Hacking issues related to bountyhives. Share your insights..

[davenjulio]

Few of my friends are asking me if it is safe to use and incorporate your social media accounts with bountyhives, since i am a bountyhives user for me yes.
So i started to ask them about the details of their emails and passwords, it came through a survey results that they are using the same emails and the same passwords and even used their bdays, names and usernames as passwords, so for safety purposes please make a separate emails for airdrops, bounties and exchanger accounts, used different passwords which are not related to your identity and write them and store in a safeplace ( activate 2fa). Anyway the issues are related to cryptopia and hitbtc accounts, If you have an experienced please share..Investing with ICO and doing bounties are both  goodway to earn money be wise in creating your accounts and passwords.

[BADBITCH]

I Believe if you activate 2FA on your cryptopia and hitbtc or any website
it gives you 10001% safety
you need to be careful of somethings

1. be careful of phishing sites sent to your email
2. be careful of password reset link sent to your phone via sms
3. be careful who you give your mobile device with
4. be careful whose laptop u use, don't log in your account in a public computer system
5. make sure you log out always, without making a mistake.

[rupesh2]

linking your social media account is always a big risk ,, you can trust the platform where you link it .
but you always have doubt of its safety .
so use alternate social media account for such stuffs ..

[liangweicha]

Yes, because there are part of the database website, your password may be being stolen, then, if you use the same password on multiple sites, and you do not use Google again second validation, so this is one of the dangerous behavior.

[myhoho]

I Believe if you activate 2FA on your cryptopia and hitbtc or any website
it gives you 10001% safety
you need to be careful of somethings

1. be careful of phishing sites sent to your email
2. be careful of password reset link sent to your phone via sms
3. be careful who you give your mobile device with
4. be careful whose laptop u use, don't log in your account in a public computer system
5. make sure you log out always, without making a mistake.

There are several ways to pass 2FA. So its better to use different passwords for every site you use.
And for storing these passwords never use a software as you know they were hacked in the past too.

I was wondering about why there is no ledger nano styled password storage device

[davenjulio]

I Believe if you activate 2FA on your cryptopia and hitbtc or any website
it gives you 10001% safety
you need to be careful of somethings

1. be careful of phishing sites sent to your email
2. be careful of password reset link sent to your phone via sms
3. be careful who you give your mobile device with
4. be careful whose laptop u use, don't log in your account in a public computer system
5. make sure you log out always, without making a mistake.

Probably they encountered some of this emails clicking issues, but i believe that 2fa itself is not a 100% sure, Yes! it adds a big security factor with our account, but for me having a different passwords which are not related to my personal identity are the first key to secure your accounts against hacking. As you are storing them offline.

[iconoclast]

Never use the same password for more than 1 site. I use http://passwordsgenerator.net/ to generate unique hard to guess passwords.

[passwordnow]

I have received numerous of emails from different exchanges that I registered but I abandoned my accounts there. So I don't know what's the reason why I'm receiving alerts that there are attempts on logging in my account. I don't know where those people got my email, I never exposed my email on social media's. I'm thinking that there's a back door snatch on these websites. The IP address that attempted to log in my one exchange account came from Venezuela and the other one is from Turkey.

[Rahman11]

Few of my friends are asking me if it is safe to use and incorporate your social media accounts with bountyhives, since i am a bountyhives user for me yes.
So i started to ask them about the details of their emails and passwords, it came through a survey results that they are using the same emails and the same passwords and even used their bdays, names and usernames as passwords, so for safety purposes please make a separate emails for airdrops, bounties and exchanger accounts, used different passwords which are not related to your identity and write them and store in a safeplace ( activate 2fa). Anyway the issues are related to cryptopia and hitbtc accounts, If you have an experienced please share..Investing with ICO and doing bounties are both  goodway to earn money be wise in creating your accounts and passwords.

Your given tips is not bad I think! I also suggest for always can keep activate their two factor authentication system, and always aware about malware and phising sites which they are want to hack their accounts.

[Jaycee99]

Yes your right on the spot there we do create seperate emaill I have one which is for my personal account like social media and for school related work, the same time I have an another email for my crypto related stuffs like this one bitcointalk and the same for my wallets like our local wallet coins.ph which my email is does not contains some personal identify/names. So, yes you all should make some on other email for it to be used for crypto related stuff.

Never use the same password for more than 1 site. I use http://passwordsgenerator.net/ to generate unique hard to guess passwords.

When creating email password make it long dont put you name especially if its you account for cryptocurrencies.

[kevoh]

There are several ways to pass 2FA. So its better to use different passwords for every site you use.
And for storing these passwords never use a software as you know they were hacked in the past too.

I was wondering about why there is no ledger nano styled password storage device

I always thought activating 2FA is 100% security guaranteed (asides losing your device) and wanted to challenge you on the statement in bold fonts. A simple google search made me change my mind as I stumbled upon some ways 2FA can be compromised:

1.Someone could gain access to your 2FA device or OTP list (lost or stolen phone, device, or OTP lists).
2.A malicious application (like a trojan horse) that you install on your device steals your 2FA data.
3.Real-Time Phishing (the phisher asks for your OTP, then uses it immediately).
4.Insecure set up (for example, using Google Voice with your SMS based 2FA).
5.Man in the middle attacks (hackers insert themselves between your web browser and the web site, and steal your 2FA credentials as they are transferred).
6.Phishers pretending to be technical support tricking you into disabling your 2FA.
7.Phishers pretending to be you trick your technical or customer service support into disabling your 2FA.
8. Getting access to your 2FA via hacking some other related site (for example, breaching your cell phone provider's web site).

Source

[mariomerula]

Personally I never use the same password and also activate 2FA security when there is the possibility....