Bitcoin Forum
September 16, 2019, 09:18:53 AM *
News: If you like a topic and you see an orange "bump" link, click it. More info.
 
   Home   Help Search Login Register More  
Poll
Question: Should there be an option to get an e-mail notification upon logging in
Yes - 18 (94.7%)
No - 1 (5.3%)
Total Voters: 19

Pages: [1] 2 3 »  All
  Print  
Author Topic: Create an option to get an e-mail notification someone logs in  (Read 753 times)
bones261
Legendary
*
Offline Offline

Activity: 1680
Merit: 1695


KnowNoBorders.io


View Profile
June 05, 2019, 06:22:30 AM
Last edit: June 05, 2019, 03:49:18 PM by bones261
Merited by dbshck (4), DdmrDdmr (1), mikeywith (1), morvillz7z (1)
 #1

    Recently, we had an incident where a member states that PMs were sent from his account, without him being aware. https://bitcointalk.org/index.php?topic=5150479.0 It definitely is possible for a hacker to log into someone's account, send a PM with the "save a copy to my outbox" unchecked, and the real owner of the account not being made aware. Would it do any good to allow an option to be notified by e-mail whenever a PM is sent from your account? Also, an e-mail notification would be sent whenever someone decides to opt-in or opt-out. Perhaps these e-mails can also come with an option to lock the account.

Edit:Perhaps just having the option to get notification when someone logs into your account would be better. It doesn't even need to include the ip like many sites have implemented. That way, a hacker cannot circumvent it by simply turning the option off since you would be notified of the initial log in. Also, an option to either lock the account or automatically log off all sessions with the e-mail would be helpful.

   ▄▄██████▄▄
  ████████████
███▄▄
 ██████████████▀▀▀██▄
████████████████   ▀██▄
████████████████     ▀██
██████████████       ██▌
██████████████        ▐██
██▌▀▀██████▀▀         ▐██
▐██                   ██▌
 ██▄                 ▄██
  ▀██▄             ▄██▀
    ▀██▄▄▄     ▄▄▄██▀
      ▀▀█████████▀▀
MAIN CLUB
PARTNER of
W A T F O R D  FC
Industry Leading Crypto Sportsbook
|
SPECIAL
WATFORD FC
PROMOTIONS
|
UNIQUE
CONTENT &
GIVEAWAYS
|
▄▄█████████▄▄
▄█████████████████▄
▄██████████▀▀▀▀███████▄
▄█████████▀     ████████▄
▄██████████   ████████████▄
█████████        ██████████
█████████▄▄   ▄▄███████████
███████████   █████████████
▀██████████   ████████████▀
▀█████████   ███████████▀
▀████████▄▄▄██████████▀
▀█████████████████▀
▀▀█████████▀▀
.PLAY  HERE.
[/t
1568625533
Hero Member
*
Offline Offline

Posts: 1568625533

View Profile Personal Message (Offline)

Ignore
1568625533
Reply with quote  #2

1568625533
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1568625533
Hero Member
*
Offline Offline

Posts: 1568625533

View Profile Personal Message (Offline)

Ignore
1568625533
Reply with quote  #2

1568625533
Report to moderator
1568625533
Hero Member
*
Offline Offline

Posts: 1568625533

View Profile Personal Message (Offline)

Ignore
1568625533
Reply with quote  #2

1568625533
Report to moderator
bL4nkcode
Copper Member
Hero Member
*****
Offline Offline

Activity: 1302
Merit: 763


dýnami stous arithmoús


View Profile WWW
June 05, 2019, 06:28:03 AM
Merited by DdmrDdmr (1)
 #2

It definitely is possible for a hacker to log into someone's account, send a PM with the "save a copy to my outbox" unchecked, and the real owner of the account not being made aware.
What if there's an email notification every time a user login on its forum account to top this. And with this ,
Quote
Perhaps these e-mails can also come with an option to lock the account.

..bustadice..         ▄▄████████████▄▄
     ▄▄████████▀▀▀▀████████▄▄
   ▄███████████    ███████████▄
  █████    ████▄▄▄▄████    █████
 ██████    ████████▀▀██    ██████
██████████████████   █████████████
█████████████████▌  ▐█████████████
███    ██████████   ███████    ███
███    ████████▀   ▐███████    ███
██████████████      ██████████████
██████████████      ██████████████
 ██████████████▄▄▄▄██████████████
  ▀████████████████████████████▀
                     ▄▄███████▄▄
                  ▄███████████████▄
   ███████████  ▄████▀▀       ▀▀████▄
               ████▀      ██     ▀████
 ███████████  ████        ██       ████
             ████         ██        ████
███████████  ████     ▄▄▄▄██        ████
             ████     ▀▀▀▀▀▀        ████
 ███████████  ████                 ████
               ████▄             ▄████
   ███████████  ▀████▄▄       ▄▄████▀
                  ▀███████████████▀
                     ▀▀███████▀▀
           ▄██▄
           ████
            ██
            ▀▀
 ▄██████████████████████▄
██████▀▀██████████▀▀██████
█████    ████████    █████
█████▄  ▄████████▄  ▄█████
██████████████████████████
██████████████████████████
    ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
    ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
       ████████████
......Play......
CryptopreneurBrainboss
Hero Member
*****
Offline Offline

Activity: 560
Merit: 773


LiveCoin - is a modern stock exchange


View Profile WWW
June 05, 2019, 07:02:21 AM
Last edit: June 05, 2019, 09:45:38 AM by CryptopreneurBrainboss
 #3

Voted yes but just wondering if such a feature can be implemented that easily and how productive it'll be since it doesn't stop the hacker from sending the PM. On all socal media related sites i have seen the feature of receiving a notification when you receive a PM but haven't seen any for receiving a notification for PM sent.

