Bitcoin Forum
December 09, 2016, 04:00:13 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 3 »  All
  Print  
Author Topic: MtGox claim site online  (Read 4457 times)
Kuber
Newbie
*
Offline Offline

Activity: 25


View Profile
June 21, 2011, 04:19:42 PM
 #1

Hey,

just wanted to say that you can claim your MtGox account back:

https://claim.mtgox.com/

Seems that the MtGox staff will check every single account, oh boy.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481256013
Hero Member
*
Offline Offline

Posts: 1481256013

View Profile Personal Message (Offline)

Ignore
1481256013
Reply with quote  #2

1481256013
Report to moderator
1481256013
Hero Member
*
Offline Offline

Posts: 1481256013

View Profile Personal Message (Offline)

Ignore
1481256013
Reply with quote  #2

1481256013
Report to moderator
1481256013
Hero Member
*
Offline Offline

Posts: 1481256013

View Profile Personal Message (Offline)

Ignore
1481256013
Reply with quote  #2

1481256013
Report to moderator
demonofelru
Full Member
***
Offline Offline

Activity: 238



View Profile
June 21, 2011, 04:23:21 PM
 #2

Mine says "The password for this account is invalid, or this account is not currently under claim process."  I don't know if that means my account password was strong enough, because it definitely is the right password.  Anybody have this happen?

Names do not matter; however, if you insist...id...
JBDive
Full Member
***
Offline Offline

Activity: 238


View Profile
June 21, 2011, 04:35:48 PM
 #3

Not sure what his process is or what he considered strong passwords however I feel my prior password was strong enough for general use such as this while my Truecrypt and PGP passphrases are 27 characters long I don't see the need to input passwords longer than 8-10 characters on Gox if the hash is salted and protected. From a security standpoint when I deal with users if the requirement for long and strong passwords is to great they will just store those passwords in an unsafe manner (post it note on monitor). In this case I had to go with something a bit more complex than I normally use so thank you RoboForm but I suspect many users will end up creating a text file with all their passwords and probably name it "passwords.txt"

Now what gets me is how poorly banks are setup when it comes to password access. My primary bank will only take 8 alpha characters, no numeric or symbols and the last time I checked capitalization did not matter meaning they don't hash anything.

If they are going to verify each account based on proof using past IP address tables or balance inquiries they have a long road ahead.
typhon
Newbie
*
Offline Offline

Activity: 10


View Profile
June 21, 2011, 05:13:12 PM
 #4

It rejected what I would consider a very strong password ... I hope they understand that making passwords harder just encourages people to write them down, which is actually less secure in the long run.  You figure since they took so long to fix it; they would at least do it right instead of going nuts. FAIL.
andyb
Newbie
*
Offline Offline

Activity: 18


View Profile
June 21, 2011, 05:14:27 PM
 #5

mine also says "The password for this account is invalid, or this account is not currently under claim process."


I've been waiting since last night to log in, slept only 4 hours, WTF?
ananas5
Newbie
*
Offline Offline

Activity: 28


View Profile
June 21, 2011, 05:16:51 PM
 #6

Mine also said that until I remembered the right old password.

If you liked my post, you are free to donate: 17edqFhWUTMthCoLxXNzAxnes8roNLUcik
Thank you.
Technopope
Newbie
*
Offline Offline

Activity: 10


View Profile
June 21, 2011, 05:47:53 PM
 #7

Seems that the MtGox staff will check every single account, oh boy.


Yes, it looks like that: "Your account recovery request is pending review by our staff."

With over 61,000 accounts that could take a while.

If they took only one minute to validate each account, that would be over 1000 man-hours, or over 42 days. Hopefully there is a team of workers or an automated system in development.
drrussellshane
Hero Member
*****
Offline Offline

Activity: 548


View Profile WWW
June 21, 2011, 05:54:51 PM
 #8

I claimed my account, but if MTGOX expects me to jump through any hoops, I'd request they close and delete my account (I never had a transaction anyway).

