opentoe (OP)
Legendary
Offline
Activity: 1274
Merit: 1000
Personal text my ass....
|
|
October 10, 2012, 02:41:44 AM |
|
I've been using Blockchain for a couple of months now. I've sent/received bitcoin on many occassions with no problems. All of sudden today I an unable to log in with my password. I am aware that Blockchain does not store your password locally so I wrote my password down on paper and put it in my safe. It is the same password I use on several of my banking sites, so I know the password well. For some reason I'm unable to log into my Blockchain account and there is no way they are able to help me!! I have this funny little feeling that they maybe have something to do with this. Since I'm unable to get to my money now and that account will just go stale I'm pretty sure that Blockchain will get that money eventually. Maybe they do this on purpose for random accounts? I'm %100 sure that I know my password. It is a little ironic that they don't store your password on their server and can't help me. Strange. So, if you have a lot of money tied up on Blockchain I would send it to your local wallet instead. I'm finding out that the best place to keep your bitcoin is your local wallet and NONE of these online places.
|
|
|
|
|
|
|
|
"I'm sure that in 20 years there will either be very large transaction volume or no volume." -- Satoshi
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1136
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
October 10, 2012, 02:42:50 AM |
|
Just use a paper wallet. And/or back up your keys to paper, Blockchain makes that pretty easy.
|
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
julz
Legendary
Offline
Activity: 1092
Merit: 1001
|
|
October 10, 2012, 02:46:09 AM |
|
That they don't store the password on their server is a good feature. I don't see how Blockchain can get that money eventually - unless you used a pretty simple password and they run a brute force against it. Highly unlikely anyone external could brute force any but the simplest of passwords - as blockchain seems to do IP lockouts (though perhaps via botnet?)
Also - check your keyboard isn't damaged.
..and - look for keyloggers. Perhaps someone got in via your system and changed the pass.
|
@electricwings BM-GtyD5exuDJ2kvEbr41XchkC8x9hPxdFd
|
|
|
casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1136
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
October 10, 2012, 03:00:28 AM |
|
Number of times I've typed a password again and again and again and SWORE I did it right but it clearly isn't working... only to discover that my keyboard is set in a foreign language, and I'm either typing "ραςςωoρδ", or it's AZERTY and I'm really typing the equivalent of "pqssword" or whatever.
|
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
Atlas
Jr. Member
Offline
Activity: 56
Merit: 1
|
|
October 10, 2012, 03:03:17 AM |
|
OP, all they store is your public keys/private keys in a encrypted JSON with a linked identifier. That's it. There's no way they can alter it unless they are storing your passwords which would ruin them.
|
|
|
|
Stephen Gornick
Legendary
Offline
Activity: 2506
Merit: 1010
|
|
October 10, 2012, 03:05:40 AM Last edit: October 10, 2012, 03:27:40 AM by Stephen Gornick |
|
It is the same password I use on several of my banking sites, so I know the password well.
Well, that could be one explanation as to what happened. I'ld first be worried that my system has been compromised and then only after being able to rule that out would I continue to use it. From a secure system, then I'ld change my bank passwords after this. Again -- password reuse is not recommended. Since I'm unable to get to my money now and that account will just go stale I'm pretty sure that Blockchain will get that money eventually.
No, they won't. They don't have access to the unecrypted keys. Now did you have a previous backup of your wallet from prior to having any trouble? But if a thief got access to it, even with an older copy of the wallet the funds are likely spent. The login page shows three backup methods ... Dropbox, Google Drive, and Email. You can configure it so that a copy of the encrypted wallet is sent to your e-mail after each change. Also, setting it up with a second password (required for spending) is a good recommendation.
|
|
|
|
|
allthingsluxury
Legendary
Offline
Activity: 1540
Merit: 1029
|
|
October 10, 2012, 03:24:44 AM |
|
Wow hopefully it is just something simple like a keyboard error. Hopefully you get access to your cash soon.
