Account security improvement: e-mail confirmation to change password and mail

[Cashi]

To improve the security of our Bitcointalk accounts it would be a good decision to allow password-changes or changes of our current e-mail address only if we have to verify a confirmation mail which is send to our current e-mail address.

I'm sure that will help to prevent many hacks. If we set a confirmation e-mail as requirement the hackers need access to the Bitcointalk account and the e-mail account. Right now, a hacker needs only to have access to the Bitcointalk account and he can change e-mail address and password without any difficulty and lock out the legitimate owner.

Is it possible to implement such a feature? I would really like to have this additional security measure to protect my account from hacks.

[1715051515]

1715051515

[1715051515]

1715051515

[1715051515]

1715051515

[1715051515]

1715051515

[Becky666]

To improve the security of our Bitcointalk accounts it would be a good decision to allow password-changes or changes of our current e-mail address only if we have to verify a confirmation mail which is send to our current e-mail address.

I'm sure that will help to prevent many hacks. If we set a confirmation e-mail as requirement the hackers need access to the Bitcointalk account and the e-mail account. Right now, a hacker needs only to have access to the Bitcointalk account and he can change e-mail address and password without any difficulty and lock out the legitimate owner.

Is it possible to implement such a feature? I would really like to have this additional security measure to protect my account from hacks.

Although there had been many account hack recent times in this forum and issues concerning security had been discussed extensively and groups has been set up for account recovery ..etc.

This suggestion looks pretty good for another level of security to the ones already out played which has not actually given lasting solutions to the issues of hacks in the forum. Theymos should take a look at this suggestion to see if its possible to move the security level of account protection a bit higher than what we have on ground. Just my personal opinion!!.

[bitmover]

This was already suggested many times, like 2FA and similar, but none of those suggestions were implemented. The only thing you can do now is to freeze your account. That´s good, but certainly not enough.

theymos wants to create an automated process of recovering accounts signing a bitcoin address, which is a more elegant solution and fits the forum

[crwth]

This would be a great idea combined with all the other topics raised like this: https://bitcointalk.org/index.php?topic=5073921.0

Every time I think of changing passwords or email, it can be seen as a suspicious activity in one's account, except if you proved it that it's still you. I'm up for the confirmation email, changing the password, etc. Creating that would be time-consuming and this is an old post.

If someone wants to write a patch for it, I will seriously consider adding it. I believe that safely adding 2FA would be very time-consuming, so I'm not willing to do it myself or direct Slickage to do it.

[Cashi]

Yes, 2FA is also a very good feature, I hope it will be enabled in the new forum software. In the old one it seems to be too difficult to add. There are many cases where hacks woldn't have happened if we had a confirmation mail or 2FA. A confirmation mail should be easier to implement or am I wrong?

When my password got resetted I receive a mail as a notice but I can't access my account anymore if the hacker is fast and changes my mail. In addition, it should be possible to send a mail before the password is changed. Afterwards the mail is not very useful. I can just lock my account but I would be locked out by myself:   

Dear ~,

Your Bitcoin Forum (bitcointalk.org) email address was just changed from ~ to ~ by IP address ~. If you did not do this, then you can visit the following link within 14 days in order to lock the account:
~link~
Note that you will NOT be asked for your password at that URL.

Regards,
The Bitcoin Forum Team

The link gives an option to lock the account:

Your account will be locked. Nobody will be able to log in and access any of the account's functions. Administrative action will be required to unlock it. You should contact an admin after this (see the sticky in Meta). Be warned that although it will be easier to recover an account after this locking tool is used than if you do nothing and your account is compromised, our account-recovery throughput is very limited, and it could be a long time before you get your account back.

[tranthidung]

This is one of the best solutions, I think.

theymos wants to create an automated process of recovering accounts signing a bitcoin address, which is a more elegant solution and fits the forum

Wrong!
For someone who still thought that 2FA is the best solution, let's spend a minute to think of what will happen if account owners lost their 2FA backup?
Then, they will open a topic in Meta, complaining and asking for help.
2FA backups can be lost, but the quoted of your bitcoin signed address in the forum will not be lost at any odds.
The probability that both your original bitcoin signed address post and quoted-post from your original post deleted together are scarce, almost impossible.

Yes, 2FA is also a very good feature

[mk4]

Wrong!
For someone who still thought that 2FA is the best solution, let's spend a minute to think of what will happen if account owners lost their 2FA backup?
Then, they will open a topic in Meta, complaining and asking for help.
2FA backups can be lost, but the quoted of your bitcoin signed address in the forum will not be lost at any odds.
The probability that both your original bitcoin signed address post and quoted-post from your original post deleted together are scarce, almost impossible.

Can't you say the same with your bitcoin wallet's private keys though? You can lose access to your 2FA if you lose your backup or if you didn't do a backup to start with; and at the same time, you can also lose access to your staked bitcoin address if you lose access to your wallet's private keys.

In the end, if you want to me more secure, you'd need to take these small extra responsibilities to do so. And for now, 2FA(along with signing a message of your staked address), is one of the best security practices that we can use right now.

