Bitcoin Forum

from accounts.csv (you know which one) ;)

ps. this idea was stolen off of someone else.

you just want to bragg with your low number ;)

you sound a bit jelly :P

Let's do something usefull, post your number (even if not really precise, just 4xxx for example is mine accounts) and your date of joining (or what you can remember of it) mine is mid april.


Soon if enough people post, someone can make a calculation of how much mtgox (and thus bitcoin) userbase is growing :D

28500 +/- 100
... about max 3 weeks ago

I'm 22983.

Umm.. You guys know that we've known our account numbers all along, right? You had to include it on all deposits to MtGox.

You could also lookup the user list of this forum

http://forum.bitcoin.org/index.php?action=mlist (http://forum.bitcoin.org/index.php?action=mlist)

compare the usernames and "date registered" in the list with the usernames in the .csv

and you'll get a good estimate on percentage of users here trading on mt gox and probably also a good approximation of their date of joining mt gox, which will most likely be around the same time they created their accounts here.

1169, who's got lower than that?

(The answer is, "1168 people have a lower account number than that.")

...

the list is definitely interesting to read ...


well ... i know companies that don't give sequential numbers starting at 1 just to hide real numbers.

also i never really cared but now seeing i'm a first-25%-early-adopter while i thought i had been late to the train is quite impressive.

also i would be interested in other stats like mail adresses that indicate certain origins, quota of male vs. female names, list of actual passwords ...

if you use the same nick here and there, you got little to loose by posting whole lines :(
i realized that my password was the password that i got assigned the first day in university 14 years ago. finally a good reason to finally bury it :)
stupid me thought it is not a problem as i never had money on mtGox but i also restarted using that pw for my mail account half a year ago.

actually i like it how bitcoin teaches us to not only theoretically know how to deal with security :)

HUH?

So the truth is that the ENTIRE MtGox database was compromised and made public -- and although the passwords are stored in hashed form, someone could use hash-cracking to crack the passwords?

Matthew

If we are bragging about low numbers here, check mine. ;)

You mean companies that care about their customers and don't use amateur college-level PHP coding full of security holes?

Is that message implying that PHP is insecure, or am I misreading it?

PS: College-level? I was 13 and I released a perfectly secure Club Penguin Private Server, with multi-pass SHA256... :P

PPS: Don't do the above unless you like angry Disney lawyers

I'm saying  (current) college-level PHP coding is unsecure. It's a curse of the software industry, that nobody adds security unless it's been proven to be required. Usually the proof of requirement is pretty damaging. I suppose the quality level of mtgox coding is on par with their ability on html/css/graphic output.

Does nobody consider that some (PHP/Web) CMS projects have millions of lines of code and years of user testing on millions of installations and still identify and fix security holes? And people never use those (in this community), instead they cowboy-code their own low complexity implementations?

In the top 2000. Never had any coins/cash in it tho. Thank God.

801

761

Y'know, those < 3100 are all easily crackable? :(

Didn't have anything in there, I keep my coins in an airgapped wallet unless they need to be somewhere else for a reason.

2503.

#7 @ MtGox but only 24 posts here??? Or did you just change your name for a prank?

Is this in order of when you registered?  I'm ~14k mtgox.  I feel like emailing some of these motherfuckers and making new friends.  Who's with me?

I was able to find 640 passwords belonging to users 1 through 3036... and i know absolutely nothing about Cryptography (Which also means they could be wrong) just by feeding them into some gammy online hash cracker yokie

Shouldn't be a problem if you use different passwords for each website.

There are people here registered far behind me with a much larger postcount, doesn't mean a thing just that some people don't post much in here.

I'm number 118, thought I would be higher in number on the list (at least 4 digits), no clue however when I exactly registered at Mt Gox.
A year ago I guess.

Have fun with my pass, I only use it on MtGox which will be changed when it's back online

Too soon man, too soon.. :o   ;)  

Actually I hope the modest balance I kept there will come out of all this unscathed. That'll be the moment I will transfer it out of Mt Gox, and after that they will never see a bitpenny from me ever again.

