cyclotronmajesty (OP)
|
|
July 18, 2015, 03:55:51 AM |
|
What's with the 45 second delay after you insert your password or user name wrong more than 2 times? It's a little over the top. It's just a forum. Why should anyone care about security so much? Maybe this extra security should be an option? Blah..
|
|
|
|
|
|
If you see garbage posts (off-topic, trolling, spam, no point, etc.), use the "report to moderator" links. All reports are investigated, though you will rarely be contacted about your reports.
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
achow101
Staff
Legendary
Offline
Activity: 3388
Merit: 6581
Just writing some code
|
|
July 18, 2015, 04:00:35 AM |
|
That actually is to prevent spam and spammers.
They also care about security a lot because many financial transactions happen here. If a trusted account was to be compromised, then the attacker could use that account to scam people and steal a lot of money.
|
|
|
|
Hexcoin
|
|
July 18, 2015, 04:20:09 AM |
|
What's with the 45 second delay after you insert your password or user name wrong more than 2 times? It's a little over the top. It's just a forum. Why should anyone care about security so much? Maybe this extra security should be an option? Blah.. it could prevent users using bots to spam log in some accounts using different password to try hacking. 45seconds isn't much of a problem mate, just enter your log in credentials correctly
|
|
|
|
ahmedjamal1998
|
|
July 18, 2015, 04:22:34 AM |
|
Two points: 1- 45 seconds isn't that much to talk about 2- Security is loved always
|
|
|
|
notlist3d
Legendary
Offline
Activity: 1456
Merit: 1000
|
|
July 18, 2015, 06:01:09 AM |
|
What's with the 45 second delay after you insert your password or user name wrong more than 2 times? It's a little over the top. It's just a forum. Why should anyone care about security so much? Maybe this extra security should be an option? Blah.. Its so you can not bruteforce a password. If there was no timer one "bad guy" might sit there and just go through ton's of attempts. It's WELL worth the wait. I would not mind if they make it longer and add 2 factor auth. I like secure.
|
|
|
|
jacktheking
Legendary
Offline
Activity: 1484
Merit: 1001
Personal Text Space Not For Sale
|
|
July 18, 2015, 06:11:51 AM |
|
What's with the 45 second delay after you insert your password or user name wrong more than 2 times? It's a little over the top. It's just a forum. Why should anyone care about security so much? Maybe this extra security should be an option? Blah.. Its so you can not bruteforce a password. If there was no timer one "bad guy" might sit there and just go through ton's of attempts. It's WELL worth the wait. I would not mind if they make it longer and add 2 factor auth. I like secure. There's no need for human to do brute forcing nowadays. Someone could easily create a bot that can brute force Bitcointalk 24/7.
|
So sad! This profile does not appear as the #1 result (on anonymous) Google searches anymore.
Time to be active on the crypto forums again? Proud to be one of the few Legendary members of the Sparkie Red Dot!
Gonna put this on my resume if I ever join a cryptocurrency/blockchain industry!
|
|
|
LFC_Bitcoin
Legendary
Offline
Activity: 3528
Merit: 9544
#1 VIP Crypto Casino
|
|
July 18, 2015, 11:20:47 AM |
|
What's with the 45 second delay after you insert your password or user name wrong more than 2 times? It's a little over the top. It's just a forum. Why should anyone care about security so much? Maybe this extra security should be an option? Blah.. Bro this forum needs to be as secure as possible. There are some great guys here, some really trustworthy, helpful posters who will do anything for you but there an equal number of scum bags, hackers, thieves, low lives etc. The problem is that bad people here can be very dangerous, there are some very tech savvy, intelligent people here. Don't knock anything that helps provide security here, I fully agree with anything the mods do to make this place safer.
|
|
|
|
jambola2
Legendary
Offline
Activity: 1120
Merit: 1038
|
|
July 18, 2015, 07:45:45 PM |
|
TBH, 45 seconds feels a bit much for stopping a bruteforce attack. 5 seconds maybe sounds more reasonable, and even lesser would work. Bruteforce attacks work only when the attacker has the hash.
Let's assume a 6 character lower case only password. There are (26^6) combinations, and it will take (26^6)*45 seconds to check them all That's 440 years. Changing it to 5 seconds will reduce it to around 49 years. Something stronger, like 8 characters (still less), upper and lower case and numbers will take millions of years.
So the question is still, why?
|
No longer active on bitcointalk, however, you can still reach me via PMs if needed.
|
|
|
XinXan
|
|
July 18, 2015, 07:49:17 PM |
|
What's with the 45 second delay after you insert your password or user name wrong more than 2 times? It's a little over the top. It's just a forum. Why should anyone care about security so much? Maybe this extra security should be an option? Blah.. Its so you can not bruteforce a password. If there was no timer one "bad guy" might sit there and just go through ton's of attempts. It's WELL worth the wait. I would not mind if they make it longer and add 2 factor auth. I like secure. There's no need for human to do brute forcing nowadays. Someone could easily create a bot that can brute force Bitcointalk 24/7. And thats why there is a 45 sec delay, even if you are going to use a bot you still wont be able to bypass the 45 second waiting time so you would only have 1 guess per 45 seconds, unless you can somehow manage to bypass it by using tor or something like that
|
|
|
|
--Encrypted--
Copper Member
Legendary
Offline
Activity: 924
Merit: 1007
hee-ho.
|
|
July 18, 2015, 09:15:38 PM |
|
So the question is still, why?
why not? 45 seconds are nothing as long as they're not up to anything bad. it may even discourage hackers from trying to brute-force an account.
|
|
|
|
OmegaStarScream
Staff
Legendary
Offline
Activity: 3472
Merit: 6120
|
|
July 18, 2015, 09:21:44 PM |
|
It's bitcointalk forum and not any other forum . Accounts here have a value depends ont he Rank because they can enroll on signature compaigns and get paid and accounts can even have sensitive informations on them . So for what comes to the 45 seconds if we are speaking about the Login form then it's most likely to prevent Cracking because cracking became easy those days and people become more and more familliar with it using Sentry MBA and other cracking programs and maybe also for not having so much load , for what comes to posting then this dissapear with time and with your Activity rising and it's for preventing spam from new accounts .
|
|
|
|
redsn0w
Legendary
Offline
Activity: 1778
Merit: 1042
#Free market
|
|
July 19, 2015, 09:42:21 AM |
|
It's bitcointalk forum and not any other forum . Accounts here have a value depends ont he Rank because they can enroll on signature compaigns and get paid and accounts can even have sensitive informations on them . So for what comes to the 45 seconds if we are speaking about the Login form then it's most likely to prevent Cracking because cracking became easy those days and people become more and more familliar with it using Sentry MBA and other cracking programs and maybe also for not having so much load , for what comes to posting then this dissapear with time and with your Activity rising and it's for preventing spam from new accounts .
I do not think the 45 seconds of delay between the login it is not due the value of accounts, but only for a security reason. If someone will gain (easily) the access of a community trusted account then he can do a lot of damage.
|
|
|
|
randy8777
Legendary
Offline
Activity: 896
Merit: 1000
|
|
July 19, 2015, 09:54:36 AM |
|
people are never satisfied. if this forum is trying to make sure everything is secure, people complain that it is over the top. if the forum gets hacked, people then complain about the forum lacking security. be happy that the forum is as it is.
|
|
|
|
LouisVuitton
Legendary
Offline
Activity: 896
Merit: 1000
Louis Vuitton
|
|
July 22, 2015, 02:42:58 PM |
|
It's there for a reason, it isn't that much of a hassle to wait 45 seconds. So just wait it out and have fun.
|
|
|
|
|