|
Gold & Silver Financial News: Silver Liberation Army, Gold & Silver News, Geopolitical & Financial News, Jim Rickards Blog, Marc Faber Blog, Jim Rogers Blog, Peter Schiff Blog, David Morgan Blog, James Turk Blog, Eric Sprott Blog, Gerald Celente Blog
|
|
|
dancupid
|
|
October 10, 2012, 03:59:22 AM |
|
If you have a backup of the wallet just open another account and import it to it - or import it into multibit. I would also just use a watch address for the bulk of your bitcoins with the private key stored offline.
edit - just realised you'd still have the same password problem though. But blockchain do not store any bitcoins they just store an encrypted wallet that is decrypted in the browser. They can't steal these bitcoins. I suggest you keep trying the same password - perhaps try it on a different computer
|
|
|
|
ralree
|
|
October 10, 2012, 04:58:47 AM |
|
I'm cool with blockchain, but their app doesn't have any sort of authentication (or at least I haven't seen it). I think my hard limit on what I keep in there is going to be 10BTC for the moment - no reason to risk losing it if I lose my phone.
|
1MANaTeEZoH4YkgMYz61E5y4s9BYhAuUjG
|
|
|
Stephen Gornick
Legendary
Offline
Activity: 2506
Merit: 1010
|
|
October 10, 2012, 05:27:50 AM |
|
I'm cool with blockchain, but their app doesn't have any sort of authentication (or at least I haven't seen it). Account details -> Secuirty You can enabled two-factor authentication. This can be an e-mail, SMS text message, Yubikey, or Google Authenticator. no reason to risk losing it if I lose my phone.
As long as you have it save backups (or send them to you), you are protected from lost. You can also set up a second password that is required only for spending. So even if the phone is stolen and someone tries to send funds, they can't without the second password. Account details -> Passwords - http://www.Blockchain.info/wallet
|
|
|
|
julz
Legendary
Offline
Activity: 1092
Merit: 1001
|
|
October 10, 2012, 05:28:42 AM Last edit: October 11, 2012, 10:44:28 PM by julz |
|
I'm cool with blockchain, but their app doesn't have any sort of authentication (or at least I haven't seen it). I think my hard limit on what I keep in there is going to be 10BTC for the moment - no reason to risk losing it if I lose my phone.
For the android app - you can put on a second password which is required when spending. (edit: ^^ what he (Stephen Gornick) said!) I believe when you 'pair' a device - the QR code contains the main decryption password, which I suppose may be somewhat vulnerable when stored in your phone. I find it annoying that the QR code even contains this password - as otherwise I'd carry around a printout of various pairing QRs in my wallet and scan them as necessary. The second password still wouldn't make this safe as with the decryption password they can still go to the website and change all the account settings... I guess 'two factor' is the way to stop that.
|
@electricwings BM-GtyD5exuDJ2kvEbr41XchkC8x9hPxdFd
|
|
|
piuk
|
|
October 10, 2012, 07:41:50 AM |
|
I am aware that Blockchain does not store your password locally so I wrote my password down on paper and put it in my safe.
Try opening notepad or another simple text editor and writing the password in plaintext exactly how you think it should appear. Then copy and paste it into the password field. Keeping you own paper backup or .aes.json backup is the always recommended. Then you can restore the wallet using a desktop client if need be.
|
|
|
|
kokojie
Legendary
Offline
Activity: 1806
Merit: 1003
|
|
October 10, 2012, 12:44:23 PM |
|
I've been using Blockchain for a couple of months now. I've sent/received bitcoin on many occassions with no problems. All of sudden today I an unable to log in with my password. I am aware that Blockchain does not store your password locally so I wrote my password down on paper and put it in my safe. It is the same password I use on several of my banking sites, so I know the password well. For some reason I'm unable to log into my Blockchain account and there is no way they are able to help me!! I have this funny little feeling that they maybe have something to do with this. Since I'm unable to get to my money now and that account will just go stale I'm pretty sure that Blockchain will get that money eventually. Maybe they do this on purpose for random accounts? I'm %100 sure that I know my password. It is a little ironic that they don't store your password on their server and can't help me. Strange. So, if you have a lot of money tied up on Blockchain I would send it to your local wallet instead. I'm finding out that the best place to keep your bitcoin is your local wallet and NONE of these online places.
