|
Title: Protect Your Account Post by: LFC_Bitcoin on August 03, 2020, 08:13:15 PM **Also posted in Meta but sharing here too. Even if it helps one person it’s worth it**
Please, I can’t stress this enough, please make sure the email address set to your account is private. You may have seen what happened to BitcoinGirl.Club here - https://bitcointalk.org/index.php?topic=5266437.0 This is what I am understanding. Yesterday evening after the poker game, I was doing my usual work. At some point, I was going to check my sportsbet T-shirt update. I was looking for the email sportsbet sent so that I get the link to fill up the form. I saw three emails. One already read. The two new with the update of they are running out of the t-shirts. So I opened one of the email, checked the link and it was taking too long time to load the page. When it was annoyingly late, I closed the tab but my system seemed unexpectedly slow. It happens sometimes and I usually force close the system and restart. I did the same and then started my usual work. When I wanted to login in few of my accounts it always asked me for passwords. Nothing flagged me though. I did not had any 2nd thought. When it was late I gone to bed. Today morning when I wanted to login to bitcointalk discovered everything. Before everything else I knew I had to reset my device which I did. Now I do not have access of the email. All the accounts, exchanges, business, social media, gambling sites everything that had the email are fucked up. I am contacting each of the sites to help me changing the email addresses. I am going through a lot now. In some accounts I have money locked. This will not be a very easy ride for me. Everything fucked!!! I do not deserve it. Thanks whoever you are. I believe the hacker discovered his email address simply by clicking on his profile & discovering the email there & the rest is history. If you haven’t already then follow these steps to make your email address hidden - - Click Profile at the top of your browser - Under Modify Profile on the left click Account Related Settings - Make sure the circled box is ticked (example email address is not mine) https://i.ibb.co/Kr8Mp7W/1-AA2-E5-A0-1-F33-4-C6-C-B732-78-FBB5-D81158.jpg Safe surfing & fuck hackers! Title: Re: Protect Your Account Post by: DdmrDdmr on August 03, 2020, 09:34:22 PM Yes, the "hide email address from public" flag is on by default (meaning hidden), but I guess people are used to being rather social, and switch it of in many cases (some are business relate, and therefore deliberately conscious). Going through a profile DB I have with 2.481.270 profiles, almost 56k accounts had an associates visible email.
I figure though that BitcoinGirl.Club’s case is not down to the email being visible on the profile (I don’t think it was, and Archieve sites seem to show it as hidden historically, right up to a snapshot from a couple of days ago). It looks more like some malware got installed after following a link. Title: Re: Protect Your Account Post by: Timmzzy on August 03, 2020, 09:37:10 PM I believe Newbies really need to see this. When I first noticed the hacking of Bitcointalk account activity some time ago. I just got this instinct of making use of that feature of hiding my email of from the forum which I believe they get into one's Account using that means of email. How wish 2af will be implemented on Bitcointalk.
Title: Re: Protect Your Account Post by: alani123 on August 03, 2020, 09:45:23 PM Also goes to show that PMs sent via bitcointalk shouldn't be considered very private.
A compromise in the account essentially means a compromise in its contents also. End to end encryption is always best for messages that might be considered sensible. To compromise a properly stored private key used for end to end encryption would require a full system compromise. Which is arguably harder than hacking a third party provider email address. Title: Re: Protect Your Account Post by: Coyster on August 03, 2020, 10:54:40 PM Going through a profile DB I have with 2.481.270 profiles, almost 56k accounts had an associates visible email. That number (56k) is very high, users should hide their email addresses and should not use their btt email for any other purpose, whether the service is trusted or not; a unique address for your btt account would prevent phshing mails and malware links being sent to your email that could lead to a compromise of your email and your account as well. It looks more like some malware got installed after following a link. Newbies should also verify links they receive in their mail box, never click on it, the hackers can design the link to look original and like its coming from providers you registered the email with for some service or the other, verify first and if you are 99% certain, don't click it. Title: Re: Protect Your Account Post by: Finestream on August 03, 2020, 11:01:47 PM Good advise, when I was starting in the forum, my email was displayed but later I realized that I could be prone to an unsolicited emails so I hide it until now. It's unfortunate that BitcoinGirl.Club fall for this hackers, hopefully he is alright and he can solve his problem, worse is he has some money on some accounts, damn, the timing is not even good, everyone needs money at the pandemic while hackers continues to do their heartless activities.