I am weary of them having access to ANY of my information (no offense to them, I just don't really want my day-to-day email spammed or worse).



Buy a TREZOR! Premier BTC hardware wallet. If you're reading this, you should probably buy one if you don't already have one. You'll thank me later.
kjj
Legendary
*
Offline Offline

Activity: 1302



View Profile
June 21, 2011, 06:12:11 PM
 #9

It rejected what I would consider a very strong password ... I hope they understand that making passwords harder just encourages people to write them down, which is actually less secure in the long run.  You figure since they took so long to fix it; they would at least do it right instead of going nuts. FAIL.

Someone can't look at a written password over the internet.

I actually encourage people to use strong passwords and write them down.  I just make sure that they understand that the proper place to store the paper with the password is with their other small, valuable pieces of paper, in their wallet.

p2pcoin: a USB/CD/PXE p2pool miner - 1N8ZXx2cuMzqBYSK72X4DAy1UdDbZQNPLf - todo
I routinely ignore posters with paid advertising in their sigs.  You should too.
tomcollins
Full Member
***
Offline Offline

Activity: 182


View Profile
June 21, 2011, 06:25:50 PM
 #10

It rejected what I would consider a very strong password ... I hope they understand that making passwords harder just encourages people to write them down, which is actually less secure in the long run.  You figure since they took so long to fix it; they would at least do it right instead of going nuts. FAIL.

Someone can't look at a written password over the internet.

I actually encourage people to use strong passwords and write them down.  I just make sure that they understand that the proper place to store the paper with the password is with their other small, valuable pieces of paper, in their wallet.
They can with a keylogger.
qed
Full Member
***
Offline Offline

Activity: 196


View Profile
June 21, 2011, 06:34:58 PM
 #11

All the informations needed to claim the account are publicly available. This will be fun.

Mobile App (Android)

Monitor miners, exchange rates and Bitcoin network stats.
ananas5
Newbie
*
Offline Offline

Activity: 28


View Profile
June 21, 2011, 06:38:47 PM
 #12

All the informations needed to claim the account are publicly available. This will be fun.
What??  Huh

If you liked my post, you are free to donate: 17edqFhWUTMthCoLxXNzAxnes8roNLUcik
Thank you.
duran
Newbie
*
Offline Offline

Activity: 18


Professional Slacker


View Profile
June 21, 2011, 06:44:54 PM
 #13

so because all the hashed passwords and emails were leaked. mtgox is going to authenticate accounts through emails...by entering the old password. and a new password...

soooo fucking stupid.

This goes far beyond, one account, a measly $1k, and a user database. this is means anyone who used the same password for their email could have the passwords to other accounts recovered to the email without knowing the original. so get access to the email. find where they have accounts. paypal, bitmarket, banks, this forum, their mining sites, dating sites, dwolla, liberty reserve, everything. they might of sent a an ecrypted zip of their wallet to themselves via their email. they might of had a very important conversation with someone. money pak numbers in emails. endless possibilities. amazon accounts, ebay, godaddy, ect ect ect. this spiderwebs out.

even lulzier is bitcoin is a community of people who mine by decoding hashes. someone with a killer mining set up could rainbow table the shit out of any encryption.  md5 encryptions can be easily cracked by morons via sites like md5decrypter.co.uk and the freebsdmd5 hashes by process's like this http://hansatan.com/?d=jtrguide

So theyre going to dictate the price at 17.50 when the exchange comes back.  who values this shit at $17 right now? someone bought a fuckload for penny each. and were supposed to buy at $17.50. i mean thats all fine and dandy for everyone getting out of bitcoins, but thats no good for the market in general.

mtgox is a buncha fuckups who lost lots of people alot of money, set back a revolution and wont take responsibility for handing out the database to an auditor for reasons unknown. i know what auditors do, no reason for him to have emails and logins. fucking morons down at mtgox have fucked up big time. They really need to pay for all damages and fuck off the internet.

