Bitcoin Forum
October 22, 2018, 08:07:42 PM *
News: Make sure you are not using versions of Bitcoin Core other than 0.17.0 [Torrent], 0.16.3, 0.15.2, or 0.14.3. More info.
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 [3]  All
  Print  
Author Topic: Email security notifications  (Read 3137 times)
Quickseller
Copper Member
Legendary
*
Offline Offline

Activity: 1568
Merit: 1186


View Profile WWW
June 09, 2018, 04:52:00 AM
 #41

OP, what happens after the account is unlocked by the admin ? What will be the email id in that account - earlier one or the one that hacker used?
It will be the one the hacker used. This allows it so even if an admin recovers an account the hacker still has access to the account. /s

3PjXm2XYDKLV5mN3oiKzNTyVvSkqP3ujeq <-- tipping address Advertise here
1540238862
Hero Member
*
Offline Offline

Posts: 1540238862

View Profile Personal Message (Offline)

Ignore
1540238862
Reply with quote  #2

1540238862
Report to moderator
1540238862
Hero Member
*
Offline Offline

Posts: 1540238862

View Profile Personal Message (Offline)

Ignore
1540238862
Reply with quote  #2

1540238862
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
digaran
Hero Member
*****
Offline Offline

Activity: 910
Merit: 611

111113DUwES2ZNWSJztA3oBuhzfcdmiaG


View Profile
June 09, 2018, 05:40:52 AM
 #42

OP, what happens after the account is unlocked by the admin ? What will be the email id in that account - earlier one or the one that hacker used?
It will be the one the hacker used. This allows it so even if an admin recovers an account the hacker still has access to the account. /s

Here we have yet another admin wannabe. great. Wink

HOWEYCOINS   ▮      Excitement and         ⭐  ● TWITTER  ● FACEBOOK   ⭐      
  ▮    guaranteed returns                 ●TELEGRAM                         
  ▮  of the travel industry
    ⭐  ●Ann Thread ●Instagram   ⭐ 
✅    U.S.Sec    ➡️
✅  approved!  ➡️
krishnaverma
Member
**
Offline Offline

Activity: 336
Merit: 57

★Bitvest.io★ Play Plinko or Invest!


View Profile
June 11, 2018, 04:45:06 PM
 #43

OP is admin Roll Eyes

Based on this sticky post on this section, you will ask signed message with your new email address.
https://bitcointalk.org/index.php?topic=497545.0

1) I know that. What difference does it make to how should I address him ?

2) I know the process to recover as well. I am asking about specific thing not mentioned in that thread.


OP, what happens after the account is unlocked by the admin ? What will be the email id in that account - earlier one or the one that hacker used?
It will be the one the hacker used. This allows it so even if an admin recovers an account the hacker still has access to the account. /s

So, what stops the hacker to gain access back to the account ? Still waiting for an official reply on this.

▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ ★ ★ ★ ★ ★ ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
PLINKO    |7| SLOTS     (+) ROULETTE    ▼ BIT SPINBITVESTPLAY or INVEST ║ ✔ Rainbot  ✔ Happy Hours  ✔ Faucet
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ ★ ★ ★ ★ ★ ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
actmyname
Copper Member
Legendary
*
Offline Offline

Activity: 1204
Merit: 1295


welcome to my minecraft let's play


View Profile WWW
June 11, 2018, 09:49:38 PM
 #44

Here we have yet another admin wannabe. great. Wink
Do you hear that sound, whizzing over your head?

It's a bird, it's a plane, no wait...
w H O O O O O S H H H H

I know it's hard but you should stop trying to be such a cunt. Maybe you heard the phrase wrong: it's not "you eat what you are"

mdayonliner
Sr. Member
****
Offline Offline

Activity: 322
Merit: 297

Loading... & http://bit.ly/reLoaded_


View Profile
July 03, 2018, 10:23:25 AM
 #45

I am not sure if it has been discussed here or not but excuse my rush here...

Looking at all these hacked/locked account issues and the time needed to recover them manually, I feel very insecure for my account too. Although I always use strong password, 2FA where applicable - all sorts of things to ensure the highest security but still anything can happen anytime. It could be my mistake or it could be system leak, which actually does not matter. What matters is once an accident happen then the account holder is facing all sorts of hassles which is frustrating.

Coming to my point...
Whenever your password is changed (except by an administrator), you will get an email about it.

Whenever your email is changed (except by an administrator), your old email will get an email about it with a link to lock your account. The link is valid for 14 days.

I actually do not understand why the email to lock? Instead of the link to lock the account why can not the system send an email asking to revoke the request if the change has not made by this email account holder?