Newbie deserves to read this post, thanks for the concern @LFC_Bitcoin Title: Re: Protect Your Account Post by: elda34b on August 04, 2020, 06:59:40 AM Nice reminder. Maybe also check your others social media, create another e-mail purely for business purpose and never leave personal details, especially you're not using a centralized services. Some hackers might also try their luck hacking your Telegram account for example. Telegram are as important as e-mail nowadays.
Title: Re: Protect Your Account Post by: The Cryptovator on August 04, 2020, 08:46:17 AM Good suggestion. First of all, I have used two email addresses for my bitcointalk account. One used for registered and after I changed the email to another address to get notification from the forum. So if in case my bitcointalk account got hack, I will be able to recover my account from registered email and sign address. But of course, my secondary mail is hidden still now. So no one can see it easily. Passwords should use very strong and different from other sites. More securely we have to keep safe our email address because hackers could use reset passwords by mail. So we have to be careful with our mail system. Usually, I don't use my current bitcointalk mail for any other sites to avoid spam messages.
Title: Re: Protect Your Account Post by: LFC_Bitcoin on August 04, 2020, 08:48:55 AM Also goes to show that PMs sent via bitcointalk shouldn't be considered very private. A compromise in the account essentially means a compromise in its contents also. End to end encryption is always best for messages that might be considered sensible. To compromise a properly stored private key used for end to end encryption would require a full system compromise. Which is arguably harder than hacking a third party provider email address. Aren’t there websites that delete a message after it’s been read? Title: Re: Protect Your Account Post by: Upgrade00 on August 04, 2020, 09:06:51 AM Aren’t there websites that delete a message after it’s been read? There are such websites available, but I've not used most and as such cannot recommend any. This feature is also available on telegram chat, to activate it; you Set Secret Chat > Set Self Destruct Timer > Select The Preferred Time Range. The destruct timer ranges from a couple of seconds to a week and not necessarily when the message has been read by the other party, so the conversation has to be synchronized.I would however not recommend very sensitive information is sent across such websites as they are commonly targeted by hackers through phishing attacks for such data. Title: Re: Protect Your Account Post by: 20kevin20 on August 04, 2020, 09:16:00 AM Furthermore, I'd recommend using a different e-mail for different categories of accounts you have. For example, use one mail for social media accounts and a completely different one for exchange accounts. This not only lowers the chances of all your accounts being compromised at once but also decreases the chances of all your accounts being linked by an external party to your identity. This way, if your "exchange" email gets compromised, you know that you should only consider the said accounts compromised - unlike having all accs on the same mail, where you have to check whether all of them have been affected or not.
Title: Re: Protect Your Account Post by: Scripture on August 04, 2020, 09:22:15 AM Upon checking my email account is already hide from the public and I think this is already on a default settings. I don't know the reason why a person will expose their personal email where we know the risk of sharing it. Though I've seen many bounties publicly share the emails of the participants on the spreadsheet, I just forget that bounty name but its they should not do that. I also suggest to have more emails for your different purposes, and to be more safe from hackers and scammers.
Title: Re: Protect Your Account Post by: NavI_027 on August 04, 2020, 12:02:23 PM Yes, the "hide email address from public" flag is on by default (meaning hidden) Thank God I am doing the right since day one. Actually I'm about to check my profile already to check it again but good thing I read your post. You saved few minutes of my time :). I strongly believe that my email was hidden all the time but still OP's post alarmed the hell out of me lol (paranoia strikes). My simple advice for you guys is to never use the emails you already used in signing up to this forum, wallets or others with confidetial infos. Because the more you used it, the more prone it become against phishing attacks or other means of hacking. Making email addresses is now as easy as 1 2 3 so don't be hesitate to create a new one for vulnerable places. Title: Re: Protect Your Account Post by: Peanutswar on August 04, 2020, 04:09:24 PM Also, this is a good feature and it depends on the user how does it works why they show or hide their emails.