Sounds like your fault for not properly backing up your wallet, both on paper and in encrypted form (it's impossible for blockchain.info or anyone else to change your password on your backups). Plus since you re-use your password, how do you know if your password has not been compromised somewhere else, and the hacker simply went into your blockchain.info account. It can be pretty useless to hack into online banking, so you might not notice your online banking has been hacked. If your coin hasn't been moved, then if you have properly backed up, you would not have lost anything.
|
btc: 15sFnThw58hiGHYXyUAasgfauifTEB1ZF6
|
|
|
ralree
|
|
October 11, 2012, 09:52:45 PM |
|
I'm cool with blockchain, but their app doesn't have any sort of authentication (or at least I haven't seen it). I think my hard limit on what I keep in there is going to be 10BTC for the moment - no reason to risk losing it if I lose my phone.
For the android app - you can put on a second password which is required when spending. (edit: ^^ what he said!) I believe when you 'pair' a device - the QR code contains the main decryption password, which I suppose may be somewhat vulnerable when stored in your phone. I find it annoying that the QR code even contains this password - as otherwise I'd carry around a printout of various pairing QRs in my wallet and scan them as necessary. The second password still wouldn't make this safe as with the decryption password they can still go to the website and change all the account settings... I guess 'two factor' is the way to stop that. Thanks (and thanks to Stephen Gornick as well). I'll go do that tonight.
|
1MANaTeEZoH4YkgMYz61E5y4s9BYhAuUjG
|
|
|
ErebusBat
|
|
October 12, 2012, 08:47:32 PM |
|
I've been using Blockchain for a couple of months now. I've sent/received bitcoin on many occassions with no problems. All of sudden today I an unable to log in with my password. I am aware that Blockchain does not store your password locally so I wrote my password down on paper and put it in my safe. It is the same password I use on several of my banking sites, so I know the password well.
Password re-use is never a good idea. For some reason I'm unable to log into my Blockchain account and there is no way they are able to help me!! I have this funny little feeling that they maybe have something to do with this. What 'funny feeling'? That is a pretty strong accusation coming from a low post forum account against piuk. Something tells me that there would be many more 'interesting' account for them to 'steal' if he were so inclined. Since I'm unable to get to my money now and that account will just go stale I'm pretty sure that Blockchain will get that money eventually. I am pretty sure that you don't understand how the service works given that this is near impossible (as others have pointed out). Maybe they do this on purpose for random accounts? I'm %100 sure that I know my password. Knowing and communicating the password to the server are two entirely different things (also as others have pointed out). Why would they risk their reputation to steel random piddly accounts? It is a little ironic that they don't store your password on their server and can't help me. Strange. I think you need to re-educate yourself with the meaning of irony: http://theoatmeal.com/comics/ironySo, if you have a lot of money tied up on Blockchain I would send it to your local wallet instead. I'm finding out that the best place to keep your bitcoin is your local wallet and NONE of these online places.
This is of course a personal decision and there is no right way for 100% of the people. Personally I have like BCI because an un-encrypted version of my wallet never hits my disk. Sorry to be so negative, but attacks on long standing services / members irritate the hell out of me, especially when done from sock/low count accounts.
