Bitcoin Forum
November 16, 2024, 01:30:44 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: An idea to secure online platforms  (Read 784 times)
Birdy (OP)
Sr. Member
****
Offline Offline

Activity: 364
Merit: 250



View Profile
April 17, 2013, 03:12:21 PM
Last edit: April 17, 2013, 05:58:20 PM by Birdy
 #1

I have an idea to make online platforms more secure against hacking attempts:

The user setups a fixed outgoing Bitcoin adress.
Whenever he wants to receive funds, it can only go to this adress.
He is able to change this adress, BUT it takes a set amount of time until the new adress is accepted and the user also get notified about this change (mail, sms whatever).

If your account is hacked, because your password was stolen, the hacker cannot do a thing to your money.
(In case of exchange platforms, he still is able to do some damage, but at least it's a bit harder)


Some more deails:
If you want to let the user choose the amount of time, changing this will also take effect according to the old timer.
If the mailadress/mobile number is changed, there also needs to be notification to the old adresses.
You could also allow more than one adress, if you apply the same rules to them.

-> The idea is simple, easy and cheap to implement and offers a great deal of security, while giving the user nearly no trouble.

(If you use this idea to a success, tip me a good deal xD)
empoweoqwj
Hero Member
*****
Offline Offline

Activity: 518
Merit: 500


View Profile
April 17, 2013, 03:15:36 PM
 #2

Simpler idea - don't store your bitcoins online
Birdy (OP)
Sr. Member
****
Offline Offline

Activity: 364
Merit: 250



View Profile
April 17, 2013, 03:30:21 PM
Last edit: April 17, 2013, 04:02:09 PM by Birdy
 #3

Simpler idea - don't store your bitcoins online
Even simpler idea - have no money *facepalm*

There are lot of reason to have some online.
Also this method should be quite secure.

You could also use it for the fiat money accounts.
Birdy (OP)
Sr. Member
****
Offline Offline

Activity: 364
Merit: 250



View Profile
April 17, 2013, 05:29:54 PM
Last edit: April 17, 2013, 08:08:28 PM by Birdy
 #4

shameless bump
Birdy (OP)
Sr. Member
****
Offline Offline

Activity: 364
Merit: 250



View Profile
April 17, 2013, 09:21:30 PM
 #5

Ok, there is one disadvantage, if you want to send those coins to someone else, you will have to wait two times for transaction.
But I still think it would be a pretty strong optional security feature, there are a lot of people that are satisfied with sending the coints to some fixed adresses.
TiagoTiago
Hero Member
*****
Offline Offline

Activity: 616
Merit: 500


Firstbits.com/1fg4i :)


View Profile
April 17, 2013, 09:32:25 PM
 #6

Ok, there is one disadvantage, if you want to send those coins to someone else, you will have to wait two times for transaction.
But I still think it would be a pretty strong optional security feature, there are a lot of people that are satisfied with sending the coints to some fixed adresses.
It also reduces the usefulness of online wallets a lot. I mean, if you can't send money to anyone else, even people on the same service, it's almost like your online wallet isn't online at all, but on a flash drive cleverly hidden somewhere in your kitchen...

(I dont always get new reply notifications, pls send a pm when you think it has happened)

Wanna gimme some BTC/BCH for any or no reason? 1FmvtS66LFh6ycrXDwKRQTexGJw4UWiqDX Smiley

The more you believe in Bitcoin, and the more you show you do to other people, the faster the real value will soar!

Do you like mmmBananas?!
Birdy (OP)
Sr. Member
****
Offline Offline

Activity: 364
Merit: 250



View Profile
April 17, 2013, 09:47:48 PM
 #7

Ok, there is one disadvantage, if you want to send those coins to someone else, you will have to wait two times for transaction.
But I still think it would be a pretty strong optional security feature, there are a lot of people that are satisfied with sending the coints to some fixed adresses.
It also reduces the usefulness of online wallets a lot. I mean, if you can't send money to anyone else, even people on the same service, it's almost like your online wallet isn't online at all, but on a flash drive cleverly hidden somewhere in your kitchen...

Well, if you have this is as nonmandatory option, then your onlinewallet can be both. You could have one wallet with more flexibilaty and/or one with more safety.
This is desireable, isn't it?
aes1
Member
**
Offline Offline

Activity: 66
Merit: 10



View Profile
April 18, 2013, 06:24:08 AM
 #8

It like the idea.

That's also how the majority of Finnish money-handling companies (such as stock trading services and investment banks) operate with bank accounts: you have to register a withdrawal account that is only changeable by a stronger method of authentication than usual.

Of course, I'm all for letting the user decide the balance of security vs. convenience. But it's the service's responsibility to remind the user that relying on a password only is a bad idea. Java applet vulnerabilities, stolen password databases, keyloggers, man-in-the-middle attacks, DNS spoofing... the risks are quite real.
aes1
Member
**
Offline Offline

Activity: 66
Merit: 10



View Profile
April 18, 2013, 06:28:14 AM
 #9

It also reduces the usefulness of online wallets a lot. I mean, if you can't send money to anyone else, even people on the same service, it's almost like your online wallet isn't online at all, but on a flash drive cleverly hidden somewhere in your kitchen...

Well, if you have this is as nonmandatory option, then your onlinewallet can be both. You could have one wallet with more flexibilaty and/or one with more safety.
This is desireable, isn't it?

Actually, now that I think again... Suppose you decide to hack into and steal money from an online wallet service. Which is a more likely target: an online wallet with mandatory secure measures, or one without them?
Birdy (OP)
Sr. Member
****
Offline Offline

Activity: 364
Merit: 250



View Profile
April 18, 2013, 10:00:12 PM
 #10

It also reduces the usefulness of online wallets a lot. I mean, if you can't send money to anyone else, even people on the same service, it's almost like your online wallet isn't online at all, but on a flash drive cleverly hidden somewhere in your kitchen...

Well, if you have this is as nonmandatory option, then your onlinewallet can be both. You could have one wallet with more flexibilaty and/or one with more safety.
This is desireable, isn't it?

Actually, now that I think again... Suppose you decide to hack into and steal money from an online wallet service. Which is a more likely target: an online wallet with mandatory secure measures, or one without them?


Well that's a trade security vs useability (dunnow if it's worth it or not, maybe).
It could be the standard option - so most users would have it on and only some that dislike it don't have it, if it's mandatory some users might dislike this due to having to send BC two times.
Or there could be other methods offered for those who don't like it (people love having a choice ^^)

 
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!