On our profiles, we have the email that the other member can easily see, and based on my perspective there is a good and bad side why we need to show or hide this. Show Other members can see and can direct email to us. You can message each other in private. Prone to hacking because your email is already exposed. Sometimes your passwords are not strong and do not contain: Small letter Capital letter Number Symbols Hide To avoid getting reached by the intruders want to do something with your email and account. Title: Re: Protect Your Account Post by: Yaunfitda on August 04, 2020, 05:23:18 PM I have practice to hide my email here since day one because I know it could be a vector of attack sometime. Those with bad intent some scrape emails here and then try to hack it. I think this is one method that's why there is a rampant attacks way back in 2017 wherein we hear a lot of accounts being hack very easily.
I already informed our campaign manager about this incident since BitcoinGirl.Club and I are both in the same campaign. Title: Re: Protect Your Account Post by: Husna QA on August 04, 2020, 11:32:36 PM Also, enable additional security such as 2fa in the email used in this forum. And use different email and passwords with accounts on forums or other social media.
And then I suggest not to use the Secret Question in Account Related Settings. https://talkimg.com/images/2023/05/17/blobda0b00cf4be253bf.png Title: Re: Protect Your Account Post by: alani123 on August 04, 2020, 11:52:01 PM Also goes to show that PMs sent via bitcointalk shouldn't be considered very private. A compromise in the account essentially means a compromise in its contents also. End to end encryption is always best for messages that might be considered sensible. To compromise a properly stored private key used for end to end encryption would require a full system compromise. Which is arguably harder than hacking a third party provider email address. Aren’t there websites that delete a message after it’s been read? Better yet there are apps like snapchat, Viber (timed message mode). Works better in a sandboxed environment like an android phone. But with snapchat there have been occasions where hundreds of thousands of supposedely deleted snap image messages were accessed from the platform's servers and celebrities were targeted. So non p2p solutions aren't perfect. Even better there is the FOSS Off The Record (OTR) messaging which allows for deniable authentication from a certain party in a trustless and p2p way. Overall tons of better ways to message people other than PMs in a forum. Especially so if the goal is privacy. Title: Re: Protect Your Account Post by: sheenshane on August 04, 2020, 11:52:20 PM I dont want to use other features in protecting my Bitcointalk account because might be cause trouble upon losing those credentials connected with your account. Hiding email addresses is enough for me at least, you know also how to access your email. Especially stated above of my reply, never use a secret question security feature, which is very risky upon recovery in your account.
It is good if you will separate your email address exclusively for the Bitcointalk account only and for those social media account should always be separated. Might good if don't open your email address used in Bitcointalk, especially from the unknown PM's. Title: Re: Protect Your Account Post by: smyslov on August 05, 2020, 01:12:56 AM Emails that you are using is very important that is why you should set up some safety parameters like two factor authentication and phone verification so you can access it only after putting the code we need to beef the security on all emails that we are using because this is where we can access all our accounts from other sites, especially when you are using a public computer.
Title: Re: Protect Your Account Post by: DdmrDdmr on August 05, 2020, 08:57:28 AM I’d like to presume that people that engage in airdrops and bounties, some of which require an email, are not providing their forum’s registry email (and preferably, they’d be using an email solely for these purposes, with no ties to anything else). Bounties and airdrops subscriptions end-up either being publicly visible in posts and lists, or used for any sort of purpose once obtained. That is a complementary, and probably more frequent malpractice, to displaying the email on the user’s profile.
Title: Re: Protect Your Account Post by: Casdinyard on August 05, 2020, 09:47:47 AM **Also posted in Meta but sharing here too. Even if it helps one person it’s worth it** How exactly was he hacked? Even I myself shows publicly my email address, yet encountered no issues of hacking nor anything so far. Maybe he had entered it in a website where they had data breach, or his password wasn't that kinda strong. There can be alot of prevention that can be done by BitcoinGirl.Club in his ends. I guess this kind of thread and other thread that are helpful and must be pinned here in Beginners and Help board. Suggesting such actions isn't that kind of helpful if and only if the other newbies preferred nor haven't read issues with regards to hacking accounts even from a simple email. With regards to that, I also see the following as a good suggestion to the forum itself: Limiting the Newbie's capability to reply on certain thread. How? They could only see pinned posts for approximately 3 to 5 days (depending on the forum management) upon their registration. Hence, all of necessary rules, regulations, and reminders would and must be read by the newbies before they can have the rights to reply on threads.