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1009
Newbie
|
|
October 17, 2012, 06:50:20 PM |
|
I'd like to add other issue. I sent some bitcoins from my Blockchain wallet to an exchange, but the transaction is unconfirmed for 24 hours. I found that it contains a double-spent coins. I would send less coins (minus double-spent ones) but I can't cancel the transaction. It seems I lost my bitcoins.
|
|
|
|
ErebusBat
|
|
October 18, 2012, 12:44:38 AM |
|
I'd like to add other issue. I sent some bitcoins from my Blockchain wallet to an exchange, but the transaction is unconfirmed for 24 hours. I found that it contains a double-spent coins. I would send less coins (minus double-spent ones) but I can't cancel the transaction. It seems I lost my bitcoins.
You didn't lose your coins. Wait until the transaction fall off and you will have them back.
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1009
Newbie
|
|
October 18, 2012, 06:50:59 AM |
|
I'd like to add other issue. I sent some bitcoins from my Blockchain wallet to an exchange, but the transaction is unconfirmed for 24 hours. I found that it contains a double-spent coins. I would send less coins (minus double-spent ones) but I can't cancel the transaction. It seems I lost my bitcoins.
You didn't lose your coins. Wait until the transaction fall off and you will have them back. It's good news. But those double-spends r so annoying.
|
|
|
|
ErebusBat
|
|
October 18, 2012, 12:42:09 PM |
|
I'd like to add other issue. I sent some bitcoins from my Blockchain wallet to an exchange, but the transaction is unconfirmed for 24 hours. I found that it contains a double-spent coins. I would send less coins (minus double-spent ones) but I can't cancel the transaction. It seems I lost my bitcoins.
You didn't lose your coins. Wait until the transaction fall off and you will have them back. It's good news. But those double-spends r so annoying. Agreeded. Are you using another wallet? Or perhaps a service like one of the dice? You normally shouldn't get double spends unless something out of the ordinary is going on.
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1009
Newbie
|
|
October 18, 2012, 12:46:02 PM |
|
Agreeded. Are you using another wallet? Or perhaps a service like one of the dice? You normally shouldn't get double spends unless something out of the ordinary is going on.
Aye. I was playing SatoshiDice with the coins in Blockchain wallet.
|
|
|
|
jbreher
Legendary
Offline
Activity: 3038
Merit: 1660
lose: unfind ... loose: untight
|
|
October 18, 2012, 05:56:19 PM |
|
It is a little ironic that they don't store your password on their server and can't help me. Strange. I think you need to re-educate yourself with the meaning of irony: http://theoatmeal.com/comics/ironyIronic or not?: While your link provides a ready means of buying your new book, it lists no option to do so in bitcoin. (sorry for the thread derail)
|
Anyone with a campaign ad in their signature -- for an organization with which they are not otherwise affiliated -- is automatically deducted credibility points.
I've been convicted of heresy. Convicted by a mere known extortionist. Read my Trust for details.
|
|
|
ErebusBat
|
|
October 19, 2012, 09:27:59 PM |
|
It is a little ironic that they don't store your password on their server and can't help me. Strange. I think you need to re-educate yourself with the meaning of irony: http://theoatmeal.com/comics/ironyIronic or not?: While your link provides a ready means of buying your new book, it lists no option to do so in bitcoin. (sorry for the thread derail) Especially considering the author is a bitcoiner.
|
|
|
|
Desolator
|
|
October 22, 2012, 03:33:58 AM |
|
Anyone using a 3rd party wallet host will get all their coins stolen, confiscated, or magically disappeared at some point. Nobody should use them, ever. It's safer, faster, and infinitely smarter to secure your own wallet file yourself.
|
|
|
|
dancupid
|
|
October 22, 2012, 04:09:11 PM |
|
Anyone using a 3rd party wallet host will get all their coins stolen, confiscated, or magically disappeared at some point. Nobody should use them, ever. It's safer, faster, and infinitely smarter to secure your own wallet file yourself.
