Bitcoin Forum

There is this friend of mine that always has his Btt account on steady online on his phone chrome browser. According to him, the reason for that is to have easy access to his account.
Unfortunately, for him yesterday he lost his phone. The problem now is that he can't pinpoint where he wrote down his login password. He's now unable to memorize the password of his logins again

If you are guilty of this in this forum. The only direction I can give you are
I. Try to memorize your password.
2. Don't leave your account steady online in any browser. It can make someone have access to it easily.
3. Always stay logged out. Only log in when you want to post or read some posts.
4. Make sure no one sees or knows your password when you are about to log in with your phone.
5. Don't login your account to someone's phone, all in the name you want to make a post. In case you do, make sure you log out after the post

Tell your friend to try forgot password on the login page of this forum if he have access to his email.

Or if he had signed a message with bitcoin address before on this forum, or using the address he had used before on this forum in the past, like the one used to receive payment from a campaign manager campaign.

Recovering hacked/lost accounts (https://bitcointalk.org/index.php?topic=5089777.0)

You can forget what you memorize, even if you memorize it, only still rely on password backup.

Maybe? But only for not so important accounts. But still a bad advice.

Instead of memorizing it, people should be using Password Managers in storing their login credentials with multiple copies of paper backup of the master password secured in the safest place possible. And as far as I know, there are papers that says our brain is shitty in remembering and creating a strong password, hence suggesting PM's like Bitwarden or Keepass.

I don't see password managers as a secured way because once your device is lost, you have lost access to your password managers also. Making multiple copies of your passwords on paper make your password more vulnerable.
If you can not memorize your password, then I'm sorry to say that it's not important to you. I backed up the idea of memorizing and make a copy to save in a vault. Apart from vault I'm yet to see a safest place to store security credentials.

Tell your friend to first login his Google account on his new phone. The passwords on chrome are saved on the Google account, he can login from there.

---

I want to do add this to your list: Don't use the same passwords for multiple sites it makes it easy for your account to be hack. I also don't recommend using a very difficult password you may also forget it.

Phones can get lost or stolen, Firmware OTA updates can ruin your phone and you will be forced to reinstall OS again, the solution is writing passwords down in a book, either for BTT, exchanges or emails, this is the smartest move.

Chrome does not save password automatically to your Google account, you'll be asked to give permission first before it proceed to either save or discard. And who knows whether the victim click on allow to save password or not?
Sometimes, getting access to your email is very difficult after losing your phone because your new password will be sent to the number attached to your email. This is why I attached both the numbers and email of my next of kin to my email just in case like this occur.

As long as you have the credentials needed to make a verification that is your friend's account there's no worry about it, that's why even though the email use is important for your to change your password easily and for sure your friend save those password in their browsers most of the feature of the search engine right now saving the information you inputted so you don't need to make problematic. Also if you have concern with your account Charles-Tim already give the thread you need.

That's why you need to separate your device and copied it to all your device to prevent from this kind problem, secondary phone is very important and I don't think everyone can't afford to bought two phones while most of cell phones are cheap.
If your password are very secure, full combination of capitalize, number, symbol etc it's almost impossible you will always remember your password. More importantly you shouldn't using one password for all platforms to make it more secure.

Bank vault isn't safe since they can read your password, it's better to make your own steel plate contain your password.

---

To @OP don't ever login your password to your friend phones, even you've logout, the keyboard could still remember your password.

Nowadays, most people who regularly use a computer or work phone use a password storage application using 3rd party applications, or at least save it right in the browser and just log in is that we can recover the password easily.

If your friend doesn't have any of the above, we can reset the password using the email registered with the account.
Don't tell me he stores all the important stuff on his phone and doesn't have any other backups. He is a bitcoin user so I trust he will know how to secure his important documents. If he really is the owner, it shouldn't be difficult to restore them.

You should not do this.

Because if your approach is memorize (remember) your password, it is very likely that you will use a same password for many accounts, on many platforms. That's odd enough.

