|
Title: Bitcoinica - Two-factor Authentication Post by: zhoutong on January 13, 2012, 07:59:01 AM The wait is over.
Now Bitcoinica officially supports Google Authenticator, the implementation based on Time-based One-time Password (TOTP) algorithm. Supporting iPhone, Android and BlackBerry devices! Enable your two-factor authentication here: https://www.bitcoinica.com/account/security (https://www.bitcoinica.com/account/security) API is still available for use, however, we will introduce API key-secret authentication very soon, and two-factor authentication enabled accounts will not be able to authenticate using username and password. (So if you are using API right now, don't enable it until we have released the key-secret authentication.) Title: Re: Bitcoinica - Two-factor Authentication Post by: M4v3R on January 13, 2012, 08:17:20 AM Great to have it! Two notes though:
You state that you use HOTP (one time passwords), but by scanning the code it turns out you are using TOTP (time-based tokens). Decide which you want to use and put a clear message with that information on the site. I've tried to enter the setup token manually (I have iPhone 3G which couldn't scan the code) and picked password-based auth, and it didn't work. Also, please add option that Gmail has - remembering the code for some time. They get you 30 days. For Bitcoinica I'll use a week. Title: Re: Bitcoinica - Two-factor Authentication Post by: zhoutong on January 13, 2012, 08:45:19 AM Great to have it! Two notes though: You state that you use HOTP (one time passwords), but by scanning the code it turns out you are using TOTP (time-based tokens). Decide which you want to use and put a clear message with that information on the site. I've tried to enter the setup token manually (I have iPhone 3G which couldn't scan the code) and picked password-based auth, and it didn't work. Also, please add option that Gmail has - remembering the code for some time. They get you 30 days. For Bitcoinica I'll use a week. Sorry, I confused with the text. It should be TOTP. Updating the site now… I will see if remembering OTP is feasible and necessary. Thanks for the suggestion! Title: Re: Bitcoinica - Two-factor Authentication Post by: pirateat40 on January 13, 2012, 08:52:23 AM Great great great !
Title: Re: Bitcoinica - Two-factor Authentication Post by: Koekiemonster on January 13, 2012, 04:15:29 PM This is great!
Just one thing: I think "plese" on https://bitcoinica.com/account/security should be "please". Title: Re: Bitcoinica - Two-factor Authentication Post by: Otoh on January 15, 2012, 03:53:28 PM I don't have a smart phone but do use Google double authentication SMS for my gmail account, can someone tell me if I can use it somehow on Bitcoinica, I've read the Google set up page but can't work out if it's relevant for what's offered at Bitcoinica & if it's not could Zhou please add something simpler like a Yubi key or 3 random characters to input from a drop down menu using one's long memorable phrase please, also my mobile phone won't work in some parts of the world so I can't get the SMS
Title: Re: Bitcoinica - Two-factor Authentication Post by: Koekiemonster on January 16, 2012, 01:31:52 PM I think the only way to use 2FA right now is with a smartphone, but I'm positive more options will be available in the future.
Title: Re: Bitcoinica - Two-factor Authentication Post by: Otoh on January 16, 2012, 07:23:27 PM many thanks for the info, Zhou pse set up an alternative & if anyone has the inclination then kindly to give me
edited my typo of there/their before I get the spelling nazis after me as well as the dildo below Title: Re: Bitcoinica - Two-factor Authentication Post by: rjk on January 16, 2012, 07:30:23 PM I don't have a smart phone but do use Google double authentication SMS for my gmail account, can someone tell me if I can use it somehow on Bitcoinica, I've read the Google set up page but can't work out if it's relevant for what's offered at Bitcoinica & if it's not could Zhou please add something simpler like a Yubi key or 3 random characters to input from a drop down menu using one's long memorable phrase please, also my mobile phone won't work in some parts of the world so I can't get the SMS many thanks for the info, Zhou pse set up an alternative & if anyone has the inclination then kindly to give me there opinion of what the best smart phone to get for using with this & Bitcoins in general would be, many thanks, oh yes & my main computer is a new Mac atm so would there be anything that I could plug in to it to make it do whatever it is that the smart phones do for 2FA Ever heard of punctuation? I think there are 4 questions and 5 different statements in those quotes, but I can't be sure. |