Jack of Diamonds
Sr. Member
****
Offline Offline

Activity: 252



View Profile
June 21, 2011, 06:45:08 PM
 #14

All the informations needed to claim the account are publicly available. This will be fun.
What??  Huh

It's in the accounts list.
If someone was dumb enough to use a simple password on both their Mt. Gox and email account, then all the attacker needs is that info.

Add to that the fact gmail shows the last visible IP's, the attacker can just gain a local proxy in your country after a quick WHOIS search and obtain a higher probability of recovering your account.

1f3gHNoBodYw1LLs3ndY0UanYB1tC0lnsBec4USeYoU9AREaCH34PBeGgAR67fx
qed
Full Member
***
Offline Offline

Activity: 196


View Profile
June 21, 2011, 06:46:36 PM
 #15

All the informations needed to claim the account are publicly available. This will be fun.
What??  Huh

The username, email and old hashed password has been posted on the forum and not deleted even if i contacted 3 times the admin.

EDIT: The second step is allowing you to submit a proof of the ownership.

Mobile App (Android)

Monitor miners, exchange rates and Bitcoin network stats.
kjj
Legendary
*
Offline Offline

Activity: 1302



View Profile
June 21, 2011, 06:49:09 PM
 #16

It rejected what I would consider a very strong password ... I hope they understand that making passwords harder just encourages people to write them down, which is actually less secure in the long run.  You figure since they took so long to fix it; they would at least do it right instead of going nuts. FAIL.

Someone can't look at a written password over the internet.

I actually encourage people to use strong passwords and write them down.  I just make sure that they understand that the proper place to store the paper with the password is with their other small, valuable pieces of paper, in their wallet.
They can with a keylogger.

This doesn't change the relative security of written vs. unwritten passwords.

p2pcoin: a USB/CD/PXE p2pool miner - 1N8ZXx2cuMzqBYSK72X4DAy1UdDbZQNPLf - todo
I routinely ignore posters with paid advertising in their sigs.  You should too.
chungenhung
Legendary
*
Offline Offline

Activity: 1134


View Profile
June 21, 2011, 06:52:21 PM
 #17

what's even worse, i put in a new password, and it says it is not secure enough.
It contains number, lower case letter, upper case letter, symbol, special character.
Are they asking for arabic characters combined with korean and russian characters??

Trading MtGox USD for Dwolla/ACH deposit/Chase cash deposit
https://bitcointalk.org/index.php?topic=90115.0
Buy/Sell Call/Put Bitcoin options https://bitcointalk.org/index.php?topic=99853.0
qed
Full Member
***
Offline Offline

Activity: 196


View Profile
June 21, 2011, 06:56:53 PM
 #18

what's even worse, i put in a new password, and it says it is not secure enough.
It contains number, lower case letter, upper case letter, symbol, special character.
Are they asking for arabic characters combined with korean and russian characters??

Same issue here.

Mobile App (Android)

Monitor miners, exchange rates and Bitcoin network stats.
chungenhung
Legendary
*
Offline Offline

Activity: 1134


View Profile
June 21, 2011, 06:58:43 PM
 #19

And now it says "The password for this account is invalid, or this account is not currently under claim process."
With no further instruction.
Are they forcing us to file case in small claims courts?
I really smell a huge lawsuit going their way.

Also, I've submitted a few support requests PRIOR to the attack, and NONE ever got a reply back.
So I guess I might be forced to file a suit

Trading MtGox USD for Dwolla/ACH deposit/Chase cash deposit
https://bitcointalk.org/index.php?topic=90115.0
Buy/Sell Call/Put Bitcoin options https://bitcointalk.org/index.php?topic=99853.0
dserrano5
Legendary
*
Offline Offline

Activity: 1638



View Profile
June 21, 2011, 07:08:58 PM
 #20

Yes, it looks like that: "Your account recovery request is pending review by our staff."

Interesting. I didn't get that, or any error—I was redirected to the same step 2/2 again. Actually submitted the form twice just in case...

Pages: [1] 2 3 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!