• [GUIDE] How to Create a Strong/Secure Password (https://bitcointalk.org/index.php?topic=5132378.0)
• Don't remember. You should back it up and use password manager

In addition, in Bitcointalk, you should sign a Bitcoin message from your non custodial wallet

• [Guide] How to sign a message (https://bitcointalk.org/index.php?topic=990345.0)
• Stake your Bitcoin address here (https://bitcointalk.org/index.php?topic=996318.0)

Your friend should not be over confident of storing something on his phone when anytime it could be gone in second especially when it has important files in it. I bet it's not just the BTT account that's been compromised here since it's a phone I'm sure his any other social media accounts is compromised but if your friend is too wary about of his accounts he could just use other device or PC to reset his password on those any social media accounts so that it will automatically log them out.

I see no reason why you will create account and you won't memorize your password, that's kind of bad.
If your friend knows the email that he used to register the account and he can still access the Gmail, am sure your friend can still access his Bitcointalk account. The only thing he will do is just to input his username and click on forget password, the new password will be send to his Gmail, but if he those not have access to his Gmail, maybe he can't also remember the password to his Gmail, I think his Bitcointalk account is already gone, I don't think their is anyone we he can recover his account.

Why don't you go for the best possible solution like click forgot your password? and then proceed to rest the password via email but remember he need to have access to the email which he saved under the profile.

And this is not only for bitcointalk, if you're bad at remembering your password then go for trusted password managing apps but I simply used to keep me logged in and I know I am the only person who is going to access the device.

Using bitcointalk on phone since years on mobile.

1) For password safety, you could use password managers but do memorize password manager's password  :P

2) Always stay logged out is too much hassle, use phone lock.

5) Completely agree.

yep, I agree with what Findingnemo wrote if your friend only forgot the password he can just change the password by clicking "forgot the password". If I remember correctly you only need your account's user name or the email you used on that account(but he needs to have access to that email), if he has a secret question, he'll need to answer that, but if he doesn't, he'll only need the email or the user name of his account.

All chromium-based browsers allow their users to log in to their google account. If your friend was logged on his mobile chrome browser and had enabled save password mode then he can access the password on any device. All he needs to do is simply login into his new device with his same google account then go to settings>>autofill>>password and it will show all passwords saved by him. You do not need to remember passwords in the 2022 if you know how to use tech.

Now, after the tips above, you and your friend have a lot of guides on handling and storing passwords. Remembering passwords means having very vulnerable passwords that can be easily guessed. Use strong passwords, don't trust the Chrome browser, and don't save cookies in your browser. The fact that people temporarily trust saving is very easily broken if spyware is somehow installed on the phone.
Therefore, treat the resources vital to you on the network very carefully, namely, always have a backup copy cut off from the web.

No! You can have backups in case something bad happens (e.g., you lose your phone/computer, disaster, mental ailness, brain damage)

I use Bitwarden and I periodically do backup maybe thrice a month. What I usually do is exporting the unencrypted .csv file and store it on a multiple flash drives in separate secure location while the master password and its associated backup email is written on a laminated paper to keep it from wear and tear. With that, you'll have no reason that you lose access to your PM.

I also that you can backup your Keepass database both on online and on physical storeage though.

Maybe I am missing something, but I surely don't understand why making multple copies isnt good LOL.

He can always reset his forum login details and receive new one in his email.

That is a bad advice.
Your brain and memory is bad place for storing data and it's not reliable, on top of that, nobody can remember passwords for all accounts.
Much better option is to use open source passwords managers like KeePass that stores all passwords, so you only need to remember and backup one password.
This can be used on phone (KeePassDX) and on computer.

You know you can always lock your devices in stand by and demand pin code for access.

Having your passwords stored in your brain can be stressful as you may have difficulties in remembering your password again especially when you have another password stored on the same brain. Memorizing your password can also lead you to expose it to hackers because in other not to forget it, you may be tempted to use it in other things and this can lead to lost or password exposure. The best I can advise you to do is to write your password in a metal then store it in a place where you alone has access to, my personal opinion though.

Because it increases the risk that someone finds it IMO.
Moreover, your way of doing is only efficient for very tech-savvy people but most of users will never do that, or one or two months at most, and will give up. It's way too burdensome for the average Joe, for just an account on a crypto forum. Don't forget this iron law of opsec : Security at the expense of usability comes at the expense of security.

https://protonmail.com/blog/protonmail-com-blog-password-vs-passphrase/

https://imgs.xkcd.com/comics/password_strength.png

1. I don't think that remembering the password is a good idea. People are terrible at remembering things like passwords, and it will probably prompt you to use the same password across numerous services, which is a major security risk.

