is used to protect your private key, whenever the private key needs to be used you have to provide your password.

If you are worried about your private key’s security when minting, you can read more about the upcoming Cold Minting Peercoin security feature to protect that private key here:

Very helpful info thanks.