|
Title: Have you been monitoring your bitcointalk activities ever? Post by: The Cryptovator on October 12, 2020, 05:11:26 PM The thoughts came from this post (https://bitcointalk.org/index.php?topic=5281221.msg55353558#msg55353558) made by @o_e_l_e_o. So credit goes to him as well.
At the title says, have you been monitoring your forum activities ever? Are you wondering why should you monitor your own activity since still you have access to your account? But I think it's necessary to monitor your activity at least once a day. The reason I will describe below. Just imagine someone hacked your account somehow and he has full access and the hacker didn't change your password. Then he could send unsolicited PMs to other users, could post plagiarized content from your account, and could scam someone as well. So eventually you would a victim as well and your account would be tagged or ban. You may think how would you check your actives to make sure if someone accessed your account. First of all, you may check your post history and incoming + outgoing PMs. Hacker would delete PMs, so there would be some difficultly. In that case, your IP log would help if you aren't using the Tor browser. Here is the link: https://bitcointalk.org/myips.php (https://bitcointalk.org/myips.php), here you may see past one month IP logs. Again, it won't work if you are using Tor due to a random IP address. But at least you may notice the time when you access your account. Anyway, it just came into mind due to some recent scam attempt. Scammers always coming with the new techniques, so we need to prevent them as much as possible. Title: Re: Have you been monitoring your bitcointalk activities ever? Post by: Charles-Tim on October 12, 2020, 05:41:22 PM I do often think of it before, that if a hacker is trying to attack my Bitcointalk account, that it will be difficult for me to know, although I have signed a message using my Bitcointalk account and also make use of another user's account to quoted the signed message, but this can only help during when someone's account has been comoromised already, so to avoid account to be comoromised, what OP posted will be effective. As I clicked on the link given above, I was surprised to see my logs for certain duration of time, it is amazing, the OP post is very useful. Checking our logs daily will be good and recommended.
But, in addition, something always pop up on my mind, it will be good if admin can help us to let this forum to support 2 FA, this also can be an effective protection, having my Bitcointalk account on one device, and enable the 2FA app on another device will also help, to totally avoid hackers. Title: Re: Have you been monitoring your bitcointalk activities ever? Post by: tranthidung on October 12, 2020, 05:42:44 PM It is one of forum's hidden pages and I listed it in a thread of mine Hidden pages/ features on the forum (https://bitcointalk.org/index.php?topic=5243405.0)
Announcement from theymos is there (https://bitcointalk.org/index.php?topic=5150936.msg51367307#msg51367307) It is easy if you have basic skill to run quick descriptive analysis for your log-in IPs. If you are not, there is another way, using Excel or Word (with filter and search by keyword - use each log-in IP as a keyword). @tranthidung. Please, do not mind this, that link you posted contain only the link posted by the OP that contain IP logs of a month of members that are visiting Bitcointalk forum, it only seems like a repetition. Did you click on links to see what I gave you? I give supplements for the thread, the origin annoucement from theymos. Sometimes, readers only see information but don't know where it comes from and when. It is best if you can see it in original context to see how the feature was created and description from creator. Let me quote. It's tricky to get email notifications right so that they're not too spammy. Maybe later. For now, I added this page where you can see your IP logs for the past 30 days: https://bitcointalk.org/myips.php . You could pretty easily write a userscript to periodically check this and warn you if it's weird. (But don't scrape it on every pageload.) I don't want to make older IP logs automatically accessible because that'd give a hacker a bunch of useful/sensitive information. But 30 days is probably not too harmful. You will get info for About privacy (https://bitcointalk.org/privacy.php) IP retention in profile page (I thought I have it in the list but actually not so I will update it tomorrow). Retention/ privacy info (https://bitcointalk.org/index.php?topic=5136127.0) Quote Limit IP retention: Reduce the retention of your future logged IP addresses. This will make it far more difficult to recover your account if it is ever stolen; make sure that your email address is correct and that you have staked a public key. Your logged IPs for the last 30 days. I don't make this post to get post quota. :D Title: Re: Have you been monitoring your bitcointalk activities ever? Post by: Charles-Tim on October 12, 2020, 05:51:36 PM It is one of forum's hidden pages and I listed it in a thread of mine Hidden pages/ features on the forum (https://bitcointalk.org/index.php?topic=5243405.0) @tranthidung. Please, do not mind this, that link you posted contain only the link posted by the OP that contain IP logs of a month of members that are visiting Bitcointalk forum, it only seems like a repetition. Announcement from theymos is there (https://bitcointalk.org/index.php?topic=5150936.msg51367307#msg51367307) Title: Re: Have you been monitoring your bitcointalk activities ever? Post by: The Cryptovator on October 12, 2020, 05:55:15 PM But, in addition, something always pop up on my mind, it will be good if admin can help us to let this forum to support 2 FA, this also can be an effective protection, having my Bitcointalk account on one device, and enable the 2FA app on another device will also help, to totally avoid hackers. I think there are a few difficulties to implement 2FA with current software. There is a thread created by DdmrDdmr Isn't it time to introduce 2FA to enhance user account security? (https://bitcointalk.org/index.php?topic=3189636.0) There is a few constructive discussion about that. You may find more thread on meta regarding 2FA if you use the search button. It would be second layer security, but there is no noticeable response from the admin regarding the implementation of 2FA. I am not sure if I missing something, point me if so. Title: Re: Have you been monitoring your bitcointalk activities ever? Post by: DdmrDdmr on October 12, 2020, 05:59:49 PM The IP log, when using a VPN, can also be difficult to assert, but I do check it every now and then (not on a daily basis though).
