[Proposal: prevent account hack] A complete new login system for BitcoinTalk

[mdayonliner]

it has been about 6 months since my account was hacked and I sent proof.
Legendary account got hacked - 4 months gone - Admin is Sleeping - Wake Up Admin
Account Hacked - No Response From Theymos/Cyrus - Please tag account

Background
Sadly I see a lot of accounts to get hacked. Poor account holders create alt accounts and try to recover their hacked account with the staked bitcoin address (if they signed one before). Unfortunately, if they do not sign a bitcoin address then they never can recover their lost account. I would like to thank Tomatocage for this great idea of recovering BitcoinTalk account.

The current system for recovering a hacked account is manual. I assume we do not have many mods too so obviously it takes a lot of time to get back a hacked account even if you have a signed message on stake your bitcoin address topic.

I learnt from one of my topic that theymos wanted to give us an experience of being anonymous. But with current registration system, we are asked for a valid email address. The leak of the system is, you can create a BitcoinTalk account with an email address that is not even your own, the system do not verify your given email address. The idea of not verifying the email address is, to keep the user anonymous¹.

It is obvious that theymos wanted us to use our Bitcoin address for account registration and maintaining the BitcoinTalk account. May be when theymos (actually satoshi) started the forum that time SMF did not have registration with Bitcoin, login with Bitcoin feature. I doubt if still SMF added this feature.

I guess improving the registration system and login system will help us to avoid the unfortunate account hack issue of the members. This will also automate the entire account recovery system or may be we won't even need an account recovery feature.

The proposal
I have two proposals. Let me be very quick on describing them.

Proposal One Inspired from ledger neno affiliate signup and login page


Registration process input fields

^{Click here if unable to see image}

Instead of the email address field ask for the username.

Once the user submit the data then give the user a Secret Key (system generated) and advice the user to keep the Secret Key safe. Because for login they will use this secret key. It's like losing your 12 phrase of your bitcoin wallet. There will be no need for account recovery.

Login input field

^{Click here if unable to see image}

Proposal Two Inspired from a-ads affiliate signup and login page

Registration process input fields will be only your Bitcoin address.
Additionally the registration page can ask for a username.

Login input field

^{Click here if unable to see image}

At the time of login always ask for signing a message in the Bitcoin address that was used for registration and authenticate that message for login. Again there will be no need for an account recovery.

Limitation
Applying first proposal will be difficult (not impossible) in my opinion because every existing user will need the secret key which we do not have now. It is easier when a system starts from the initial stage.

Proposal two is really possible to add with our existing system. Give enough time (may be 6 months or a year, really a long time) to the current users to add their Bitcoin address with the system. Those who are regular they will do it easily and those who are not regular and discover it after the new login and registration system will be implemented, they can use the stake your bitcoin topic and use their staked BTC address to recover their lost account manually. Keep the stay logged in feature so that the users won't need to go though the sign a message process every time to login with BitcoinTalk.


Conclusion
If we can adopt with any of the above proposed registration and login process then account hacking will dramatically drop (may be zero) also the mods will not have an extra load of manually recovering hacked account or lost account.

PS: Apology for my messed up formatting

¹ Does this mean when we create a blockchain.info wallet, we are not actually anonymous? They verify our email address.  

[hilariousetc]

Then the threads that will be getting created here en masse will be "I lost my Secret Key please reset". There are several two factor options available on the new forum software and I if theymos was going to implement them on this forum he likely would have by now but the current software isn't great for this.

[mdayonliner]

Then the threads that will be getting created here en masse will be "I lost my Secret Key please reset".

I agree with you however I guess people will take this very seriously because it's a secret key.

>>> For my Ledger neno affiliate login I only have the Secret Key and I know that If I lose it then I am going to lose my entire account and earned BTC in there.
>>> For my Bitcoin wallet I am very careful of saving my 12 word phrase because I know if I lose any of the word then I am going to lose all my stored BTC.