They only host an encrypted wallet that is decrypted in the browser. They do not store any bitcoins. There is no difference in me using this service than using the official client - except it is much more functional and can be accessed from any computer. The same vigilance is necessary (key loggers etc) but blockchain wallet is worlds apart from the mybitcoin like websites that you have to trust to hold bitcoins for you. You remain in control - you hold all the private keys. How is using a browser interface any different than using a stand alone piece of software? - it's just a program running in the browser. You can even use it offline. It's open source and you can examine the code: https://github.com/blockchain
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1009
Newbie
|
|
October 25, 2012, 07:20:56 PM |
|
|
|
|
|
Desolator
|
|
November 01, 2012, 10:42:08 PM |
|
How is using a browser interface any different than using a stand alone piece of software?
This:
|
|
|
|
Raoul Duke
aka psy
Legendary
Offline
Activity: 1358
Merit: 1002
|
|
November 01, 2012, 11:31:44 PM |
|
How is using a browser interface any different than using a stand alone piece of software?
This: I wish I had 1 BTC for every time I saw a browser just like that one on someone elses' computer, mainly computers used by females lol
|
|
|
|
rebuilder
Legendary
Offline
Activity: 1615
Merit: 1000
|
|
November 02, 2012, 12:03:04 PM |
|
How is using a browser interface any different than using a stand alone piece of software?
This: If your browser looks like that, the rest of your OS isn't likely to be very secure, either.
|
Selling out to advertisers shows you respect neither yourself nor the rest of us. --------------------------------------------------------------- Too many low-quality posts? Mods not keeping things clean enough? Self-moderated threads let you keep signature spammers and trolls out!
|
|
|
Desolator
|
|
November 20, 2012, 05:37:28 AM |
|
I run a PC repair shop so I'm starting to feel like EVERYONE has MyWebSearch and Freeze and iLivid and Freeze. How fucking stupid are people?!
|
|
|
|
thebaron
|
|
November 20, 2012, 05:40:30 AM |
|
I run a PC repair shop so I'm starting to feel like EVERYONE has MyWebSearch and Freeze and iLivid and Freeze. How fucking stupid are people?!
You would not have as much business without their ineptness.
|
|
|
|
opentoe (OP)
Legendary
Offline
Activity: 1274
Merit: 1000
Personal text my ass....
|
|
January 26, 2013, 06:19:30 AM |
|
I am the original poster and pretty much lost all the funds that were in that blockchain wallet. I'm in my 40's and have worked my way up through the IT world and I'm very familiar with how things work and how important it is to have good, secure passwords. I have two factor authentication on all my banking sites and have "similar" passwords on all the sites with different variables. Lets just say the variables alone are more strong then most users regular passwords. It is very unlikely I lost or forgot my password. I've never done that in the 20+ years I've used passwords. Anyway, there wasn't much money in there to begin with, but it does make me wonder how it happened. Since then I've strictly used the old original bitcoin local wallet. Backup my wallet to several places, encrypt it the wallet itself, again and I've been safe ever since. Oh well, what can you do.
|
|
|
|
ninjaboon
Legendary
Offline
Activity: 2114
Merit: 1002
|
|
January 27, 2013, 12:02:20 AM |
|
I've been in the IT industry for 15 years and nowadays I use LastPass to generate random secure passwords.
|
|
|
|
justusranvier
Legendary
Offline
Activity: 1400
Merit: 1009
|
|
January 27, 2013, 12:15:29 AM |
|
The only thing that would make LastPass better is if they would accept bitcoin for their premium subscriptions.
|
|
|
|
wachtwoord
Legendary
Offline
Activity: 2324
Merit: 1125
|
|
January 27, 2013, 12:24:42 AM |
|
I wish I had 1 BTC for every time I saw a browser just like that one on someone elses' computer, mainly computers used by females lol
I find it quite impressive they are able to use such browsers. I doubt I would not be able to...
