yingbb0301 (OP)
Full Member
Offline
Activity: 166
Merit: 100
Marshall Mathers
|
|
September 15, 2015, 05:06:43 PM |
|
The user must enter his bitcointalk address along with a signed message while signing up.And there should be an inbuilt message verifier.So that he could recover his account if it gets stolen or hacked by re-signing with the same address with the time stamp.
|
|
|
|
Cyrus
Ninja
Administrator
Legendary
Online
Activity: 3864
Merit: 3083
|
|
September 15, 2015, 06:57:18 PM |
|
I like this and hope something similar gets implemented. We know 2FA will definitely be added and IIRC there were talks about adding address signing to the list of 2FA solutions.
|
|
|
|
Vod
Legendary
Offline
Activity: 3794
Merit: 3107
Licking my boob since 1970
|
|
September 15, 2015, 08:42:21 PM |
|
The user must enter his bitcointalk address along with a signed message while signing up.And there should be an inbuilt message verifier.So that he could recover his account if it gets stolen or hacked by re-signing with the same address with the time stamp.
I cannot think of a better way to stifle forum growth than this idea! Maybe we should hide the domain name as well!
|
|
|
|
yingbb0301 (OP)
Full Member
Offline
Activity: 166
Merit: 100
Marshall Mathers
|
|
September 16, 2015, 10:38:04 AM Last edit: September 17, 2015, 02:45:42 PM by yingbb0301 |
|
The user must enter his bitcointalk address along with a signed message while signing up.And there should be an inbuilt message verifier.So that he could recover his account if it gets stolen or hacked by re-signing with the same address with the time stamp.
I cannot think of a better way to stifle forum growth than this idea! Maybe we should hide the domain name as well! How is it going to stifle up the forum? Its only going to add an extra layer for security. What if your email account gets hacked too and your address wasn't quoted by anyone? Then there would be no way to recover it. Unless the database has your address stored. I think you got the the idea in a wrong way.
|
|
|
|
shorena
Copper Member
Legendary
Offline
Activity: 1498
Merit: 1528
No I dont escrow anymore.
|
|
September 16, 2015, 08:38:22 PM |
|
Fancy auth methods are already in planing[1], but what exactly is a "bitcointalk address"? [1] https://bitcointalk.org/index.php?topic=523070.0
|
Im not really here, its just your imagination.
|
|
|
Welsh
Staff
Legendary
Offline
Activity: 3276
Merit: 4113
|
|
September 16, 2015, 10:47:21 PM |
|
I generally support the idea of adding 2 factor authentication, with signing a PGP/Bitcoin address. But, I don't think it shouldn't be forced upon the user when registering. It should be a optional feature. Majority of the users who sign up here are not only new to the forum, but new to cryptocurrency and Bitcoin. Therefore, they may not have a Bitcoin address, even though it's easy to get an address, I'm sure getting an address isn't going to be their main focus.
You've also got to consider, that some members are here to discuss and follow the technology, rather than trade. This has been displayed before when a few users have actually stated that they have no Bitcoin, but like to discuss and learn about Bitcoin. There's probably many reasons that I've not brought up, including the alt coin scene which I'm not going to get into here as you probably get my point by now.
|
|
|
|
btvGainer
Legendary
Offline
Activity: 854
Merit: 1000
|
|
September 16, 2015, 10:57:26 PM |
|
The user must enter his bitcointalk address along with a signed message while signing up.And there should be an inbuilt message verifier.So that he could recover his account if it gets stolen or hacked by re-signing with the same address with the time stamp.
Good idea but it should be allowed after sign up because many users who sign up for the first time no nothing about bitcoin address and how to get one
|
|
|
|
unholycactus
Legendary
Offline
Activity: 1078
Merit: 1024
|
|
September 16, 2015, 11:02:27 PM |
|
2FA with PGP or signed bitcoin messages is something I would very much like to see. It's something that has been mentioned in the past, but I don't think anybody is working on it.
|
|
|
|
Cyrus
Ninja
Administrator
Legendary
Online
Activity: 3864
Merit: 3083
|
|
September 17, 2015, 12:53:12 AM |
|
It's something that has been mentioned in the past, but I don't think anybody is working on it.
Not right now there isn't, as work on 2FA hasn't even been started yet afaik. But the complete product will have various authentication methods.
|
|
|
|
sorryforthat
|
|
September 17, 2015, 01:12:27 AM |
|
so would we be confined to just one address?
|
|
|
|
yingbb0301 (OP)
Full Member
Offline
Activity: 166
Merit: 100
Marshall Mathers
|
|
September 17, 2015, 02:45:01 PM |
|
The user must enter his bitcointalk address along with a signed message while signing up.And there should be an inbuilt message verifier.So that he could recover his account if it gets stolen or hacked by re-signing with the same address with the time stamp.
Good idea but it should be allowed after sign up because many users who sign up for the first time no nothing about bitcoin address and how to get one Then there should be a help button in the sign-up form.Which will guide them on "How to get your first BTC address". so would we be confined to just one address?