By the way we will still have these kind of people who will even lose their secret key. By default these people are careless, forum won't need them for good (I guess).

There are several two factor options available on the new forum software and I if theymos was going to implement them on this forum he likely would have by now but the current software isn't great for this.

-I hope theymos has in mind of not using an email address to keep us anonymous (those who want to).

[Talk merit]

Are you saying that new members will need to have a Bitcoin address?

The reason I joined Bitcoin Talk was to find out about Bitcoin, and the best way to use Bitcoin. I didn't have an address at the time.

[mdayonliner]

Are you saying that new members will need to have a Bitcoin address?

The reason I joined Bitcoin Talk was to find out about Bitcoin, and the best way to use Bitcoin.

There should not be any harm to create a bitcoin wallet and to have a bitcoin address. Now a days information are available anywhere on how to create an online wallet and to have an bitcoin address.

Yes there will be a needing for some tutorials of how to sign a bitcoin address. Again it's not gonna be that hard to find one online.

I didn't have an address at the time.

The time when you have created your Jet Cash account and the time now, has really changed a lot.  

[Seetheummerallyeah]

This is super complicated and probably requires an extensive amount of custom code. The simplest solution to strengthen account security is by implementing / adding 2 factor authentication to the forum. This is a feature that is long overdue and any modern site in which your account has some sort of monetary value should have 2FA.

[mdayonliner]

The simplest solution to strengthen account security is by implementing / adding 2 factor authentication to the forum. This is a feature that is long overdue and any modern site in which your account has some sort of monetary value should have 2FA.

2FA is also another option the can consider. Remember theymos wants the users to be anonymous and using a verified email address can give a clue to expose your identity.

This is super complicated and probably requires an extensive amount of custom code.

By the way what makes you think that it will be super complicated and will require extensive amount of custom code 

[hase0278]

2FA is also another option the can consider. Remember theymos wants the users to be anonymous and using a verified email address can give a clue to expose your identity.

Another suggestion is to change the way people log in. Instead of only asking for usernames, I think asking for email only when logging in is more secure since users can hide their email from public's eye, making hacks more difficult to attempt. Also, if the user wishes to, I think signing a message every time he/she log in option should also be implemented as well but it must be optional and can be turned off by the user when logged on his/her account.

[sri11]

Background
Sadly I see a lot of accounts to get hacked. Poor account holders create alt accounts and try to recover their hacked account with the staked bitcoin address (if they signed one before). Unfortunately, if they do not sign a bitcoin address then they never can recover their lost account. I would like to thank Tomatocage for this great idea of recovering BitcoinTalk account.

The current system for recovering a hacked account is manual. I assume we do not have many mods too so obviously it takes a lot of time to get back a hacked account even if you have a signed message on stake your bitcoin address topic.

I learnt from one of my topic that theymos wanted to give us an experience of being anonymous. But with current registration system, we are asked for a valid email address. The leak of the system is, you can create a BitcoinTalk account with an email address that is not even your own, the system do not verify your given email address. The idea of not verifying the email address is, to keep the user anonymous¹.

It is obvious that theymos wanted us to use our Bitcoin address for account registration and maintaining the BitcoinTalk account. May be when theymos (actually satoshi) started the forum that time SMF did not have registration with Bitcoin, login with Bitcoin feature. I doubt if still SMF added this feature.

I guess improving the registration system and login system will help us to avoid the unfortunate account hack issue of the members. This will also automate the entire account recovery system or may be we won't even need an account recovery feature.

The proposal
I have two proposals. Let me be very quick on describing them.

Proposal One Inspired from ledger neno affiliate signup and login page


Registration process input fields

^{Click here if unable to see image}

Instead of the email address field ask for the username.

Once the user submit the data then give the user a Secret Key (system generated) and advice the user to keep the Secret Key safe. Because for login they will use this secret key. It's like losing your 12 phrase of your bitcoin wallet. There will be no need for account recovery.