|
|
|
|
jubalix
Legendary
Offline
Activity: 2618
Merit: 1022
|
|
March 09, 2013, 04:15:40 AM |
|
I've been using Blockchain for a couple of months now. I've sent/received bitcoin on many occassions with no problems. All of sudden today I an unable to log in with my password. I am aware that Blockchain does not store your password locally so I wrote my password down on paper and put it in my safe. It is the same password I use on several of my banking sites, so I know the password well. For some reason I'm unable to log into my Blockchain account and there is no way they are able to help me!! I have this funny little feeling that they maybe have something to do with this. Since I'm unable to get to my money now and that account will just go stale I'm pretty sure that Blockchain will get that money eventually. Maybe they do this on purpose for random accounts? I'm %100 sure that I know my password. It is a little ironic that they don't store your password on their server and can't help me. Strange. So, if you have a lot of money tied up on Blockchain I would send it to your local wallet instead. I'm finding out that the best place to keep your bitcoin is your local wallet and NONE of these online places.
I use last pass that ensures my password is right
|
|
|
|
01BTC10
VIP
Hero Member
Offline
Activity: 756
Merit: 503
|
|
March 09, 2013, 04:25:49 AM |
|
Why use an online password manager when you can use http://keepass.info (Open source and free) and backup the encrypted password database on DropBox or GoogleDrive?
|
|
|
|
justusranvier
Legendary
Offline
Activity: 1400
Merit: 1009
|
|
March 09, 2013, 04:51:59 AM |
|
Why use an online password manager when you can use http://keepass.info (Open source and free) and backup the encrypted password database on DropBox or GoogleDrive? Because keepass doesn't work as well as LastPass when it comes to automatically and seamlessly keeping everything in sync between multiple desktop machines and a mobile device.
|
|
|
|
01BTC10
VIP
Hero Member
Offline
Activity: 756
Merit: 503
|
|
March 09, 2013, 05:04:26 AM |
|
DropBox and :
|
|
|
|
dmatthewstewart
|
|
March 10, 2013, 02:39:47 AM |
|
I've been using Blockchain for a couple of months now. I've sent/received bitcoin on many occassions with no problems. All of sudden today I an unable to log in with my password. I am aware that Blockchain does not store your password locally so I wrote my password down on paper and put it in my safe. It is the same password I use on several of my banking sites, so I know the password well. For some reason I'm unable to log into my Blockchain account and there is no way they are able to help me!! I have this funny little feeling that they maybe have something to do with this. Since I'm unable to get to my money now and that account will just go stale I'm pretty sure that Blockchain will get that money eventually. Maybe they do this on purpose for random accounts? I'm %100 sure that I know my password. It is a little ironic that they don't store your password on their server and can't help me. Strange. So, if you have a lot of money tied up on Blockchain I would send it to your local wallet instead. I'm finding out that the best place to keep your bitcoin is your local wallet and NONE of these online places.
They dont store the password for security purposes. This means that anyone that infiltrates their DB's can get all the identifiers they want but wont be able to do a damn thing with them other than look at them and wish they had a password
|
|
|
|
bitsource
Member
Offline
Activity: 96
Merit: 10
|
|
March 10, 2013, 03:59:50 PM |
|
I have used Blockchain for some time without any problems. They had a hic-up earlier - last week, but seem to be fixed. On the login problem, make sure you are not mixing up passwords if you have several wallets to log into. Check your wallet identifier and make sure it matches your pw.
|
32DgAoQRMAkqbaYhShLWQnFt4LWJhWe3Ba
|
|
|
jubalix
Legendary
Offline
Activity: 2618
Merit: 1022
|
|
March 11, 2013, 02:26:35 PM |
|
Anyone using a 3rd party wallet host will get all their coins stolen, confiscated, or magically disappeared at some point. Nobody should use them, ever. It's safer, faster, and infinitely smarter to secure your own wallet file yourself.
how? have the private key backed up
[2] My online wallet (blockchain.info) is encrypted with about 20 wordletter password and the sending of info is all opensource crypto
the worst that can happen is the online wallet service gets shut down, and they get a load of hashedupcryptobabble, and so I fire up bitcoin qt, elctum or whatever and carry on.
|
|
|
|
|