[Captain hindsight]But then again, the whole Mt Gox experience has always had a cheap feel to it for me. Combine that with the quick rise in daily transaction value and something was bound to go wrong. We should've never put so much trust in them![/captain hindsight]

Not my number, but I am sure a few people would be interested in this one...

http://i167.photobucket.com/albums/u160/Isepick/satoshi.jpg

yes, a new small trail to find our epic god, we've got his mail address  :D

...if that is the real Satoshi, I would think he would be a much earlier user of mtgox.

329,Mahkul,p.makulski@gmail.com,$1$e1u03TlV$wGLXQ8ynWjXib5E4qj0fm.

Did you manage to crack my password? I thought it was pretty good. You can post it here, I never use the same password for more than one site anyway.

Woohoo, 78.

I remember it like yesterday, I bought in with Paypal, it doubled in a couple of days, sold half and withdrew using paypal and have sat on the rest and waited ever since. Back when bitcoin was fun, now it is just stressful.

Nope, I am me. I have just not been very active here.

haha
i am jed, #1
and play thefarwilds all the time
 ;D

I'd like to know when people with the highest numbers registered, that would help determine when the file was retrieved.  I only signed up a couple of days ago and there are almost a thousand accounts after mine.

332-bit KeePass passwords.  Damn near unbreakable and easily replaceable too.  I'd recommend it to pretty much anyone affected by this (it's also good for generating super-strong passwords for the TrueCrypt partition that your wallet.dat should be sitting on).

NUMBER is in no relation to the signed up date, I signed up for a second account yesterday afternoon to split my risk, (or did I just double my risk???), And my new account number is in the 30ks... unless 30k more ppl signed up yesterday then I don't think they're related at all.

That's a good bit of information, thanks for sharing it. 

Now we know that this list was posted less than 24 hours after it was retrieved, and, either the account compromises from 3 days ago were unrelated, or this file was retrieved on multiple occasions.

These are your merchant Id#'s btw

Actually, aren't you


?

that was someone else.

I think he knows what his own email is?

I'm under 2000 but above 1000.

Wait, that means... There are MULTIPLE grues around these parts?  I get the feeling I'm about to be eaten...

Hey anyone want to do me a favor and look "The Script" up on the list? I'm on my iPad at home, 3G Internet and I can't download the csv file but I'm curious what number I am at. I'm guessing less than 3000

I'm

51319   roebuck85   roebuck85@gmail.com   $1$Qc8worl4$dhGEsjtdKyEX9VS0C8Xko0


I signed up June 14th

I'm 100  :)

I think I've registered on 2010-07-29, that's when I first sent coins to mtgox.

looks like somebody already cracked mine.

(Mine is < 400)

When I tried to log into my gmail account that was registered on mtgox I got this message from gmail: "suspicious activity reported. please change your password".

Good thing I had a unique password just for mtgox!  ;D

I'm #604 (same username as here), but not logged in for months so my password is in the old hash form - I'm assuming it's been cracked, but would love to have confirmation. Anyone that's run Jack on the file able to PM or e-mail me or something if they have?

Paranoia mode on.

To make the game more interesting, if you could also post the last IP address that accessed the account, your email address (bonus points if you can provide that password too), account name your old password (as that's now useless) and your full physical address, age, date of birth and your mother's maiden name, we can make a nice graph out of that. What do you say chaps?





(For those without a sense of humour or sense that is common: DO NOT TAKE THIS POST SERIOUSLY!)

True but there is a cost to everything. Not everyone can afford to hire 15 php master coders with 20+ years experience and PHDs in computer science, ya know!

Its 123456789.

Pretty good, eh?

You don't realize how many fees Mt. Gox has been raking in?

400,000 BTC can buy a boat load of coders...

You don't realize WHEN the fees were raked in?

MtGox went from nothing to everything in 2 months, MagicalTux more than once mentioned desperately trying to hire workers and not working so well. It is not much of a money issue, but also time issue.

THAT's the spirit!   :D

last ip: 127.0.0.1
email: in original post
email pass: same as mtgox pass