Bitcoin Forum
September 23, 2018, 01:40:22 AM *
News: ♦♦ New info! Bitcoin Core users absolutely must upgrade to previously-announced 0.16.3 [Torrent]. All Bitcoin users should temporarily trust confirmations slightly less. More info.
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 [4]  All
  Print  
Author Topic: Hundreds of thousand of bitcointalk accounts hacked  (Read 8482 times)
hilariousetc
Legendary
*
Offline Offline

Activity: 980
Merit: 1356


highly educated moran


View Profile
August 18, 2018, 04:37:48 PM
 #61

If the hacking cause has already been identified what the hell the Theymos / Cyrus are waiting for to address it then fix it ??. it is not a matter if we the users have a "weak password" it is a matter of how the admins store our passwords because they shouldn't store the passwords themselves, they could hire Google, Amazon or any other service to handle user authentication. If they dislike trusting 3rd parties then they should follow some tutorial about hashing + salting , this way the hacker couldn't brute force the database. Using a strong hashing algorithm combined with another complicated salting algorithm should be incredible difficult to hack, not to mention if they enable 2FA to all of us. This way even those phishing sites wouldn't catch us. Here some video about the subject: YouTube hope someone shares it to them.



They fixed it. They can't do anything about those that didn't change their passwords, but there are auto-lock features for accounts that have remained long-dormant and suddenly reactivate. And trusting a third party is how the passwords were lost. The hacker gained access via the hosting service by social engineering. The passwords were also hashed and salted, but those with weak passwords were bruteforced and broken over time. There's more about the hack at the following link with what happened: https://bitcointalk.org/index.php?topic=1067985.msg11445725#msg11445725

Also, several 2-fa options will be available on the new forum software. There has been a sort of 2f option implemented here though in that now you can lock your account via an email once the details have been changed. It's not ideal but it's better than nothing.

1537666822
Hero Member
*
Offline Offline

Posts: 1537666822

View Profile Personal Message (Offline)

Ignore
1537666822
Reply with quote  #2

1537666822
Report to moderator
1537666822
Hero Member
*
Offline Offline

Posts: 1537666822

View Profile Personal Message (Offline)

Ignore
1537666822
Reply with quote  #2

1537666822
Report to moderator
1537666822
Hero Member
*
Offline Offline

Posts: 1537666822

View Profile Personal Message (Offline)

Ignore
1537666822
Reply with quote  #2

1537666822
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
TalkStar
Copper Member
Member
**
Offline Offline

Activity: 80
Merit: 18


View Profile
August 18, 2018, 04:54:45 PM
 #62

Hacking accounts has already been an rising issue worldwide. Not only bitcointalk accounts hacked but also many crypto currency exchanges hacked and hackers steal big amount of BTC & ETH. Most of the time hackers use phising site link to make  entry to the account. Nowadays DDOS attack also been  popular. Its another way to disable website security. Many sites integrated many security options to get rid of hacking such as 2fa with sending codes to users email and some are using mobile phone verification method too. But honestly if an user care little about phising site before login to their account and make a regular routine to change password.

Lets work together to make bitcointalk scam free
edwardceng
Member
**
Offline Offline

Activity: 266
Merit: 42


View Profile
August 18, 2018, 04:55:42 PM
 #63

Quote
Alright then tell them to create some basic script to check how strong the chosen password is!
If this's a suggestion, then a good to apply in a forum by adding information about the password used when registering. Maybe trusted members (hilariousetc) like you can discuss (PM) with theymos about this.

Pages: « 1 2 3 [4]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!