|
|
|
gs02xzz
|
 |
January 24, 2014, 09:36:27 PM |
|
But he has aliases
Yes I have 13 of them how long was your pass phrase? 11 Thats definitely not long enough. Should aim for at least 30 chars. That's why I think Nxt clients need some kind of built in password generator or at least a good guide for account creation with secure passwords! Otherwise new users will create accounts with passwords that can be brute forced, lose their Nxt, which results in alot of reports of hacked accounts. Client should enforce 30+ characters pass phrase with letters, numbers, special letters, uppercase, and lowercase requirement. |
|
|
|
|
|
bitcoinpaul
|
|
January 24, 2014, 09:36:58 PM |
|
You need to get rid of this advertising stuff. Domains are cheap nowadays. Have a look at nxtion.com, nxtcrypto.org, mynxt.org, ... |
|
|
|
|
|
NxtChg
|
|
January 24, 2014, 09:44:17 PM |
|
Client should enforce 30+ characters pass phrase with letters, numbers, special letters, uppercase, and lowercase requirement.
No it shouldn't. It should educate the user and help him generate a long random passphrase. |
|
|
|
|
EvilDave
|
|
January 24, 2014, 09:44:23 PM
Last edit: January 24, 2014, 11:19:13 PM by EvilDave |
|
All,
Schoul'd Optical attend in Miami?
fund can come from unclaimed coins?
thoughts now please, I see already two people that agree he should go... others?
Pin
Yes, sir!  Completely ignore the next bit: +1
Late as usual, but yeah, on that plane with optical (and maybe hot g/f as well).
Good to have some guaranteed support for him if he's up on a podium representing NXT for us all.
I feel it's in a good cause, so use the unclaimed NXT. They can do NXT some good right now. |
|
|
|
|
Fatih87SK
|
|
January 24, 2014, 09:48:37 PM |
|
You need to get rid of this advertising stuff. Domains are cheap nowadays. Have a look at nxtion.com, nxtcrypto.org, mynxt.org, ... I'm an Interior Architect. This is how much I can do with my knowledge. Enjoying doing it. I wish I could do it without the help of the wix plugins and could host it etc. Wix offer me to get rid of the advertising for 12 euros per month. Maybe I will do that if it succeeds. If I don't succeed in inspiring people about NXT than so be it. |
|
|
|
|
bitcoinpaul
|
|
January 24, 2014, 09:53:33 PM |
|
You need to get rid of this advertising stuff. Domains are cheap nowadays. Have a look at nxtion.com, nxtcrypto.org, mynxt.org, ... I'm an Interior Architect. This is how much I can do with my knowledge. Enjoying doing it. I wish I could do it without the help of the wix plugins and could host it etc. Wix offer me to get rid of the advertising for 12 euros per month. Maybe I will do that if it succeeds. If I don't succeed in inspiring people about NXT than so be it. 12€/month is expensive  rip-off |
|
|
|
|
|
Passion_ltc
|
|
January 24, 2014, 09:59:14 PM |
|
You need to get rid of this advertising stuff. Domains are cheap nowadays. Have a look at nxtion.com, nxtcrypto.org, mynxt.org, ... I'm an Interior Architect. This is how much I can do with my knowledge. Enjoying doing it. I wish I could do it without the help of the wix plugins and could host it etc. Wix offer me to get rid of the advertising for 12 euros per month. Maybe I will do that if it succeeds. If I don't succeed in inspiring people about NXT than so be it. 12€/month is expensive rip-off I pay 11$ / 8€ each month for 5 domains, 100gb space and unlimited traffic. Normal webhosting. Fatih, you should consider this. You will learn a lot.  |
|
|
|
coolmist
Newbie
 Offline
Activity: 56
Merit: 0
|
|
January 24, 2014, 10:00:12 PM |
|
Client should enforce 30+ characters pass phrase with letters, numbers, special letters, uppercase, and lowercase requirement.
+1000 Some people don't know how this type of wallet works... |
|
|
|
|
|
opticalcarrier
|
|
January 24, 2014, 10:01:26 PM |
|
I just had the most awesome idea......
When will the asset exchange come out of holms test system? The reason i ask is because of the upcoming ethereum launch. If asset exhange is live then we should invite them to create the asset and issue ethereum units inside NxT.
How well will they take that?
|
|
|
|
|
|
Fatih87SK
|
|
January 24, 2014, 10:02:52 PM |
|
You need to get rid of this advertising stuff. Domains are cheap nowadays. Have a look at nxtion.com, nxtcrypto.org, mynxt.org, ... I'm an Interior Architect. This is how much I can do with my knowledge. Enjoying doing it. I wish I could do it without the help of the wix plugins and could host it etc. Wix offer me to get rid of the advertising for 12 euros per month. Maybe I will do that if it succeeds. If I don't succeed in inspiring people about NXT than so be it. 12€/month is expensive rip-off I pay 11$ / 8€ each month for 5 domains, 100gb space and unlimited traffic. Normal webhosting. Fatih, you should consider this. You will learn a lot. But when I finally have learned it. NXT is already on da m00n! So I chose the quick way =) When I finish this one. I will start with your advice. Thanks! |
|
|
|
|
rickyjames
|
|
January 24, 2014, 10:03:16 PM |
|
Great, there goes my NXT experience. Hope you all do well. I have myself to blame.
