Cryptocurrency users have a multitude of wallet solutions to choose from. For some reason, a lot of people tend to rely on web-based wallets, which are far from the most secure option. BitAddress.org is one such wallet, but a few warnings have been issued regarding this solution. Numerous issues have been identified, and Bitcoin users would do tell to look for different alternatives.
The number of online Bitcoin wallets is relatively large, yet not all solutions are created equally. In fact, one could argue users need to store funds either through a software client or use a hardware solution. BitAddress.org used to be a convenient online solution, but it is to longer as reliable as people may think it is.
To put this into perspective, Luke-jr explained the few issues related to this wallet on Reddit. First of all, the BitAddress solution is a website, which is not the safest way to store Bitcoins. If the service would ever go offline, it is doubtful users can still access their funds, unless they have the private key.
Time To Stop Using BitAddress.Org
Downloading the source code to run it locally is an option, but not the best one. Storing any sensitive information within a browser is just asking for trouble. Speaking of which, the code is Javascript-based, which brings even more concerns to the table. Over the years, it has become apparent JS is not secure for any data storage or communication.
To take matters worse, JavaScript can be hijacked through so many different attack vectors; users would be under constant threat. Worrying about one’s finances is troublesome enough. No one wants to face issues with the software side of things, especially not if they are unsure as to how they can fix it.
But that is not the biggest drawback of BitAddress.org. The service also encourages address reuse, which is an absolute no-go in Bitcoin. Plus, multiple key pairs can be managed by hand, making them prone to loss. Although us humans are the so-called pinnacle of evolution, we tend to screw up important things quite regularly.
Which brings us to what solutions can be trusted. In the year 2016, using a hardware wallet to keep funds safe is almost an absolute necessity. Mobile wallets add convenience, but for storing significant amounts of currency, they are not secure enough. Keep funds in an accessible wallet for spending, but store the rest offline. That is how most of the experienced users have done it for years.
Header image courtesy of Shutterstock
Ernie 
Spaceship Dmitri 
IPorter 
Rherison da Silva 
ArrozConCostra 
significant amount is subjective, do you have any exact starting figures where hacker would be willing to start working you out?
Can Bitaddress be used for generating new private keys for Bitcoin Cash? (theoretically should be fine, but just want other opinions)
i have used it for bch and retrieved it thereafter
Of course you don’t! The scaremongering on here is pathetic and can sometimes make black look white.
Spread and mitigate your risk, have several bitcoin wallets and keep them in different locations. You can even re-encrypt what you save on paper by for instance inserting your date of birth broken up into sections and embedded into the code. Then even if your paper wallet falls into wrong hands, they cannot decrypt it without knowing your secret code
I noticed a problem, I’m using debian linux, I went to the site and saved the html file. Using an offline linux running from the DVD, after generating the randomness, there are a few green dots on the screen that sometimes even disrupt the QRcode. I closed the file and opened it again and the green dots of the previous key generation still appear. The html file was saved to a USB drive while linux was running on the DVD. I rebooted the computer and entered the other linux installed in my HD and opened the html file and the green dots continued to appear.
This for me indicated that the html file was saving key generation data, or that some hidden file on the pendrive was saving html data
I did other tests, I entered the site again and saved another html, I made a copy of the html for txt. I generated the keys and it happened that the green dots of randomness appeared again, then I got the html with the green dots and made another copy for txt and I used the diff command in linux to compare the txt files of before and after the generation of the green dots and the diff found no difference. Then I looked for some hidden file in the same folder where the html file was saved and found nothing.
I do not know how the computer is remembering the green dots.
Using the github zipped html file does not give this problem, ie the dots are not on the screen.
Can anyone explain to me how the green dots are on the screen if nothing has changed in the html file and no hidden files have appeared?
this article doesn’t make any sense. please inform elsewhere