Bitcoin Forum
December 10, 2016, 11:05:47 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Someone changed my BTCguild wallet address.  (Read 4077 times)
nemo
Sr. Member
****
Offline Offline

Activity: 434


View Profile
June 22, 2011, 12:45:56 AM
 #1

Thank god for their optional 24 hour lock that I set up. My username is on the MTGox password list, but my password wasn't the same. Has anyone else noticed suspicious activity?
1481367947
Hero Member
*
Offline Offline

Posts: 1481367947

View Profile Personal Message (Offline)

Ignore
1481367947
Reply with quote  #2

1481367947
Report to moderator
1481367947
Hero Member
*
Offline Offline

Posts: 1481367947

View Profile Personal Message (Offline)

Ignore
1481367947
Reply with quote  #2

1481367947
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481367947
Hero Member
*
Offline Offline

Posts: 1481367947

View Profile Personal Message (Offline)

Ignore
1481367947
Reply with quote  #2

1481367947
Report to moderator
1481367947
Hero Member
*
Offline Offline

Posts: 1481367947

View Profile Personal Message (Offline)

Ignore
1481367947
Reply with quote  #2

1481367947
Report to moderator
1481367947
Hero Member
*
Offline Offline

Posts: 1481367947

View Profile Personal Message (Offline)

Ignore
1481367947
Reply with quote  #2

1481367947
Report to moderator
RyNinDaCleM
Legendary
*
Offline Offline

Activity: 2002


Legen -wait for it- dary


View Profile
June 22, 2011, 01:45:37 AM
 #2

I'd recommend you change your PW to something 16+ chars using uppercase, lowercase, numbers, and symbols!

nemo
Sr. Member
****
Offline Offline

Activity: 434


View Profile
June 22, 2011, 02:20:30 AM
 #3

It was a weakass password. I'm going to take my favorite book and flip the page to my lucky number. Then I'll take the first letter of every line and combine them until I have 16. Otherwise I know my lazy ass would keep the password written down or even stored on my computer somewhere. With a 16 letter password, are the numbers and symbols necessary?
lemonginger
Full Member
***
Offline Offline

Activity: 210


firstbits: 121vnq


View Profile
June 22, 2011, 04:56:24 AM
 #4

just use a password generator and safe.

too easy to fallback to using "default" passwords across sites otherwise.
eleuthria
Legendary
*
Offline Offline

Activity: 1750


BTC Guild Owner


View Profile WWW
June 22, 2011, 05:35:41 AM
 #5

To date, only a few accounts at BTC Guild have had funds taken from them.  In all cases it was an MtGox user.  So far every case has fallen into one of three scenarios.

1) Email was shared between BTC Guild and MtGox and the email shared the MtGox password, which was used to reset the BTC Guild password.
2) The password was the same with the number '1' either added to or taken off the password.
3) The password was the exact same between the two sites.


I've had a notice placed on the site within minutes of the leaked database, and the payout lock feature would have prevented every single one of them from happening if users turned it on.  This is why the Payout Lock bugs you to be enabled until you explicitly decide to hide the warnings.

R.I.P. BTC Guild, 2011 - 2015.
BTC Guild Forum Thread
Shevek
Sr. Member
****
Offline Offline

Activity: 252



View Profile
June 22, 2011, 08:59:38 AM
 #6

Take a look at this: http://world.std.com/~reinhold/diceware.html

Proposals for improving bitcoin are like asses: everybody has one
1SheveKuPHpzpLqSvPSavik9wnC51voBa
Yatta99
Member
**
Offline Offline

Activity: 84


I need an new box...


View Profile
June 22, 2011, 04:31:23 PM
 #7

To date, only a few accounts at BTC Guild have had funds taken from them.  In all cases it was an MtGox user.  So far every case has fallen into one of three scenarios.

1) Email was shared between BTC Guild and MtGox and the email shared the MtGox password, which was used to reset the BTC Guild password.
2) The password was the same with the number '1' either added to or taken off the password.
3) The password was the exact same between the two sites.


I've had a notice placed on the site within minutes of the leaked database, and the payout lock feature would have prevented every single one of them from happening if users turned it on.  This is why the Payout Lock bugs you to be enabled until you explicitly decide to hide the warnings.

First, great work over the last 2 weeks  Cheesy Cheesy Cheesy Not quite sure how you stayed sane through it all  Grin

Now, several suggestions that everyone will probably hate:
- make the account lockout feature default to ON instead of OFF when you create an account and have a final 24 hour lockout when you turn it off.
- require a second password, different from the account password, to request a payout.

Anyway, keep up the great work  Cool

Tips for new box to: 16s14wcsNo5TcdsGLttL7B1XWiCv8E4L6A
bitcoin0918
Jr. Member
*
Offline Offline

Activity: 56



View Profile
June 22, 2011, 04:50:24 PM
 #8

If you tend toward "weakass passwords", you may want to use a pool that doesn't even have accounts, and instead your wallet address is your username. That way there is no way they can screw you over, unless they get the wallet.dat from your computer, or change your mining client.

"So you think that money is the root of all evil?" said Francisco d'Aconia. "Have you ever asked what is the root of money?" [contd.]
PcChip
Sr. Member
****
Offline Offline

Activity: 294



View Profile
June 22, 2011, 05:35:23 PM
 #9

Here's an interesting note:  After first installing BitCoin, I've always only used the address that was generated for me by the client, but when I actually paid attention to the addresses, the payout address across slush's pool, deepbit, and BTCGuild are all different for me!  So at first I thought I had been hacked and the payout's changed, but upon further inspection (scrolling down the payment history in the client) they all belonged to me!  How did different addresses get generated for me when I never clicked "Generate New Address" ?

All rates with Phoenix 1.50 / PhatK
------------------------------------------------------------------------------------------------------------------------------
5850 - 400 MH/s  |  5850 - 355 MH/s | 5830 - 310 MH/s  |  GTX570 - 115 MH/s | 5770 - 210 MH/s | 5770 - 200 MH/s
wolftaur
Member
**
Offline Offline

Activity: 112


View Profile
June 22, 2011, 05:40:47 PM
 #10

Here's an interesting note:  After first installing BitCoin, I've always only used the address that was generated for me by the client, but when I actually paid attention to the addresses, the payout address across slush's pool, deepbit, and BTCGuild are all different for me!  So at first I thought I had been hacked and the payout's changed, but upon further inspection (scrolling down the payment history in the client) they all belonged to me!  How did different addresses get generated for me when I never clicked "Generate New Address" ?

The client automatically makes you a new address, whether you ask it to or not, when you receive coins at the address currently selected and displayed in the client's main window.

It's because you're supposed to use different receiving addresses for everything to be able to keep track of what you got from where.

"MOOOOOOOM! SOME MYTHICAL WOLFBEAST GUY IS MAKING FUN OF ME ON THE INTERNET!!!!"
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!