Nope. That BTC address will only be used for authentication.
|
|
|
|
Pips
Full Member
Offline
Activity: 168
Merit: 100
If life gives you lemons, make orange juice.
|
|
September 17, 2015, 06:45:53 PM |
|
so would we be confined to just one address?
Nope. That BTC address will only be used for authentication. So essentially you're making buying/selling of accounts pretty much impossible unless the seller gives the priv key along with the account? Which also means mostly accounts that were created for the sole intention of being sold would be sold.
|
If life gives you lemons, make orange juice and leave them wondering how you did it.
|
|
|
shorena
Copper Member
Legendary
Offline
Activity: 1498
Merit: 1528
No I dont escrow anymore.
|
|
September 17, 2015, 06:57:40 PM |
|
so would we be confined to just one address?
Nope. That BTC address will only be used for authentication. So essentially you're making buying/selling of accounts pretty much impossible unless the seller gives the priv key along with the account? Which also means mostly accounts that were created for the sole intention of being sold would be sold. I dont think the idea of any 2FA is that you can never change it. It wouldnt be the first time someone lost their phone.
|
Im not really here, its just your imagination.
|
|
|
Athertle
|
|
September 17, 2015, 10:48:08 PM |
|
so would we be confined to just one address?
Nope. That BTC address will only be used for authentication. So essentially you're making buying/selling of accounts pretty much impossible unless the seller gives the priv key along with the account? Which also means mostly accounts that were created for the sole intention of being sold would be sold. I dont think the idea of any 2FA is that you can never change it. It wouldnt be the first time someone lost their phone. Quick question: wouldn't that ruin the whole idea of the bitcoin verification? If an account was hacked, all the hacker would need to do is change the address and the original owner would have to do the whole bitcoin-signing-of-old-messages-containing-bitcoin-addresses thing.
|
|
|
|
yingbb0301 (OP)
Full Member
Offline
Activity: 166
Merit: 100
Marshall Mathers
|
|
September 18, 2015, 07:33:45 AM |
|
so would we be confined to just one address?
Nope. That BTC address will only be used for authentication. So essentially you're making buying/selling of accounts pretty much impossible unless the seller gives the priv key along with the account? Which also means mostly accounts that were created for the sole intention of being sold would be sold. Of course we can't stop this activity.As I said earlier it will only be used for authentication. so would we be confined to just one address?
Nope. That BTC address will only be used for authentication. So essentially you're making buying/selling of accounts pretty much impossible unless the seller gives the priv key along with the account? Which also means mostly accounts that were created for the sole intention of being sold would be sold. I dont think the idea of any 2FA is that you can never change it. It wouldnt be the first time someone lost their phone. Quick question: wouldn't that ruin the whole idea of the bitcoin verification? If an account was hacked, all the hacker would need to do is change the address and the original owner would have to do the whole bitcoin-signing-of-old-messages-containing-bitcoin-addresses thing. Naa.You won't be able to change the address.Just like you can't change your username.
|
|
|
|
gampher
|
|
September 18, 2015, 07:57:28 AM |
|
Naa.You won't be able to change the address.Just like you can't change your username.
I don't think the forum needs any extra security measures as of now ,also thermos dosent cares about account stuff as much as he cares about the forum ', I don't see abundant threads about hacked accounts in META too, its a different case if a legendary account is hacked.
|
|
|
|
shorena
Copper Member
Legendary
Offline
Activity: 1498
Merit: 1528
No I dont escrow anymore.
|
|
September 18, 2015, 09:11:48 AM |
|
so would we be confined to just one address?
Nope. That BTC address will only be used for authentication. So essentially you're making buying/selling of accounts pretty much impossible unless the seller gives the priv key along with the account? Which also means mostly accounts that were created for the sole intention of being sold would be sold. I dont think the idea of any 2FA is that you can never change it. It wouldnt be the first time someone lost their phone. Quick question: wouldn't that ruin the whole idea of the bitcoin verification? If an account was hacked, all the hacker would need to do is change the address and the original owner would have to do the whole bitcoin-signing-of-old-messages-containing-bitcoin-addresses thing. Well the other option is to ruin accounts just because someone lost access to their wallet. You cant have both. This is why I think it should be optional to use 2FA and to have maybe a 3rd (or more) auth option as fallback. E.g. 1st is user/pass 2nd is bitcoin signed message and 3rd is PGP signed. Login would be possible if 2 out of 3 are passed. The same way 2 out of 3 would allow to change any one of them, change the scheme (to e.g. 3 out of 17, 1 out of 2, etc.). I would think a forgotten password or a misplaced backup is more likely than a hack and the security mechanisms should not tunnel vision on a single issue (e.g. hacks).
|
Im not really here, its just your imagination.
|
|
|
joksim299
Legendary
Offline
Activity: 2184
Merit: 1014
Bitdice is scam scam scammmmmmmmmmmmmmmmmmmmmmmmmm
|
|
September 18, 2015, 04:19:49 PM |
|
I come up with the same idea. This would for sure prevent account hacking and make recovering a lost account easier.