Some might find this an awful suggestion, but with increasing cases of spamming, burst-posting, scamming, necro-bumping, and any other prohibited actions, then I guess we must start from the basics, by reading necessary threads such as rules and regulations and reminders for a safer account and environment. If requested to transfer this to meta as another thread, I would be delighted to do so. Title: Re: Protect Your Account Post by: Coyster on August 05, 2020, 10:17:03 AM How exactly was he hacked? Even I myself shows publicly my email address, yet encountered no issues of hacking nor anything so far. Maybe he had entered it in a website where they had data breach, or his password wasn't that kinda strong. There can be alot of prevention that can be done by BitcoinGirl.Club in his ends It is in the op, and was also explained by few users after the op, his account wasn't hacked because of his email was visible to other users, but it seems he uses the same email on the forum for other purposes, so hackers sent him a malware in the form of a link which he clicked, that gave them access to the account and the powers to request for a reset of his password.Limiting the Newbie's capability to reply on certain thread. How? They could only see pinned posts for approximately 3 to 5 days (depending on the forum management) upon their registration. Hence, all of necessary rules, regulations, and reminders would and must be read by the newbies before they can have the rights to reply on threads. Limiting newbie participation is very harmful for a community. Newbie jail will never return: I consider the newbie-jail period to have been extremely damaging to the forum. When barriers to participation are too high, then the best people often just won't go to the trouble of joining, and the people who are willing to jump through the hoops are often people who aren't good for the community: people with nothing better to do, scammers, get-rick-quickers, etc. Having a permanent newbie jail policy would improve things a lot in the short-term, but would end up being a fatal poison to the community. Title: Re: Protect Your Account Post by: Maus0728 on August 05, 2020, 11:51:10 AM Good suggestion. First of all, I have used two email addresses for my bitcointalk account. One used for registered and after I changed the email to another address to get notification from the forum. So if in case my bitcointalk account got hack, I will be able to recover my account from registered email and sign address. Wait? Isn't it that the email you have used for registration and receiving notifications is the same? You cannot use your former email for password recovery if you changed it for a newer one thus, your notifcations and password change request can only be received in the new email address. ???Title: Re: Protect Your Account Post by: Coyster on August 05, 2020, 12:17:18 PM Good suggestion. First of all, I have used two email addresses for my bitcointalk account. One used for registered and after I changed the email to another address to get notification from the forum. So if in case my bitcointalk account got hack, I will be able to recover my account from registered email and sign address. Wait? Isn't it that the email you have used for registration and receiving notifications is the same? You cannot use your former email for password recovery if you changed it for a newer one thus, your notifcations and password change request can only be received in the new email address. ???Title: Re: Protect Your Account Post by: lovesmayfamilis on August 05, 2020, 12:53:18 PM **Also posted in Meta but sharing here too. Even if it helps one person it’s worth it** How exactly was he hacked? Even I myself shows publicly my email address, yet encountered no issues of hacking nor anything so far. Maybe he had entered it in a website where they had data breach, or his password wasn't that kinda strong. There can be alot of prevention that can be done by BitcoinGirl.Club in his ends. There can be many options, but the fastest way that comes to mind is that a virus has been caught. A virus that steals browser logs. And since most likely the owner had one browser, which he often used, and did not erase cookies after each session, all the logs were transferred to the hacker. A lot of information can be stored in one log. Starting from location data, and computer processor, and ending with passwords for mails, forums, bank cards. If a keylogger was installed in the system, then everything that the owner of the browser pressed was available to the hacker. How to avoid such viruses, I think everyone has long understood, do not download anything from the Internet, use antivirus software, and other protections. You also need to erase all your cookies after each session and use different browser profiles for different tasks. After such a data theft situation, you need to reinstall the operating system. Or reinstall the browser again. https://www.kaspersky.com/blog/browser-data-theft/27871/ https://www.zdnet.com/article/raccoon-malware-targets-massive-browser-range-to-steal-your-data-and-cryptocurrency/ Title: Re: Protect Your Account Post by: jademaxsuy on August 05, 2020, 01:22:42 PM Good suggestion. First of all, I have used two email addresses for my bitcointalk account. One used for registered and after I changed the email to another address to get notification from the forum. So if in case my bitcointalk account got hack, I will be able to recover my account from registered email and sign address. Wait? Isn't it that the email you have used for registration and receiving notifications is the same? You cannot use your former email for password recovery if you changed it for a newer one thus, your notifcations and password change request can only be received in the new email address. ???Title: Re: Protect Your Account Post by: LFC_Bitcoin on August 05, 2020, 01:23:22 PM He was hacked because the hacker sent him a phishing email I believe, he clicked a link & there we go.