[Findingnemo]

I think its is already suggested by our community early,but why it is not wise to implement means!

Practically someone will change email address only if they lost access to old one,so what happens if they lost their access to old email and to add new email?

SO just stick with what we have now and  hope to see something to prevent hacks in new forum software.

[lobcmt2]

Or with terrible support of yahoo mail. It is a terrible scenario.

I think its is already suggested by our community early,but why it is not wise to implement means!

Practically someone will change email address only if they lost access to old one,so what happens if they lost their access to old email and to add new email?

SO just stick with what we have now and  hope to see something to prevent hacks in new forum software.

My proposal is the combination of two security methods:
- 2FA (for users to increase their security level by themselves)
- Bitcoin signed address: if they lost control of 2FA, the bitcoin signed address might give them chances to recover their accounts. Of course, the one only helpful if they have full control of their bitcoin signed address.

If they lose all of them, they should accept the fact that accounts totally gone.

[CryptopreneurBrainboss]

This email issue and 2FA security sittings have been discuss numerous times and he's an official statement from theymos on the issue.
From what I understand view this quote below although I haven't been hacked before so don't know how effective it's

I added email notifications for some security events:

Whenever your password is changed (except by an administrator), you will get an email about it.

Whenever your email is changed (except by an administrator), your old email will get an email about it with a link to lock your account. The link is valid for 14 days.

Let me know if you find any bugs.

Then few hours later this user confirmed the system is working just fine.

Whenever your password is changed (except by an administrator), you will get an email about it.

Verified , no problem, email received if password is changed.

+logout
+login to test changed password
= no problem.

+forgot password link
+email received to reset password
+change password
= no problem.

[sheenshane]

I added email notifications for some security events:

Whenever your password is changed (except by an administrator), you will get an email about it.

Whenever your email is changed (except by an administrator), your old email will get an email about it with a link to lock your account. The link is valid for 14 days.

Let me know if you find any bugs.

Snip-

Email notification is enough for security purposes as what have theymos said as long as your email account is not hacked too, I think 2FA is not needed since there's an email to your email account were you receive if somebody changing your profile info or something your account has stolen. Together with the signed address on this forum is a solid proof to recover account once it is quoted with someone else.

I think there's nothing to change with the account security system settings, besides it is our responsibility to keep our account safe. So, it is impossible to get hack unless if you sell your account and trying to get back and claiming it is getting hacked.

[tranthidung]

In a nutshell, [after read all above posts] I would say some steps are neccessary to secure accounts:
- Strong password: should be as strong as possible, lower & upper case, letter, etc. And, the account's password should be totally different than any other accounts on other platforms (in the case using the same email for different platform).
- 2FA for email that used to register forum account;
- Strong antivirus software, and keep it always updated.
- Staking bitcoin signed address in the forum;
- Keeping the wallet (on computers) as safely as possible.

All those four steps are essential and enough to secure accounts, in my opinion.

I remembered that I read a topic from a Hero/ Ledgendary who get their account back almost immediately after get the email notification.
When I saw the topic again, I will leave the link here.

[Kavelj22]

After reading all above posts, i think there is a missed information:
When an account is proceeded for ownership change (email change), the following process occurs:

- The change is queued.
 - It is listed in seclog.php.
 - The old email receives a warning.
 - After 7 days, the change goes through and another seclog.php entry is added.

The account stays locked throughout all of this.

It means that when you receive an email informing you that the email address has been changed to a new one, you have some few options which i find sufficent enough:
- Lock the account with the link received in the email during the next 14 days as mentioned here:

Whenever your email is changed (except by an administrator), your old email will get an email about it with a link to lock your account. The link is valid for 14 days.

- During the one week period of ownership change, you can post all the evidence you have about the ownership of your account (staked btc address or PGP key / full control over the original email which you used to create the account...) so the administration can take hand of the situation and correct it:

Hopefully it will be essentially unheard of, but if an account is going to be incorrectly transferred, everyone who knows about the incorrect change should noisily post all of the evidence they have so that we can at least put the change on hold and re-review the evidence.

^{* Admins can act outside of procedure and bypass the queue if necessary, but hardly ever will.}

Up to this point, all what you have to do is to secure your account following those advices, which i find essential and enough, based only on my opinion:

- Strong password: should be as strong as possible, lower & upper case, letter, etc. And, the account's password should be totally different than any other accounts on other platforms (in the case using the same email for different platform).
- 2FA for email that used to register forum account;
- Strong antivirus software, and keep it always updated.
- Staking bitcoin signed address in the forum;
- Keeping the wallet (on computers) as safely as possible.

So no need to ask/suggest adding more features to the forum or more restrictions. Active 2FA for the email is fundamental.

Related threads to this, started by admin:
FYI: "ownership change queued"
Recovering hacked/lost accounts
Account recoveries are moving again
I have created this topic to record entries in SecLog : All the Ownership-Changed and Restored accounts

^{*Don't hesitate to correct me if you find anything wrong in this post.}