|
..Stake.com.. | | | ▄████████████████████████████████████▄ ██ ▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄ ██ ▄████▄ ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██ ██████ ██ ██████████ ██ ██ ██████████ ██ ▀██▀ ██ ██ ██ ██████ ██ ██ ██ ██ ██ ██ ██████ ██ █████ ███ ██████ ██ ████▄ ██ ██ █████ ███ ████ ████ █████ ███ ████████ ██ ████ ████ ██████████ ████ ████ ████▀ ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██ ██ ▀▀▀▀▀▀▀▀▀▀ ██ ▀█████████▀ ▄████████████▄ ▀█████████▀ ▄▄▄▄▄▄▄▄▄▄▄▄███ ██ ██ ███▄▄▄▄▄▄▄▄▄▄▄▄ ██████████████████████████████████████████ | | | | | | ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄ █ ▄▀▄ █▀▀█▀▄▄ █ █▀█ █ ▐ ▐▌ █ ▄██▄ █ ▌ █ █ ▄██████▄ █ ▌ ▐▌ █ ██████████ █ ▐ █ █ ▐██████████▌ █ ▐ ▐▌ █ ▀▀██████▀▀ █ ▌ █ █ ▄▄▄██▄▄▄ █ ▌▐▌ █ █▐ █ █ █▐▐▌ █ █▐█ ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█ | | | | | | ▄▄█████████▄▄ ▄██▀▀▀▀█████▀▀▀▀██▄ ▄█▀ ▐█▌ ▀█▄ ██ ▐█▌ ██ ████▄ ▄█████▄ ▄████ ████████▄███████████▄████████ ███▀ █████████████ ▀███ ██ ███████████ ██ ▀█▄ █████████ ▄█▀ ▀█▄ ▄██▀▀▀▀▀▀▀██▄ ▄▄▄█▀ ▀███████ ███████▀ ▀█████▄ ▄█████▀ ▀▀▀███▄▄▄███▀▀▀ | | | ..PLAY NOW.. |
|
|
|
Hugroll
|
|
September 18, 2015, 04:30:12 PM |
|
The user must enter his bitcointalk address along with a signed message while signing up.And there should be an inbuilt message verifier.So that he could recover his account if it gets stolen or hacked by re-signing with the same address with the time stamp.
sounds like a good idea, it would also stop the buying/selling of accounts, because no one would buy an account as the owner would be able to recover it so easily.
|
|
|
|
joksim299
Legendary
Offline
Activity: 2184
Merit: 1014
Bitdice is scam scam scammmmmmmmmmmmmmmmmmmmmmmmmm
|
|
September 18, 2015, 04:58:47 PM |
|
The user must enter his bitcointalk address along with a signed message while signing up.And there should be an inbuilt message verifier.So that he could recover his account if it gets stolen or hacked by re-signing with the same address with the time stamp.
sounds like a good idea, it would also stop the buying/selling of accounts, because no one would buy an account as the owner would be able to recover it so easily. This won't stop account buying/selling, users usually sell private key along with the account.
|
..Stake.com.. | | | ▄████████████████████████████████████▄ ██ ▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄ ██ ▄████▄ ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██ ██████ ██ ██████████ ██ ██ ██████████ ██ ▀██▀ ██ ██ ██ ██████ ██ ██ ██ ██ ██ ██ ██████ ██ █████ ███ ██████ ██ ████▄ ██ ██ █████ ███ ████ ████ █████ ███ ████████ ██ ████ ████ ██████████ ████ ████ ████▀ ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██ ██ ▀▀▀▀▀▀▀▀▀▀ ██ ▀█████████▀ ▄████████████▄ ▀█████████▀ ▄▄▄▄▄▄▄▄▄▄▄▄███ ██ ██ ███▄▄▄▄▄▄▄▄▄▄▄▄ ██████████████████████████████████████████ | | | | | | ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄ █ ▄▀▄ █▀▀█▀▄▄ █ █▀█ █ ▐ ▐▌ █ ▄██▄ █ ▌ █ █ ▄██████▄ █ ▌ ▐▌ █ ██████████ █ ▐ █ █ ▐██████████▌ █ ▐ ▐▌ █ ▀▀██████▀▀ █ ▌ █ █ ▄▄▄██▄▄▄ █ ▌▐▌ █ █▐ █ █ █▐▐▌ █ █▐█ ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█ | | | | | | ▄▄█████████▄▄ ▄██▀▀▀▀█████▀▀▀▀██▄ ▄█▀ ▐█▌ ▀█▄ ██ ▐█▌ ██ ████▄ ▄█████▄ ▄████ ████████▄███████████▄████████ ███▀ █████████████ ▀███ ██ ███████████ ██ ▀█▄ █████████ ▄█▀ ▀█▄ ▄██▀▀▀▀▀▀▀██▄ ▄▄▄█▀ ▀███████ ███████▀ ▀█████▄ ▄█████▀ ▀▀▀███▄▄▄███▀▀▀ | | | ..PLAY NOW.. |
|
|
|
|