Bitcoin Forum
November 24, 2017, 06:54:36 PM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 [2]  All
  Print  
Author Topic: A plea to exchanges ... lets do 2 factor right!  (Read 5390 times)
caveden
Legendary
*
Offline Offline

Activity: 1106



View Profile
November 30, 2012, 08:03:02 AM
 #21

Self-imposed withdraw limits may also be a good idea, and perhaps more convenient to some. Any attempt of changing these limits should required 2-factor-auth or at least produce a notification, and the change should only be applicable 48h later or something.

18rZYyWcafwD86xvLrfuxWG5xEMMWUtVkL
1511549676
Hero Member
*
Offline Offline

Posts: 1511549676

View Profile Personal Message (Offline)

Ignore
1511549676
Reply with quote  #2

1511549676
Report to moderator
Join ICO Now A blockchain platform for effective freelancing
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1511549676
Hero Member
*
Offline Offline

Posts: 1511549676

View Profile Personal Message (Offline)

Ignore
1511549676
Reply with quote  #2

1511549676
Report to moderator
1511549676
Hero Member
*
Offline Offline

Posts: 1511549676

View Profile Personal Message (Offline)

Ignore
1511549676
Reply with quote  #2

1511549676
Report to moderator
1511549676
Hero Member
*
Offline Offline

Posts: 1511549676

View Profile Personal Message (Offline)

Ignore
1511549676
Reply with quote  #2

1511549676
Report to moderator
J-Norm
Jr. Member
*
Offline Offline

Activity: 56


Piper at the Gates of Dawn - Listen to it


View Profile
November 30, 2012, 08:04:05 AM
 #22

TLDR; Tongue 2 factor authentication is available in a lot of formats

Music is amongst the greatest treasures on Earth. Pink Floyd, Hendrix, Cat Stevens, the Beatles and so many more have made me so happy. "Love is better than a song." -  Cat Stevens
J-Norm
Jr. Member
*
Offline Offline

Activity: 56


Piper at the Gates of Dawn - Listen to it


View Profile
November 30, 2012, 08:07:52 AM
 #23

Self-imposed withdraw limits may also be a good idea, and perhaps more convenient to some. Any attempt of changing these limits should required 2-factor-auth or at least produce a notification, and the change should only be applicable 48h later or something.

This is a great idea. Not only can people use it to limit a grab and dash by some theif but it could also be used to enforce a budget on yourself.

Also, much must they invented time lock on vaults so that bank managers would stop getting kidnapped in the night you could set it up so that you only have access to funds during hours you know you will be safe.

I decide on a budget for a week and I spend it in 3 days. I dream of a machine that will give me money by the hour based on my weekly budget.

I spend like a fool.

Music is amongst the greatest treasures on Earth. Pink Floyd, Hendrix, Cat Stevens, the Beatles and so many more have made me so happy. "Love is better than a song." -  Cat Stevens
burnside
Legendary
*
Offline Offline

Activity: 1008



View Profile WWW
November 30, 2012, 08:09:21 AM
 #24

GPG keys are the basis of the otc web of trust as I have very recently learned. Neat idea.

I know how to protect a gpg private key, I can keep the CIA, FBI and the whole alphabet soup from my gpg private key.

I agree people who don't understand just how private a private key must be guarded should not activate this advanced feature. But I don't have a non-encrypted storage device in my house.

Bitcoin itself depends on protection of private keys.

I am confident that I am the only one loggin in if:

  • I must enter a password
  • I must sign a 256 bit string of bytes using my registered key

I would of course have a password for that key that would never be defeated by a dictionary attack.

I think you should be able to configure just how locked down your identity should be from simple to cryptogeek.

Consider smart devices already exist that will use a private key for you but no reveal it. Chip-Pin credit cards use them. "Smartcards" can do this. Now you can use a bit of plastic with a built in signer, or a laptop, or a server cluster, or your smart phone.


What is your opinion on how safe your private key is on the chipped cards, smart phone apps, etc?

How do you keep your key secure from a virus on your system?  I understand keeping the storage encrypted, but you have to decrypt the storage to use it, at which point the virus can also read it, no?

I think at one point MPOE-PR mentioned using QR codes to securely pass messages back and forth between an offline device and an online device, are you aware of any products that might facilitate this?  (I'm thinking cell phone apps?)

Sorry about the 20 Q's.  You seem pretty knowledgeable so I'm picking your brain a bit.  Smiley



I'm not a Coinbase fan -- I placed a buy order, they took the funds out of my account, then a week later the price went up and they canceled the buy and closed my account.  You've been warned.  Use a different exchange.
Pages: « 1 [2]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!