Certain people are working behind the scenes, trying to figure out who it was. Title: Re: Protect Your Account Post by: yazher on August 05, 2020, 01:40:00 PM Oh, that man really messed it up in just one night. I think the hacker got it all cleared after the owner of the account has fallen to sleep. This something I knew before when I was a newbie in the industry. Once they know the email address you are using, You just give them a 50% chance to steal your account. The good thing is, most of the users are already hide their email add in their profile. He can regain back his account since he maybe has the necessary information to give the Cryptios.
Find more information here to know about the Cryptios: https://bitcointalk.org/index.php?topic=5143439.0 Title: Re: Protect Your Account Post by: Harlot on August 05, 2020, 01:43:43 PM Yes, the "hide email address from public" flag is on by default (meaning hidden), but I guess people are used to being rather social, and switch it of in many cases (some are business relate, and therefore deliberately conscious). Going through a profile DB I have with 2.481.270 profiles, almost 56k accounts had an associates visible email. I figure though that BitcoinGirl.Club’s case is not down to the email being visible on the profile (I don’t think it was, and Archieve sites seem to show it as hidden historically, right up to a snapshot from a couple of days ago). It looks more like some malware got installed after following a link. So this answers my question in his post in the meta section. I don't think most of them unhiding their email is a social move but more of a business move to me, the mistake members do by showing their email is of course their email that they are showing is also their email to their account in BCT which is the wrong move. Showing your BCT account email will only put targets at your back and you will be vulnerable to numerous phishing attempts by doing so. If you have a separate email for business transactions then it would be easier for you to filter out the fraud emails you are receiving. Title: Re: Protect Your Account Post by: dondonk on August 06, 2020, 04:25:31 AM **Also posted in Meta but sharing here too. Even if it helps one person it’s worth it** If you haven’t already then follow these steps to make your email address hidden - - Click Profile at the top of your browser - Under Modify Profile on the left click Account Related Settings - Make sure the circled box is ticked (example email address is not mine) https://i.ibb.co/Kr8Mp7W/1-AA2-E5-A0-1-F33-4-C6-C-B732-78-FBB5-D81158.jpg Safe surfing & fuck hackers! Also make sure you are on a secure network wherever it is. In some cases, hackers hack networks to get usernames and passwords from our accounts. this often happens in public places. Title: Re: Protect Your Account Post by: taufik123 on August 06, 2020, 01:26:38 PM Also, enable additional security such as 2fa in the email used in this forum. And use different email and passwords with accounts on forums or other social media. The reason for not suggesting the use of secret questions may be because, this feature will automatically lock the account when trying to recover passwords using the Secret Question Method. Because I have experienced this, when I forget my password and want to change it, then I use a secret question that I have previously set, the result is my account is locked.And then I suggest not to use the Secret Question in Account Related Settings. https://i.imgur.com/Dp2N16B.png 2FA email might be very helpful for securing email, I have also implemented it. Title: Re: Protect Your Account Post by: DdmrDdmr on August 06, 2020, 01:40:08 PM <...> I enable the secret question pretty soon (probably during the account creation procedure), and later came to read that resorting to its use would indeed lock your account, being the unlocking procedure not immediate nor trivial. As such, I left the secret Q/A there, on the profiles, but often felt like I really wanted to delete it (having a signed message on the appropriate thread seemed more fitting). It took me ages to delete it, but it’s really rather trivial:<...> I had this step (deleting my secret question) pending for ages, and it has not been until now that I’ve gone ahead with it. Just a minor observation: Since the Answer is displayed as blank, you can’t really delete the content of the field. I therefore deleted the question, assumed that the answer deletion would be deleted, and hoped for the best. Logging out and back in again works fine, so I figure that was all that was required (+ > Enter your "Current Password" > Click "Change profile" button <…> as you stated). Title: Re: Protect Your Account Post by: Rosilito on August 06, 2020, 02:27:26 PM Also, enable additional security such as 2fa in the email used in this forum. And use different email and passwords with accounts on forums or other social media. The reason for not suggesting the use of secret questions may be because, this feature will automatically lock the account when trying to recover passwords using the Secret Question Method. Because I have experienced this, when I forget