Login input field

^{Click here if unable to see image}

Proposal Two Inspired from a-ads affiliate signup and login page

Registration process input fields will be only your Bitcoin address.
Additionally the registration page can ask for a username.

Login input field

^{Click here if unable to see image}

At the time of login always ask for signing a message in the Bitcoin address that was used for registration and authenticate that message for login. Again there will be no need for an account recovery.

Limitation
Applying first proposal will be difficult (not impossible) in my opinion because every existing user will need the secret key which we do not have now. It is easier when a system starts from the initial stage.

Proposal two is really possible to add with our existing system. Give enough time (may be 6 months or a year, really a long time) to the current users to add their Bitcoin address with the system. Those who are regular they will do it easily and those who are not regular and discover it after the new login and registration system will be implemented, they can use the stake your bitcoin topic and use their staked BTC address to recover their lost account manually. Keep the stay logged in feature so that the users won't need to go though the sign a message process every time to login with BitcoinTalk.


Conclusion
If we can adopt with any of the above proposed registration and login process then account hacking will dramatically drop (may be zero) also the mods will not have an extra load of manually recovering hacked account or lost account.

PS: Apology for my messed up formatting

¹ Does this mean when we create a blockchain.info wallet, we are not actually anonymous? They verify our email address.  

I do not agree with all this, it seems complicated that everything should be locked, what if it loses 1 key ,,?
I feel with a theme that is now still better than the method you gave like the picture above, make a headache.

[Jet Cash]

There should not be any harm to create a bitcoin wallet and to have a bitcoin address.

If you use an online wallet, you are effectively using a banking service, and Bitcoin was created to avoid that. What happens if you prefer an altcoin?

If you decide to use a full node, then you may need advice and help to set this up, and this is one of the reasons for a newbie to Bitcoin to join this forum.

[mdayonliner]

Another suggestion is to change the way people log in. Instead of only asking for usernames, I think asking for email only when logging in is more secure since users can hide their email from public's eye, making hacks more difficult to attempt. Also, if the user wishes to, I think signing a message every time he/she log in option should also be implemented as well but it must be optional and can be turned off by the user when logged on his/her account.

The whole idea is to avoid verified email address. Email services are not anonymous. 
i.e: Gmail service has a central server. So any agency can pull up information contacting your email service provider.

I do not agree with all this, it seems complicated that everything should be locked, what if it loses 1 key ,,?
I feel with a theme that is now still better than the method you gave like the picture above, make a headache.

Your solution...

Then the threads that will be getting created here en masse will be "I lost my Secret Key please reset".

I agree with you however I guess people will take this very seriously because it's a secret key.

>>> For my Ledger neno affiliate login I only have the Secret Key and I know that If I lose it then I am going to lose my entire account and earned BTC in there.
>>> For my Bitcoin wallet I am very careful of saving my 12 word phrase because I know if I lose any of the word then I am going to lose all my stored BTC.

By the way we will still have these kind of people who will even lose their secret key. By default these people are careless, forum won't need them for good (I guess).

We already talked about it 

If you use an online wallet, you are effectively using a banking service, and Bitcoin was created to avoid that.

If you decide to use a full node, then you may need advice and help to set this up, and this is one of the reasons for a newbie to Bitcoin to join this forum.

- Looks like you have a point here. I will need a little bit study may be.

What happens if you prefer an altcoin?

What is it with the altcoin. Sorry I did not get it.

[LoyceV]

I agree with you however I guess people will take this very seriously because it's a secret key.

I take my password very serious because it's a password.

>>> For my Ledger neno affiliate login I only have the Secret Key and I know that If I lose it then I am going to lose my entire account

For hundreds of online accounts I only have my password and (to use your own words) I know that If I lose it then I am going to lose my entire account.

Why would it be any different if you call my password a "secret key"?

[mdayonliner]

I agree with you however I guess people will take this very seriously because it's a secret key.