2. Not necessary. There are other ways to protect your device from unauthorized use. You don't have to make things difficult for yourself.

3. Same as 2.

4. I agree. Password managers can also help here because you won't have to type the passwords every time.

5. I agree with this completely.



Most password managers have the ability to synchronize across many devices, which means you can use the same password manager on your phone, computer... With a password manager, you can have a single master password that can be used to access all of your passwords across all your devices. The benefits of password managers are that they make it easier to access your many passwords, and they help you stay secure by ensuring that only you have access to your account.

Password managers may not be the best solution, but it's certainly better than remembering your password or storing it unprotected on just one device that can be lost.

If your friend's device is locked using one of the protection methods, there will be no problem for someone to find it and try to exploit the data recorded inside it. In any case, I advise you to tell us about your friend's profile so that we know that it is no longer owned by its owner in the case that your friend is unable to access his account again.

In some of the comments there are tips to recover your account using one of the addresses that he used previously and it was staked/unedited in one of the topics, but this is not enough if he also lost the email he used for registering his account for the first time on the forum. It will definitely be a complicated process anyway.

I also don't recommend trying to remember passwords all the time or using the same password on different platforms. This would be a disastrous step in the case of  lost/theft of that data .

That is why I always advise people to use a password that they can be remembering even when sleeping. Use something that very familiar which contain numbers, alphabets and signs which can not be forgotten. Those who forget login details for important sites are not serious even about their life. Someone even forgot his username for BTT. lovesmayfamilis, tranthidung and others I have you the way to create and secure a strong password through you to your friend and I also believe these information are also helpful to you as well. As Charles-Tim said, Memory is not a best place to keep password, because many things enter the brain in every second so if you keep keys in your memory you might lost it. I remember when I lost my mobile anti-theft password. That thing made to format the mobile phone and I lost everything in the phone so I have to download and installed all the apps all over again and videos and pictures were permanently lost out. Since then I have taken my caution.

I received a mention of my nickname in telegrams. Agbe, I do not quite understand what you want to say? Someone forgot their name on the forum? Do you recommend remembering passwords or not? A continuous stream of thoughts that do not unite logically together. And where am I in your post and trathidung? What's wrong with us?   ??? :o :o

Though it all depends on the users, i have face similar issues what i did was to go to chrome> Settings> security> Password > enter phone password and reveal the password use for btt that will really  help alot. Make sure to synchronized your phone with PCs to avoid similar cases to occur. Next time you can try set a security questions on your account like;
What is your age?; At this point only you knows your real age, If your suspect your friends knows your real age you minus or plus a year to your real age to make the security question very tough quess.
What is your Provence?; You alone knows your provence
What is your mother's name?; you alone knows your mother's real name.

All this for account security if you can't get access to your account remember your password.

Very sad to hear but your friend's account can be recovered easily if he had set secret question or by using forgot password option.

You're right. At some point I have just two or three different passwords for all my online stuff. It was either this or that and I made sure they were easy words to remember. I knew it wasn't a right thing to do but I lingered on it. A day came when I took a decisive decision and added more passwords; wrote them all down.

How easy and safe can that be? I've read people talk about that here but then I believe the print on the metal can wear out with time. Again, if anyone also lays hands on the metal (I believe it won't be a tiny piece), the password could be exposed. To be frank with you, no method is fool proof. They all have their bad side.

The most annoying of it all is that whenever one is careless about his account or couldn't exercise patience enough but to log in through someone else's gadget, then the havoc they would have cause may not be limited to what an ordinary challenge could be, they might have implemented some settings and initiated so post using the account just in the name of implicating the user, people cannot just be trusted and one must be very conscious of his privacy at all times.