my password and want to change it, then I use a secret question that I have previously set, the result is my account is locked.And then I suggest not to use the Secret Question in Account Related Settings. - 2FA email might be very helpful for securing email, I have also implemented it. I was going to ask on why enabling secret question wasn't a good idea 'cause it confused me (when it was designed to help you for retrieving your account password), and then I see this. Thanks for the input though. I was wondering few days ago if I should make one for myself but I think, I should withdraw from doing it so now :D. Title: Re: Protect Your Account Post by: taufik123 on August 06, 2020, 03:02:53 PM I enable the secret question pretty soon (probably during the account creation procedure), and later came to read that resorting to its use would indeed lock your account, being the unlocking procedure not immediate nor trivial. As such, I left the secret Q/A there, on the profiles, but often felt like I really wanted to delete it (having a signed message on the appropriate thread seemed more fitting). It took me ages to delete it, but it’s really rather trivial: Locking the account after doing the forgot password method with a Secret Question is intended so that the person doesn't easily open the account. -snip- Just imagine if a scammer who knows about the secret quest that we have previously set up, locks the account to further secure the account itself. The impact of being locked into an account will be uncomfortable when the user does it himself. To try to open a locked account I created another account and contacted the moderator via PM Bitcointalk and also contacted the bitcointalk recovery team via email. I can open my account in just a few hours. ACCOUNT LOCKED FIX PROBLEM I sent a message to the email that was printed when the account was locked and the bitcointalk recovery team responded well. https://i.postimg.cc/wThgS017/Screenshot-129.jpg https://i.postimg.cc/SRpWhkr2/Screenshot-134.jpg I was going to ask on why enabling secret question wasn't a good idea 'cause it confused me (when it was designed to help you for retrieving your account password), and then I see this. Thanks for the input though. I was wondering few days ago if I should make one for myself but I think, I should withdraw from doing it so now :D. You are better off avoiding activating Secret Questions and using other security.In order for you to prove that the account is your account, you need to do SIGNED MESSAGE BITCOIN ADDRESS, as DdmrDdmr (https://bitcointalk.org/index.php?action=profile;u=1582324) -snip-(having a signed message on the appropriate thread seemed more fitting). You can do it here. Stake your Bitcoin address here https://bitcointalk.org/index.php?topic=996318.0 Title: Re: Protect Your Account Post by: masulum on August 06, 2020, 03:29:17 PM You are better off avoiding activating Secret Questions and using other security. This is true, I have experience to use this feature in the past. I can take over user account just because they are put a real jobs in his life. Of course what i do just for security reason not for hacking. So i told him to deactivate the feature and change it to use SMS verification in case he lost his account. Secret question has limited answer, when we choose the name of family someone can know it, using jobs, someone also can find it. So if we want to safe from hacking. if we put a fake information, we can forget about it. That why i never activate any secret questions again. Title: Re: Protect Your Account Post by: hatshepsut93 on August 06, 2020, 03:46:10 PM It's scary to think that you can get malware or get your account hacked just by clicking on a link. Browsers are supposed to be a safe environment that can's just so easily be used as a vector for getting hacked by simply visiting a site. Perhaps there's an XSS or XSRF vulnerability on the website of OP's email provider - that could be an easy explanation for what happened. In that case an addon like NoScript can help reduce the risk, as long as you don't manually allow scripts on the malicious site.
Title: Re: Protect Your Account Post by: Lordhermes on August 06, 2020, 05:52:51 PM I’d like to presume that people that engage in airdrops and bounties, some of which require an email, are not providing their forum’s registry email (and preferably, they’d be using an email solely for these purposes, with no ties to anything else). Bounties and airdrops subscriptions end-up either being publicly visible in posts and lists, or used for any sort of purpose once obtained. That is a complementary, and probably more frequent malpractice, to displaying the email on the user’s profile. Yes exactly, those set are have many accounts registered here but no mind of email protection from public because of the purpose of the accounts. I have never thought hackers steals via email in as much as there's is no availability of password to email with them or something. Title: Re: Protect Your Account Post by: alik111 on August 06, 2020, 06:07:29 PM This is a great way for preventing scammers.But what about the bounty hunters?
