# Gavin Andresen
# 2011-01-10 00:32:55
# https://bitcointalk.org/index.php?topic=2698.msg36793#msg36793

"Just turn on Berkeley db encryption and you're done" @p{--} ummm: @p{par}

First, unless I'm reading the bdb docs wrong, you specify a password at database creation time.  And then can't change it. @p{par}

So, at the very least, somebody would have to write code that (safely) rewrote wallet.dat when you set or unset or changed the password. @p{par}

Second, encrypting everything in wallet.dat means you'd have to enter your wallet password as soon as you started bitcoin (because user preference are stored in there right now), when ideally you should only enter the password as you're sending coins. @p{par}

And third, there are all sorts of usability issues with passwords.  Users forget their passwords.  They mis-type them.  I wouldn't be terribly surprised if doing the simple thing and just encrypting the whole wallet with one password resulted in more lost bitcoins due to forgotten passwords than wallets stolen by trojans. @p{par}

I think creating a safe, useful wallet protection feature isn't easy, and there a lot of wrong ways to do it. @p{brk}