MENU logo
logo
Blockchain Wallet FAQ - blockchain.info

Blockchain account

Blockchain Algorithm / March 21, 2018

Secure bitcoin wallet

Two Factor Authentication

It is highly recommended you enable two factor authentication on your My wallet account. Your wallet data is still only encrypted with your password however a second authentication step will need to be passed before your encrypted wallet data is output. Currently we support Yubikey and email two-factor authentication.

Failed Login Attempts

If you have two factor authentication enabled on your account after 4 failed login attempts your account will be locked for 2 hours at which point no more login attempts can be made. You will be sent an email if your account is locked giving you time to take precautions if necessary.

Secret Phrase

A secret phrase can be set in your "Account Details" panel after login. In the case of lost wallet identifiers, yubikeys or lost email access the secret phrase can be given to us to help verify account ownership. This is reviewed manually on a case by case basis.

Sessions & cookies

For your convenience once two factor authentication is verified this will be remembered for a short time. Yubikey sessions expire in 4 hours, Email Codes expire in 24 hours.

Local storage

No sensitive data is stored in your browser's local storage. If available the site will cache your wallet identifier, address balances and transactions, in the event of login with a different identifier this data is cleared.

Password Policy

Your password is never transmitted over the internet, sent to our servers, stored in cookies or in your browser's local storage in any form for this reason we are unable to help recover lost passwords.

Access to personal data

Your personal data such as email address is only made available to a client with the associated shared key, this is encrypted inside your wallet which requires your password to reveal.

Cross-site scripting (XSS)

All user data is stripped of any html or javascript code before being output. You are encouraged to review our code for possible XSS vulnerabilities.

Cross-site request forgery (CSRF)

As a password is required for every login and no cookies are used the site is not vulnerable to CSRF exploits.

Server Access

Our database and website run on privately owned dedicated hardware which is located in a secure data center with a 24 hour security guard. Only the site administrator has access to the servers.

Backup Policy

All data is synchronously committed to at least two different servers and backed up to an offsite location every 24 hours.

Source: blockchain.info

RELATED POSTS

LATEST POSTS

Bitcoin competitors
Bitcoin competitors
December 1, 2022
What is the use of Bitcoin?
What is the use of Bitcoin?
November 1, 2022
Cryptocurrency developers
Cryptocurrency developers
October 21, 2022
What is the value of Bitcoin today?
What is the value of Bitcoin today?
October 13, 2022
Canadian to Bitcoin
Canadian to Bitcoin
October 11, 2022
Places accepting Bitcoin
Places accepting Bitcoin
October 7, 2022
Quantum computer Bitcoin
Quantum computer Bitcoin
October 6, 2022
Bitcoin how do they work?
Bitcoin how do they work?
October 4, 2022
Bitcoin exchange rate
Bitcoin exchange rate
October 2, 2022
Bitcoin to currency
Bitcoin to currency
September 30, 2022

CATEGORIES

TWITTER ACTIVITY

breezy_gh
Breezy

@blockchain please I have problem accessing my account

Friday 31, March 2017 08:31 AM

andrarchy
Andrew Levine

RT @lukestokes: @anders94 just got introduced to your blockchain demo. I love it! Do you have a @Steemit account? I'll post there and share…

Wednesday 29, March 2017 01:05 PM

Er_vinothkumar
Er.R.Vinothkumar™ ®

@blockchain my account not received fund but my sender told he sent , also that address not available on my account

Wednesday 29, March 2017 05:25 AM