They are very unconscious about their personal information and scammers can easily reach their sensitive information like email and social accounts. So my advice is to be experienced and to be learnt about scammers and always use best protection. Title: Re: Protect Your Account Post by: Husna QA on August 06, 2020, 11:29:26 PM I was going to ask on why enabling secret question wasn't a good idea 'cause it confused me (when it was designed to help you for retrieving your account password), and then I see this. Thanks for the input though. I was wondering few days ago if I should make one for myself but I think, I should withdraw from doing it so now :D. Secret questions can be used if you forget your login password. As mentioned before, this will result in the account being locked, and to recover it, you must be able to prove ownership of the account by showing the PGP key or Bitcoin address associated with the account and signing it.https://bitcointalk.org/index.php?topic=5089777.msg48896084#msg48896084 (https://bitcointalk.org/index.php?topic=5089777.msg48896084#msg48896084) And if you are already using a secret question, then want to disable/reset it, leave it blank. Make sure everything is empty; no whitespace or invisible characters. Yes, just keep it blank. Make sure that the secret question area isn't full of whitespace characters. (Spaces don't count, but some other whitespace/invisible characters do.) Title: Re: Protect Your Account Post by: samputin on August 08, 2020, 01:45:54 PM <...> <...>My simple advice for you guys is to never use the emails you already used in signing up to this forum, wallets or others with confidetial infos. Because the more you used it, the more prone it become against phishing attacks or other means of hacking. Making email addresses is now as easy as 1 2 3 so don't be hesitate to create a new one for vulnerable places. Title: Re: Protect Your Account Post by: Mrengage on August 08, 2020, 10:04:44 PM <...> <...>My simple advice for you guys is to never use the emails you already used in signing up to this forum, wallets or others with confidetial infos. Because the more you used it, the more prone it become against phishing attacks or other means of hacking. Making email addresses is now as easy as 1 2 3 so don't be hesitate to create a new one for vulnerable places. Well you don't have to struggle when it comes to store your email I believe your smartphone can accumulate more than 1 to 2 emails and probably most of the login on the browser are saved and even with that the advice to make use of 2af is most recommended. Title: Re: Protect Your Account Post by: Assface16678 on August 09, 2020, 06:56:17 AM This kind of feature has a different purpose still I'm not using this because I want to avoid getting trouble with my emails I know some of the suggestion of the other member that will use other emails not on their main account because this is prone to hackers and other people want to steal your information especially the email. The good thing right here with the use of this is you can send directly to the member you want to do outside to our forum but still I highly recommended too to use other emails for your other transactions it's not because you don't want to know or become anonymous it's just because of safety.
Title: Re: Protect Your Account Post by: cygan on August 09, 2020, 10:45:37 AM what i would like to suggest to all users here is that you should change your password here from the forum in various intervals and you should also change the password of your e-mail account in the same intervals - so you are actually very protected against account hacks
Title: Re: Protect Your Account Post by: 2chase on August 11, 2020, 01:19:08 PM How reckless and self-confident do you need to be in order to put your email on public display? It's the same as walking around with the inscription on the T-shirt "Fuck me". These things are basic security fundamentals.
And also, in order to be absolutely sure of your safety, come up with a complex password of 50 characters long. Thats all - you don't have to worry about anything anymore. Your forum account will be completely protected! Title: Re: Protect Your Account Post by: yazher on August 11, 2020, 02:03:20 PM what i would like to suggest to all users here is that you should change your password here from the forum in various intervals and you should also change the password of your e-mail account in the same intervals - so you are actually very protected against account hacks I think someone already posted detailed instructions on how to make a strong password to avoid getting hack easily. If I'm not mistaken, the OP was GreatArkansas. wait let me post it here so that anyone could also benefit from his old thread. Here you go: https://bitcointalk.org/index.php?topic=5132378.0 This thread might old but it is something you must know when creating passwords. Title: Re: Protect Your Account Post by: Mor254 on August 12, 2020, 10:41:38 AM You really did this step, but how can our e-mail be hacked only by knowing it, as long as the password is kept securely, can the password be hacked only through the address?
Title: Re: Protect Your Account Post by: DdmrDdmr on August 12, 2020, 02:32:45 PM <...> Not really, but it hinders your security. Knowing your account’s email can help scammers to create a targeted phishing campaign, or to try to cross-reference with other hacked site black-market information in case you are using the same password. You may also be using a very weak guessable password. Not making your account’s email publicly known mitigates these factors. |
