Bitcoin Forum
December 15, 2017, 10:42:43 AM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: blockchain.info wallet: aliases don't work anymore?  (Read 3523 times)
Kazimir
Legendary
*
Offline Offline

Activity: 1134



View Profile
October 29, 2013, 12:00:23 PM
 #1

I use a couple of blockchain.info wallets for spare change, and I always logged in using an alias link, such as https://blockchain.info/wallet/MyBigFatWallet (just a random example)

But for a while now, these alias links (or entering the alias manually at https://blockchain.info/wallet/login ) don't seem to work anymore. Instead I'm getting this:

Insecure Alias. Please login using your wallet identifier link.

So instead of the alias names, I now have to use the explicit wallet identifier, such as https://blockchain.info/wallet/5a1949f9-3a0d-53bd-1b7d-b7082e4b7ea1 (again, just a random example)

Piuk or anyone else: is this correct, or did I mess something up?

Note that the error is different from what I'm getting when entering a non-existing alias, in that case it just says "Unknown Wallet Identifier".

In theory, there's no difference between theory and practice. In practice, there is.
Insert coin(s): 1KazimirL9MNcnFnoosGrEkmMsbYLxPPob
1513334563
Hero Member
*
Offline Offline

Posts: 1513334563

View Profile Personal Message (Offline)

Ignore
1513334563
Reply with quote  #2

1513334563
Report to moderator
1513334563
Hero Member
*
Offline Offline

Posts: 1513334563

View Profile Personal Message (Offline)

Ignore
1513334563
Reply with quote  #2

1513334563
Report to moderator
1513334563
Hero Member
*
Offline Offline

Posts: 1513334563

View Profile Personal Message (Offline)

Ignore
1513334563
Reply with quote  #2

1513334563
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1513334563
Hero Member
*
Offline Offline

Posts: 1513334563

View Profile Personal Message (Offline)

Ignore
1513334563
Reply with quote  #2

1513334563
Report to moderator
1513334563
Hero Member
*
Offline Offline

Posts: 1513334563

View Profile Personal Message (Offline)

Ignore
1513334563
Reply with quote  #2

1513334563
Report to moderator
1513334563
Hero Member
*
Offline Offline

Posts: 1513334563

View Profile Personal Message (Offline)

Ignore
1513334563
Reply with quote  #2

1513334563
Report to moderator
Skinnkavaj
Sr. Member
****
Offline Offline

Activity: 469


English Motherfucker do you speak it ?


View Profile
October 29, 2013, 02:28:42 PM
 #2

Sorry for hijacking thread, but kinda the same issue.
How do I login with another alias?
Like if I have two wallets.

Currently the only way for me to do it, is to do it in private mode because cookies or something save the wallet identifier and I cannot change it without going into private mode browsing.

bitpop
Legendary
*
Offline Offline

Activity: 2184


https://keybase.io/bitpop


View Profile WWW
December 19, 2013, 02:46:53 PM
 #3

Removed as a security risk

Reputation  |  PGP  |  DigitalOcean  |  TorGuard  |  Ethereum Classic
Bitcoin: 3DSh6AnmvBpDJFUz2mnLirMLmTMcFs9nDm
Bitmessage: BM-2cXN9j8NFT2n1FxDVQ6HQq4D4MZuuaBFyb
Kazimir
Legendary
*
Offline Offline

Activity: 1134



View Profile
January 02, 2014, 07:41:52 AM
 #4

Removed as a security risk
Any more info on this? What's the involved risk, exactly?

Bad alias + bad password = more vulnerable to attacks than random GUID + bad password?

In theory, there's no difference between theory and practice. In practice, there is.
Insert coin(s): 1KazimirL9MNcnFnoosGrEkmMsbYLxPPob
bitpop
Legendary
*
Offline Offline

Activity: 2184


https://keybase.io/bitpop


View Profile WWW
January 02, 2014, 07:54:07 AM
 #5

Removed as a security risk
Any more info on this? What's the involved risk, exactly?

Bad alias + bad password = more vulnerable to attacks than random GUID + bad password?




I know reusing addresses is forbidden mostly

Reputation  |  PGP  |  DigitalOcean  |  TorGuard  |  Ethereum Classic
Bitcoin: 3DSh6AnmvBpDJFUz2mnLirMLmTMcFs9nDm
Bitmessage: BM-2cXN9j8NFT2n1FxDVQ6HQq4D4MZuuaBFyb
Kazimir
Legendary
*
Offline Offline

Activity: 1134



View Profile
January 02, 2014, 10:08:29 AM
 #6

Removed as a security risk
Any more info on this? What's the involved risk, exactly?

Bad alias + bad password = more vulnerable to attacks than random GUID + bad password?

I know reusing addresses is forbidden mostly
Uhmmm.... no understand.

I does reusing addresses relate to using an alias instead of a guid as a blockchain wallet ID?  Huh

In theory, there's no difference between theory and practice. In practice, there is.
Insert coin(s): 1KazimirL9MNcnFnoosGrEkmMsbYLxPPob
bitpop
Legendary
*
Offline Offline

Activity: 2184


https://keybase.io/bitpop


View Profile WWW
January 02, 2014, 10:47:13 AM
 #7

Removed as a security risk
Any more info on this? What's the involved risk, exactly?

Bad alias + bad password = more vulnerable to attacks than random GUID + bad password?

I know reusing addresses is forbidden mostly
Uhmmm.... no understand.

I does reusing addresses relate to using an alias instead of a guid as a blockchain wallet ID?  Huh

Oops nevermind

Yes usernames are bad because most people will use the same one here, etc. Now if the database leaks, they can now brute force your wallet if they think you're a big target.

Reputation  |  PGP  |  DigitalOcean  |  TorGuard  |  Ethereum Classic
Bitcoin: 3DSh6AnmvBpDJFUz2mnLirMLmTMcFs9nDm
Bitmessage: BM-2cXN9j8NFT2n1FxDVQ6HQq4D4MZuuaBFyb
Abdussamad
Legendary
*
Offline Offline

Activity: 1582



View Profile WWW
January 09, 2014, 02:33:05 PM
 #8

The way bc.i works is your browser gets a copy of the encrypted wallet when it visits a page with a legitimate identifier. So aliases make it easy for hackers to get copies of encrypted wallets. All they have to do is run a bot that loops over a dictionary and harvests encrypted wallets en masse. Then they can take their sweet time brute forcing those wallets using their GPU farms. This is how many ordinary users who used simple passwords lost their coins.

So now when you visit an alias you get an email that tells you your wallet identifier and then you login using that.

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!