what is my mistake?

[taksrkanah]

hi everyone.
I want to ask mainly for moderators. I lost access to my account https://bitcointalk.org/index.php?action=profile;u=1195092
i am banned by theymos, i want to ask what is my mistake. I am not a farmer my account  and also never spamming.
Thank you in advance please answer

[1714904414]

1714904414

[1714904414]

1714904414

[1714904414]

1714904414

[1714904414]

1714904414

[hase0278]

hi everyone.
I want to ask mainly for moderators. I lost access to my account https://bitcointalk.org/index.php?action=profile;u=1195092
i am banned by theymos, i want to ask what is my mistake. I am not a farmer my account  and also never spamming.
Thank you in advance please answer

I have looked upon your post and as I can see most of your post(but not all) are spam and is on a megathread(most of your replies are posted on page 10 and above of the thread) wherein the answers just repeat itself. Some of your post are good though, specially the ones that are merited but if you don't consider most of your post as spamming, then think twice. I don't see other reasons why theymos banned you though.

[mprep]

Have you, by any chance, tried to reset your password via a secret question?

[mprep]

Have you, by any chance, tried to reset your password via a secret question?

right, I reset my password with a secret question ..
can I use my account again?

Resetting your account via a secret question automatically locks your account due to security issues with said feature. If you want to have your account unblocked, you're going to have to sign a message as per the quoted instructions bellow. Since your account was just blocked and not actually hacked, you can send this message over to me and if everything's in order, I'll unlock it. If and once you get your account back, remove the secret question and answer from your profile by setting both to blank and saving the settings. Further attempts at recovering your account via the secret question will continue to lock your account so don't do it.


From https://bitcointalk.org/index.php?topic=703657.0:

Q: My account was hacked! What do I do?
A: See this thread: https://bitcointalk.org/index.php?topic=497545.0. If you don't know how to sign a message, see this thread made by shorena: https://bitcointalk.org/index.php?topic=990345.0

Also, remember when PMing the signed message, send it in [code ][/code ] brackets (just without the space at the end). For example,

Code:

-----BEGIN BITCOIN SIGNED MESSAGE-----
My account <account> has been hacked/lost. Please reset the email to <email>. The current date is <date>.
-----BEGIN SIGNATURE-----
<insert address here>
<insert signature here>
-----END BITCOIN SIGNED MESSAGE-----

Here is the unedited post where I posted that address: ...
OR
I sent that address to someone in a PM with PM ID#...

If you don't know how to sign a message and the tutorial mentioned before didn't mention your client, google for some tutorials with terms like: "signing messages with <insert your bitcoin client name here>". For example, "signing messages with bitcoin-qt".

[EthanB]

Have you, by any chance, tried to reset your password via a secret question?

right, I reset my password with a secret question ..
can I use my account again?

If you try to reset your password with the secret question I'm pretty sure this locks you out of your account automatically, because of a database breach or some other security concern awhile back. This is not a fun part of our forum experience and there should be something done about it. There should either be the removal of these secret questions, the restructuring of these questions or at least a blatant warning surrounding their usage so that you know what is happening. I've always wondered about the secret question flaw giving people the ability to lock anyone's account, or does it only lock the account if answered "correctly"?

Regardless, looking through your post history it doesn't look like your posts are painfully bad. Most people that are cut-off for spamming are very severe cases and you seem more clueless than malicious in my opinion. How do you know you were banned by Theymos?

There needs to be more explanation as to what happened immediately preceding your account lock, what messages have you received to verify your suspicions and what have you done to remedy the situation.

More on account recovery : https://bitcointalk.org/index.php?topic=497545.0

[mprep]

Sorry Guest, you are banned from using this forum!
For security, your account has been locked. Email acctcomp15@theymos.e4ward.com
When I try to login, so like this sir

Read my previous post. Follow the instructions. If you can't, consider your account gone.

[teddy5145]

Upon searching from your post, this is the only address I managed to find

hi dev, this is my EtherWallet  
0xbC119335051E4D09692F9393046ab3babD78800D

Sign a message using that Ether address with format that Mprep Gave to you above, after that send it either to Theymos or Cyrus to be recovered, expect a long time for a reply.

[mprep]

Upon searching from your post, this is the only address I managed to find

hi dev, this is my EtherWallet  
0xbC119335051E4D09692F9393046ab3babD78800D

Sign a message using that Ether address with format that Mprep Gave to you above, after that send it either to Theymos or Cyrus to be recovered, expect a long time for a reply.

Messages signed with ETH addresses can't be used as proof for recovering your account.

[EthanB]

Messages signed with ETH addresses can't be used as proof for recovering your account.

Can you point us to some more reading regarding this? This is contradictory to something that another user said awhile back. I had assumed that signing an ETH would be equally acceptable, so I'm wondering if there are any official statements regarding this? I'm not saying you're wrong, because you would know better than I would, but I just swear I remember a staff member suggesting that someone sign a message from their ETH address to prove ownership of their account. Not sure if this is a contentious issue, or what the case is, but I would love to read more on this. Is there security concerns when it comes to signing a message from an ETH address or is there no satisfactory way to verify these messages?

[mprep]

Messages signed with ETH addresses can't be used as proof for recovering your account.

Can you point us to some more reading regarding this? This is contradictory to something that another user said awhile back. I had assumed that signing an ETH would be equally acceptable, so I'm wondering if there are any official statements regarding this? I'm not saying you're wrong, because you would know better than I would, but I just swear I remember a staff member suggesting that someone sign a message from their ETH address to prove ownership of their account. Not sure if this is a contentious issue, or what the case is, but I would love to read more on this. Is there security concerns when it comes to signing a message from an ETH address or is there no satisfactory way to verify these messages?