One feature I miss, is something I’m used to on other websites, whereby you receive a notification (and opt-in email or such) when someone logs-in to your account from a different device, either successfully or at fault. This could also be used to troll people, but I think it would be more beneficional in the big picture. Title: Re: Have you been monitoring your bitcointalk activities ever? Post by: Mahdirakib on October 12, 2020, 06:00:23 PM I give a look at my post count and activity while I visit the forum. Actually I have bookmarked my profile page. So whenever I enter the forum it display my profile page.
Back to 2018, my account was hacked. Someone got my password and login to my account. But he didn't made any post or sent pm to anyone from my account. He did something else. I had 4 sMerit and he sent it to an unknown user. That post doesn't deserve merit where the hacker sent it. So add it in your post that we should also check our sent merit history. We both were login to my account at the same time for few days. I wasn't aware about it though. Finally he changed my password and my account got locked for security reason while I reset the password. Here I shared the experience of this issue Don't use your bitcointalk account password on other websites (https://bitcointalk.org/index.php?topic=5275188.msg55177433#msg55177433) Title: Re: Have you been monitoring your bitcointalk activities ever? Post by: jackg on October 12, 2020, 06:24:50 PM You may think how would you check your actives to make sure if someone accessed your account. First of all, you may check your post history and incoming + outgoing PMs. Hacker would delete PMs, so there would be some difficultly. In that case, your IP log would help if you aren't using the Tor browser. Here is the link: https://bitcointalk.org/myips.php (https://bitcointalk.org/myips.php), here you may see past one month IP logs. Again, it won't work if you are using Tor due to a random IP address. But at least you may notice the time when you access your account. You could always just try connecting via tor through the same country or region (not the same as yours though)... Then when you check your ip logs, it'll look weird if it's from anywhere else. I went through my ip log for the last month and there's only the two parts of the world I set my vpn to listed there. Title: Re: Have you been monitoring your bitcointalk activities ever? Post by: abdulodoi on October 12, 2020, 07:49:13 PM Wow, i have never thought about this. Thank you for sharing this. Would it make a difference if notification is sent to our email whenever we login to the forum. I'm not sure if this already exist.
Title: Re: Have you been monitoring your bitcointalk activities ever? Post by: Yaunfitda on October 12, 2020, 09:59:12 PM I do check my logs when I discovered this forum's features, so I'm sure there are some people who do it, specially those who are paranoid and always thinks that a hack is always possible. So I will say that this is a good practice specially the next day you login, you have to monitor if there is a suspicious IP logs and in cases that you have been breach, hackers can do it,
[1] My acc has been hacked and used to post scam thread! (https://bitcointalk.org/index.php?topic=5218316.0) [2] Is there such thing as a malware that would make me automatically post? (https://bitcointalk.org/index.php?topic=5217251.0) Title: Re: Have you been monitoring your bitcointalk activities ever? Post by: erikoy on October 12, 2020, 10:10:32 PM It is important to get to know tye status of your account whether it is compromised or not. A better way to secure it as suggested from other plaforms is to change pass frequently. Yet, it may not be that ideal to me because I always forget password and that is one thing that make it even more difficult for me to access the acount. Anyway, that is only a suggestion to secure account and we know that this forum is important to learn about cryptocurrency so we should be even more careful in securing the account we have here.
Title: Re: Have you been monitoring your bitcointalk activities ever? Post by: blue Snow on October 13, 2020, 03:57:04 AM Again, it won't work if you are using Tor due to a random IP address. But at least you may notice the time when you access your account. If the user have knowledge about the IP, it will know by guard or first relay in circuit. because Guard node may not change (https://support.torproject.org/tbb/tbb-2/)Wow, i have never thought about this. Thank you for sharing this. Would it make a difference if notification is sent to our email whenever we login to the forum. I'm not sure if this already exist. Bitcointalk is not like that. this forum will be alerting you only if the password and email changed. I added email notifications for some security events: Whenever your password is changed (except by an administrator), you will get an email about it. Whenever your email is changed (except by an administrator), your old email will get an email about it with a link to lock your account. The link is valid for 14 days. Let me know if you find any bugs. Title: Re: Have you been monitoring your bitcointalk activities ever? Post by: Findingnemo on October 13, 2020, 04:42:58 AM I often check my post history basically to reply anyone one who quoted my posts because sometimes I don't get notification on my telegram bot, but Irarely check PM's unless I received something from someone.
Bitcointalk is not like that. this forum will be alerting you only if the password and email changed. But I feel it would be better if we receive an email if our account gets logged in from unknown location.Title: Re: Have you been monitoring your bitcointalk activities ever? Post by: pakhitheboss on October 13, 2020, 05:12:39 AM The IP log, when using a VPN, can also be difficult to assert, but I do check it every now and then (not on a daily basis though). One feature I miss, is something I’m used to on other websites, whereby you receive a notification (and opt-in email or such) when someone logs-in to your account from a different device, either successfully or at fault. This could also be used to troll people, but I think it would be more beneficional in the big picture. I am not sure whether this feature can be added to the forum but a verification code to the mobile number or the register email address can solve the problem. Most of us wont agree in providing mobile number but an email address only for the verification code would be acceptable by members here. Without the verification code user wont be able to login. This is similar to what some exchange do in order to secure the account if a user does not want to opt for 2FA. Title: Re: Have you been monitoring your bitcointalk activities ever? Post by: LTU_btc on October 13, 2020, 09:45:41 AM I must admit that I'm not monitoring my Bitcointalk activity. I visit Bitcointalk so many times during the day, so I probably would notice if something strange would happen. If I would receive reply in PM from someone, whom I never sent message before, I would realize that something wrong happened and my account got compromised.
I didn't knew that's possible to track my IP logs on Bitcointalk, I thought that only admins can see it. It's really useful thing. I see that some of IP's is not known for me, but I think it's from my mobile internet provider. |