To sum up, BC Vault features 5 separate security elements, 3 that are specific to a device, and 2 that can be set per wallet:
- Global Password
- Global PIN
- Wallet Password
- Wallet PIN
- Device itself or a backup
For a successful compromise of your wallet stored on BC Vault an attacker needs all five components. Maybe an attacker could get away with bruteforcing the PIN (which by its nature is limited in input options but can be of unlimited length) but they would still need the passwords and the device itself.
BC Vault can be compromised like any other security device in case of a careless user or a highly motivated and skilled attacker (There is no protection or encryption against someone with a gun to your head!). See also “How can someone hack my BC Vault, how safe are my crypto wallets?”
To maximize your security it is really important to follow security best practices:
- Check that any correspondence or URL is correct (i.e. https://bc-vault.com) and that your browser trusts the domain (a green lock in the address bar)
- Never give your password or PIN to an untrusted person. BC Vault staff will never ask for your password or pin!
- Securely store your device and backups away even though they are encrypted and do not generally pose a risk (Remember: an attacker would also need passwords and pins)
- Use strong and hard to guess passwords, if you choose to write them down do not store them with the backup
- Use BC Vault on a trusted computer with a good antivirus
- Do not export private keys if it is not absolutely necessary