From https://bitcointalk.org/index.php?topic=497545.0:

Typically, the only acceptable method of proving ownership is by signing a message (including current date and desired new email address) using a Bitcoin address or PGP key associated with the account.

While other global moderators might accept a message signed with an ETH address as proof, I'm not going to until I get an explicit acknowledgement from theymos. Technically, all account recovery should be done by admins but since simple security locks don't require an email changed, any certain global mods can do it as well. As for whether they're accepted by the admins as proof for a recovery of a hacked account, that's something you're going to have to ask them.

AFAIK both signing and verifying messages is as easy as for Bitcoin addresses. As for security, it's probably on par with Bitcoin though I haven't really dived into Ethereum's technical side to be 100% sure.

[teddy5145]

But, in OP's case he never posted a Bitcoin address, from surfing through his post history all I did see is that he only ever posted two ETH addresses.
Any possibilities for you to make an exception? If not OP's account can be considered gone without any Bitcoin address to make a signed messages.
Creating ETH signed message are the same as creating Bitcoin Signed message, user need to be in possession of their ETH private key before signing a message, so theoretically it should be as safe as Bitcoin signed message.

[mprep]

But, in OP's case he never posted a Bitcoin address, from surfing through his post history all I did see is that he only ever posted two ETH addresses.
Any possibilities for you to make an exception? If not OP's account can be considered gone without any Bitcoin address to make a signed messages.
Creating ETH signed message are the same as creating Bitcoin Signed message, user need to be in possession of their ETH private key before signing a message, so theoretically it should be as safe as Bitcoin signed message.

While other global moderators might accept a message signed with an ETH address as proof, I'm not going to until I get an explicit acknowledgement from theymos.

[Quickseller]

It is fair enough to want explicit permission to use an ETH signed message considering the written instructions. However there is no reason why, upon request for clarification, signed messages from major altcoins, when it is clear which altcoin the address was associated with shouldn’t be allowed to be used.

Many people come here to learn about both bitcoin and altcoins and for one reason or another only post the address of a major altcoin. To think that a signed message associated with a major altcoin is insufficient to prove your identity when dealing with a Bitcointalk account is just ridiculous. It is one thing to say the person verifying the message doesn’t have a client to verify the message, but if they have the means to verify the message, there is no reason why it shouldn’t be accepted.

[EthanB]

Typically, the only acceptable method of proving ownership is by signing a message (including current date and desired new email address) using a Bitcoin address or PGP key associated with the account.

While other global moderators might accept a message signed with an ETH address as proof, I'm not going to until I get an explicit acknowledgement from theymos. Technically, all account recovery should be done by admins but since simple security locks don't require an email changed, any global mod can do it. As for whether they're accepted by the admins as proof for a recovery of a hacked account, that's something you're going to have to ask them.

AFAIK both signing and verifying messages is as easy as for Bitcoin addresses. As for security, it's probably on par with Bitcoin though I haven't really dived into Ethereum's technical side to be 100% sure.

That post from theymos was from before Ethereum existed, so given that the security is (probably) on par with bitcoin's message signing and private keys then I would imagine theymos wouldn't have a problem with this. I was looking for more of an explicit statement that excluded Ethereum addresses being used in this manner. I've read that post many times, and while I do see your point about it not being explicitly stated that anything other than Bitcoin addresses can be signed, I hope you will reconsider or at least query theymos about this issue for the sake of clarity if nothing else. There is no other information regarding this? It seems strange that some staff would operate one way and some of you would operate another on a matter of account recovery policy. That seems a rather important issue to be uniform/consistent on.

Have you attempted to ask theymos about this yet?

[mprep]

Typically, the only acceptable method of proving ownership is by signing a message (including current date and desired new email address) using a Bitcoin address or PGP key associated with the account.

While other global moderators might accept a message signed with an ETH address as proof, I'm not going to until I get an explicit acknowledgement from theymos. Technically, all account recovery should be done by admins but since simple security locks don't require an email changed, any global mod can do it. As for whether they're accepted by the admins as proof for a recovery of a hacked account, that's something you're going to have to ask them.

AFAIK both signing and verifying messages is as easy as for Bitcoin addresses. As for security, it's probably on par with Bitcoin though I haven't really dived into Ethereum's technical side to be 100% sure.

That post from theymos was from before Ethereum existed, so given that the security is (probably) on par with bitcoin's message signing and private keys then I would imagine theymos wouldn't have a problem with this. I was looking for more of an explicit statement that excluded Ethereum addresses being used in this manner. I've read that post many times, and while I do see your point about it not being explicitly stated that anything other than Bitcoin addresses can be signed, I hope you will reconsider or at least query theymos about this issue for the sake of clarity if nothing else. There is no other information regarding this? It seems strange that some staff would operate one way and some of you would operate another on a matter of account recovery policy. That seems a rather important issue to be uniform/consistent on.

Have you attempted to ask theymos about this yet?

Nothing's stopping theymos from updating the thread to include ETH, LTC or whichever altcoin he wants. In fact, the thread was last edited on October 25th, 2017 (hover over the post's date) which means he has nothing against updating it when procedures change. As for asking him, since this technically isn't even my responsibility and I'm still waiting on an unrelated request I've PMed him about a couple of days ago, I'll leave it to the user in question to convince theymos to add additional account recovery methods.

The reason certain global mods handle account recovery differently is because we're doing so unofficially (there isn't any forum policy requiring us to handle such requests nor is there anything prohibiting us from doing so) and only for a small subset of these requests (non hacked locked out accounts).