I think this could be a decent procedure....
If an account (bitcoinTalk) requests for password and/or email change then send an email to the last registered email address asking for approval. Send a link which will confirm manual approval for the change requested. If the original user requested the change then they are liable for their action. Now, if the user do not have access of the email address only then ask the mods/admins to help them out. I believe this small tweak in sending email, will be saving a lot of time for both the users who are victim and mods/admins.


Update:
A little correction...
For password change send approval email to the current registered email account and for email change send approval email to the last registered email.

Lordofervi
Newbie
*
Offline Offline

Activity: 48
Merit: 0


View Profile WWW
July 10, 2018, 02:15:05 PM
 #46

my account was hacked but I was able to click on the link to lock my account,
which is a problem for me how to get back my account Huh,
and how my status account now Huh
will admin restore that account to the final data before the mail and password change and send me a new password Huh?
Lordofervi
Newbie
*
Offline Offline

Activity: 48
Merit: 0


View Profile WWW
July 10, 2018, 02:21:08 PM
 #47

my account was hacked but I was able to click on the link to lock my account,
which is a problem for me how to get back my account Huh,
and how my status account now Huh
will admin restore that account to the final data before the mail and password change and send me a new password Huh?

http://i66.tinypic.com/2lkvi4g.jpg


http://i66.tinypic.com/jz907b.jpg
trapatalce
Newbie
*
Offline Offline

Activity: 50
Merit: 0


View Profile
July 10, 2018, 09:21:34 PM
 #48

my account was hacked but I was able to click on the link to lock my account,
which is a problem for me how to get back my account Huh,
and how my status account now Huh
will admin restore that account to the final data before the mail and password change and send me a new password Huh?

http://i66.tinypic.com/2lkvi4g.jpg


http://i66.tinypic.com/jz907b.jpg

If you've not locked your account, yopmail allows you to open any email registered with that domain, just use the forget password option and open the email on yopmail and then reset the email.

On another note, the same IP Address hacked me and a few other people.
tbct_mt2
Full Member
***
Offline Offline

Activity: 434
Merit: 136



View Profile
July 11, 2018, 05:16:33 AM
 #49

What if I lose acces to my old email address, which I used to register my account at the start?
I guess this situation might lead to lose all control to my account, am I right?
Are there any chance to get my account back if I unfortunately fall into such very bad situation?


Just a bit curious because I have never experienced such terrible cases.

Chaki_
Jr. Member
*
Offline Offline

Activity: 36
Merit: 1


View Profile
July 11, 2018, 01:11:03 PM
 #50

It nice to receive a link from the forum to the link email to your bitcointalk.org account before you can change your password.
Second, if you will receive email also saying that your account has been opened for the first time in a diiference device--- it will also give account owner to block this transaction if ever your account was opened in unknown location---
coinnumber
Jr. Member
*
Offline Offline

Activity: 322
Merit: 5


View Profile
July 11, 2018, 01:21:04 PM
 #51

I added email notifications for some security events:

Whenever your password is changed (except by an administrator), you will get an email about it.

Whenever your email is changed (except by an administrator), your old email will get an email about it with a link to lock your account. The link is valid for 14 days.

Let me know if you find any bugs.

I think this a good development and it will help a long way to reduce hacking of accounts and secure the account as long as possible but, I as a person don't have the idea to carry out this operation and makes my account to be firmly secured please can you help me with some details explanations? I will really appreciate that Thanks .

TWOGAP // Thriving Cryptocurrency Market With Cryptobonds
TheRealAwesome31312
Newbie
*
Offline Offline

Activity: 23
Merit: 1


View Profile
August 09, 2018, 04:56:49 AM
 #52

I'll never forget how I lost my account because the admins were not intelligent enough to actually add email security notifications at the time.

RIP awesome31312

From Politics shitposting to shitposting in a language we don't know
Jet Cash
Legendary
*
Offline Offline

Activity: 1036
Merit: 1260


I don't merit Spambies


View Profile WWW
September 23, 2018, 06:57:50 AM
 #53

This looks like a great improvement to the security here.

Now, please could we have email confirmation of new registration applications, and a restriction that only one account can be associated with an email address. I am aware that it is easy to circumvent these restrictions, but it adds some more difficulties to the bot signups.

Quickseller
Copper Member
Legendary
*
Offline Offline

Activity: 1568
Merit: 1186


View Profile WWW
September 23, 2018, 07:20:08 AM
 #54

This looks like a great improvement to the security here.

Now, please could we have email confirmation of new registration applications, and a restriction that only one account can be associated with an email address. I am aware that it is easy to circumvent these restrictions, but it adds some more difficulties to the bot signups.
Presumably, the bots are advanced enough so that they can create their own email server and acknowledge these sign up confirmations.

Requiring email verification would likely result in normal users to have decreased privacy.

3PjXm2XYDKLV5mN3oiKzNTyVvSkqP3ujeq <-- tipping address Advertise here
Pages: « 1 2 [3]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!