I take my password very serious because it's a password.

>>> For my Ledger neno affiliate login I only have the Secret Key and I know that If I lose it then I am going to lose my entire account

For hundreds of online accounts I only have my password and (to use your own words) I know that If I lose it then I am going to lose my entire account.

Why would it be any different if you call my password a "secret key"?

Understood that you are talking about my first option but how about the second option where you need to use the given text to sign the bitcoin address you registered the account.

Why not keep both options for users to give more flexibility. These methods at-least will decrease the account recovery/hacked etc posts we are seeing these days. It's automated so mods will need no manual work.

[LoyceMobile]

Understood that you are talking about my first option but how about the second option where you need to use the given text to sign the bitcoin address you registered the account.

It'll be the same as many other threads where people either lost their private key, or got it compromised.

[mdayonliner]

Understood that you are talking about my first option but how about the second option where you need to use the given text to sign the bitcoin address you registered the account.

It'll be the same as many other threads where people either lost their private key, or got it compromised.

Well if these people can lose the 12 words of their recovery phrase (Bitcoin wallet) where they may have some bitcoin (say even 0.01 BTC) then the same people won't bother to lose the secret key of an BitcoinTalk account. LOL

They may even think bitcointalk DOT to (<=== careful visiting the site, it's not actual BitcoinTalk) is BitcoinTalk as well.

PS: Honestly speaking I am not concerned about these people. I am concerned about genuine members.

[shahzadafzal]

Bitcoin address as login? not a good idea though

Well like all others pointed out above if you can loose your password you can loose your secret key too and again what is the difference between Password and Secret key. Your password is you secret key don't loose it...

2FA is the best and can easily be integrated in current software too.

I hope in future* Theymos may add 2FA in some way...  till then HOLD your BitcoinTalk account safe :p

future* = when bitcoin reaches $100k

[mdayonliner]

future* = when bitcoin reaches $100k

I see a BIG doubt in you mind LOL
Yes two factor can be an option as well I am not denying. I guess I agreed with it in one of the post on this thread. The motivation behind my ideas are:
1. Help being anonymous (no email address)
2. Automate recovery system (Perhaps no recovery need to offer)

In that case proposal two looks fine to me although having both do not harm.

[Beerwizzard]

Such things (especially like your first offer) look too complicated. I'm not a specialist and probably aint know shit about what I'm talking now but it feels like it should somehow affect the encription of the entire user data of this forum. And by the way this thing with seed more reminds of something like steem accounts.
The most simple thing that can prevent all hacks is using 2FA. That's definetely seems easier and more profitable then mentioned options. Sadly but it doesn't seem like it will be used soon because people are asking for 2FA for a long time and for some reasons admins can't make it.

[DdmrDdmr]

I openend a thread (https://bitcointalk.org/index.php?topic=3189636.0) last month about finding 2FA a rather pressing matter, due to the amount of problems people were having with hacked forum accounts.
It seems that 2FA options are on the roadmap for the new forum software, and that it is likely to be rather choppy to even try to implement into the current software. I figure the OPs suggestion will likely fall far from being a feasible option on current software.

What does seem worrying is the time it takes currently to get the account back and running even if you can prove it’s yours. I guess the verification process is obviously manual and falls into the hands of already overloaded multitasking forum admins.

From the user’s perspective though, a claim/wait/pursue cycle of at least a few weeks is a bummer.

 

[hoangvuthach]

I guess improving the registration system and login system will help us to avoid the unfortunate account hack issue of the members. This will also automate the entire account recovery system or may be we won't even need an account recovery feature. 

There are many reasons to lose your account such as hacked, disclosure, forgotten password .....
"There are a lot of bitcointalk users," why they do not lose account "
while the other few lose their accounts.
Instead of requiring administrators to add security programs, "I bet they'd rather but they do not have time to do it." People should be more aware of protecting their accounts.

Do not let the lack of understanding of security, then you have to force another person to bear the consequences.