I guess your friend @OP never attached too much importance to the account to have not used a password he or she could recall at any give time when called upon or maybe attached too much importance to completely randomise he's or her password that much to secure it away from even himself.
Now there are two ways to have your account always logged in on the forum

1. You get to click the stay login box while trying to access the forum (Of course this will always keep you logged in so long as you visit the forum every now and then daily or in 2days)
2. You get to save your password to Google cloud (Upon visiting the forum, you just ont get to fill in your password as it would be done by auto)

Option one is phone specific and relatively safe but, a lost phone means your account is lost should you not recall your login details.
Option two goes with your mail but not entirely safe as a hacked email could mean a hacked account. The only good news is, your login details could be reproduced where ever that mail is used (advantage/disadvantage).

While your friend tires the suggested means to an account recovery as have been suggested, its important you use what is memorable and difficult for others in password creation. There js nothing wrong if you login every now and then with your password. Your muscle reflexes could help you to recall the codes even when you slightly forget.

That is why it is necessary and very important to link an active email address to a btt account, because if this happens to anyone, you can try to forget the password.

An easy way that you can recommend
1. Login BTT Account
2. Click Forgot Password
3. Select the option send code to email address

This can be done, as long as the linking email has access, so that the account can be reused and change a new easy-to-remember password.

But if the linking email is not accessible, it gets more complicated.
Alternatively, asking for help from someone who understands the network, mobile email can be disabled.

Notes:
1. Always store passwords in a safe place
2. Don't create the same password
3. Use active email for bitcoin account

These devices can be accidentally lost and if you have your btt login then it could be problem and some of them even have stored their passwords and other stuff in the phone also which is risky.For password you can use password mangers rather then memorizing it because human mind can sometimes forget things so it could be risky for you in case you don't remember the password if you have created lengthy one mix of number and characters.Write it down somewhere safe and use seperate mails for btt login to recover your account.

Thats a big problem if he doesnt have spare copy of his password or account details aside from the phone. Its imperative to have spare copy that you can access anytime in case a situation like this occured. Or should write in papers all important accounts and keep it safe at home.  Somebody can exploit your phone and once the hacker find it then he can use your account already. Also there is an email associated with the account he can use it to retrieve the account.  Problem is if that as well is forgotten too.

My habit when creating an important account and I will continue to use it is to save a backup password on a piece of paper or in my personal book, so that when I forget I open it again. but I try to remember every account password that I create and distinguish the password in each account or email that is created. it will provide a better level of security and solve the forgotten password problem. to log in using my cellphone, I just set up a temporary login or don't remember it on my cellphone, because of security problems and losing my cellphone as experienced by the OP's friend.

I usually create different passwords for multiple accounts. Sometimes they are randomly generated and stored using the iCloud Keychain feature (https://support.apple.com/en-us/HT204085). I can use the previously created account and password on my MacBook when accessing similar sites (using the Safari browser) on a smartphone with the Keychain feature. In addition, I use multiple backups for accounts and passwords in several different places.

I don't know the Pokapoka124's suggestion can be used or not.

You don't have to memorize your password, just find a good big note and write down your login information, this is what I do for all my login details, your phone can get lost at any time and also it's bad to use one password on all your accounts online, Facebook, Twitter, LinkedIn, bitcointalk etc because if one of these get hacked the hacker will try the same password everywhere else.

Actually this happened to me last week. I have logged in my account in a particular browser since I created it and I don't log it out. I always open the browser and use the forum without problems of logging in, solving captcha or related issues.

Last week I got a new mobile phone which I only use outdoors due to some sensitive files I have in my main phone. So, I was out for 2 days and had a need to use the forum. Trying to login, I forgot my password and I didn't want to reset my password. I struggled for almost 15 minutes to no avail. Finally, I have to calm myself and remember how and when I created the account, I remembered the circumstances behind creating the account, from there I remembered my password  ;D

I don't see why you would establish an account and not commit your password to memory.
I'm confident that your friend can still access his Bitcointalk account if he knows the email address he used to sign up for the account and he can still access Gmail. The only thing he needs to do is enter his username and click the "forget password" button and so he will be able to retrieve the password.

Yes, that's a great solution if the friend referred by the OP still has access to his email. But I can imagine that his friend will be very easy to forget because of his habit of saving passwords in the browser without remembering them.

The final solution I can imagine is, if the OP's friend has access to the wallet he used on the forums, he can recover his account with the help of a moderator or recovery team. He can sign messages to prove ownership of his account but I believe the OP's friend might lose his account if he doesn't keep anything.