Ok, we need good random generators included in all clients.And when you create a new wallet, it should pre-fill your passphrase with 40 or something long random string. And won't allow you to continue, until you click a small checkbox "Yes, I saved this passphrase somewhere". +1000. ...saved this passphrase somewhere...ON PAPER. And a checkbox that they did a SHA-256 file check. And a strong warning about keyloggers. NXT is so security critical that we have GOT to do some serious handholding / education for new users during the initial client setup!!! |
|
|
|
|
Damelon
Legendary
Offline
Activity: 1092
Merit: 1010
|
|
January 24, 2014, 10:03:23 PM |
|
You need to get rid of this advertising stuff. Domains are cheap nowadays. Have a look at nxtion.com, nxtcrypto.org, mynxt.org, ... I'm an Interior Architect. This is how much I can do with my knowledge. Enjoying doing it. I wish I could do it without the help of the wix plugins and could host it etc. Wix offer me to get rid of the advertising for 12 euros per month. Maybe I will do that if it succeeds. If I don't succeed in inspiring people about NXT than so be it. 12€/month is expensive rip-off I pay 11$ / 8€ each month for 5 domains, 100gb space and unlimited traffic. Normal webhosting. Fatih, you should consider this. You will learn a lot. If Fatih feels comfortable doing it his way, it's his call. I think it's great that people do something at the level of competence that they have. If he keeps the work up, he will learn. But yes, you could have spent less money |
|
|
|
|
opticalcarrier
|
|
January 24, 2014, 10:04:10 PM |
|
Client should enforce 30+ characters pass phrase with letters, numbers, special letters, uppercase, and lowercase requirement.
+1000 Some people don't know how this type of wallet works... Also should include a small ntp client and check accuracy of pc clock. This will prevent TONS off issues when nxt goes very large. Will end up saving us lots of headache in future |
|
|
|
|
|
NxtChg
|
|
January 24, 2014, 10:12:10 PM |
|
Also should include a small ntp client and check accuracy of pc clock. This will prevent TONS off issues when nxt goes very large. Will end up saving us lots of headache in future
Can't we just ask several peers what the latest timestamp is and see if we're in the ballpark? Heck, we might even do our own local "timezone" this way and disregard user's time completely. |
|
|
|
|
iruu
|
|
January 24, 2014, 10:20:34 PM |
|
It's easy to defeat bruteforce. Instead of using the password for account, use the password as an input for PBKDF2 with number of iterations inversely related to password's length. The relation: one second for safe passwords, longer for unsafe, let's say it's 15 second for something like "apple". This makes bruteforcing much harder even for short passwords. It's possible to add a second simple field, even an user's real name, and use it as a salt. The combination would make bruteforcing almost impossible. For compatibility with other accounts, it's enough to add a checkbox 'use older password system'. I can implement this in JS. Jitted JS in new browsers is fast enough. I asked Jean-Luc if he would include this if I did (no point writing only for myself - I have a secure password) but he wasn't interested. https://forums.nxtcrypto.org/viewtopic.php?f=17&t=557 |
|
|
|
|
nakaone
|
|
January 24, 2014, 10:28:05 PM |
|
some day it should be user-friendly - no person can handle a real 30+ random character password. for creating, well that is needed, but please make sure that the user gets a way (probably 2-Factor Securitized) Password for day to day usage
|
|
|
|
|
|
Fatih87SK
|
|
January 24, 2014, 10:42:11 PM |
|
You need to get rid of this advertising stuff. Domains are cheap nowadays. Have a look at nxtion.com, nxtcrypto.org, mynxt.org, ... I'm an Interior Architect. This is how much I can do with my knowledge. Enjoying doing it. I wish I could do it without the help of the wix plugins and could host it etc. Wix offer me to get rid of the advertising for 12 euros per month. Maybe I will do that if it succeeds. If I don't succeed in inspiring people about NXT than so be it. 12€/month is expensive rip-off I pay 11$ / 8€ each month for 5 domains, 100gb space and unlimited traffic. Normal webhosting. Fatih, you should consider this. You will learn a lot. If Fatih feels comfortable doing it his way, it's his call. I think it's great that people do something at the level of competence that they have. If he keeps the work up, he will learn. But yes, you could have spent less money Thanks Damelon. I just tweeted your website =) |
|
|
|
Damelon
Legendary
Offline
Activity: 1092
Merit: 1010
|
|
January 24, 2014, 10:56:05 PM |
|
Thanks Damelon. I just tweeted your website =)
Thanks you |
|
|
|
|
rajc
|
|
January 24, 2014, 11:04:08 PM |
|
You need to get rid of this advertising stuff. Domains are cheap nowadays. Have a look at nxtion.com, nxtcrypto.org, mynxt.org, ... there are still people that are not using adblock? adblockplus.org |
|
|
|
|
|