How about the option of making the "save a copy to my outbox" a default setting that can't be changed and message saved in outbox can only be deleted after certain number of days like 30days period.

█████████▄           ▄█
▀██▄         ██
▀██▄    ▄▄ ██
▀███ ███ ██
█████████▄        ▀▀ ██
▀██▄      ▄▄ ██
▄█████████ ███ ██
▄██▀          ▀▀ ██
████
█▀            ▄▄ ██
▄██ ███ ██
▄██▀   ▀▀ ██
▄██▀        ██
███████████▀          ▀█




▄▄█
█████
█████
█████
█████
█████

█████

█████

█████


▄▄█
█████
█████
█████
█████
█████
█████
█████

█████

█████

█████
▄▄█
█████
█████
█████
█████
█████
█████
█████
█████
█████

█████

█████

█████
█▄           ▄█████████
██         ▄██▀
██ ▄▄    ▄██▀
██ ███ ███▀
██ ▀▀        ▄█████████
██ ▄▄      ▄██▀
██ ███ █████████▄
██ ▀▀          ▀██▄
██ ▄▄            ▀█████
██ ███ ██▄
██ ▀▀   ▀██▄
██        ▀██▄
█▀          ▀███████████
thd26bct
Member
**
Offline Offline

Activity: 300
Merit: 93


View Profile
June 05, 2019, 07:05:35 AM
 #4

What if users do not use main emails (that used for their jobs) to register their accounts in the forum? Those users likely don't log in emails (used to register forum accounts) too often.
For inactive users, whom fall into inactive status for months or years, such email notifications don't make sense.

If such email notifications when PM sent activated, it should be limited on PMs sent from strange IPs of each account. Recent months, when Gmail's users log in from strange IP, strange devices, they have to do some confirmations to log in their emails.
Jet Cash
Legendary
*
Offline Offline

Activity: 1372
Merit: 1746


Trying to preserve our heritage.


View Profile WWW
June 05, 2019, 07:13:23 AM
 #5

It's already in your profile. Just set "Notify by email every time you receive a personal message:  " to "always" and you will receive notifications.

It's in the private message section of your profile.

What is this old tool?  -  Click here to visit Fit to Talk

I've added some more Bitcoin music to Bitcoin Tunes
Quickseller
Copper Member
Legendary
*
Offline Offline

Activity: 1904
Merit: 1745



View Profile WWW
June 05, 2019, 07:14:40 AM
 #6

It's already in your profile. Just set "Notify by email every time you receive a personal message:  " to "always" and you will receive notifications.
He wants to receive notifications when he sends a PM, not when he receives one.

Find the fire hydrant in my Avatar for a prize.
erikalui
Legendary
*
Offline Offline

Activity: 1764
Merit: 1053



View Profile WWW
June 05, 2019, 07:27:56 AM
 #7

Better than that, can't we have access to our own IP logs? We get such information from exchanges and even Google so if possible, we can see if any other IP address has been accessing your account. Also, if the login IP changes, it would be better if we receive notifications via email and a 2FA like exchanges do.




.




  ▄▄▄▄▄▄▄▄▄▄▄▄▄
▄████████▀▀▀▀███▄
███████▀     ████
███████   ███████
█████        ████
███████   ███████
▀██████   ██████▀
  ▀▀▀▀▀   ▀▀▀▀▀

  ▄▄▄▄▄▄▄▄▄▄▄▄▄
▄██▀▀▀▀▀▀▀▀▀▀▀██▄
██    ▄▄▄▄▄ ▀  ██
██   █▀   ▀█   ██
██   █▄   ▄█   ██
██    ▀▀▀▀▀    ██
▀██▄▄▄▄▄▄▄▄▄▄▄██▀
  ▀▀▀▀▀▀▀▀▀▀▀▀▀

            ▄▄▄
█▄▄      ████████▄
 █████▄▄████████▌
▀██████████████▌
  █████████████
  ▀██████████▀
   ▄▄██████▀
    ▀▀▀▀▀

    ██  ██
  ███████████▄
    ██      ▀█
    ██▄▄▄▄▄▄█▀
    ██▀▀▀▀▀▀█▄
    ██      ▄█
  ███████████▀
    ██  ██




               ▄
       ▄  ▄█▄ ▀█▀      ▄
      ▀█▀  ▀   ▄  ▄█▄ ▀█▀
███▄▄▄        ▀█▀  ▀     ▄▄▄███       ▐█▄    ▄█▌   ▐█▌   █▄    ▐█▌   ████████   █████▄     ██    ▄█████▄▄   ▐█████▌
████████▄▄           ▄▄████████       ▐███▄▄███▌   ▐█▌   ███▄  ▐█▌      ██      █▌  ▀██    ██   ▄██▀   ▀▀   ▐█
███████████▄       ▄███████████       ▐█▌▀██▀▐█▌   ▐█▌   ██▀██▄▐█▌      ██      █▌   ▐█▌   ██   ██          ▐█████▌
 ████████████     ████████████        ▐█▌    ▐█▌   ▐█▌   ██  ▀███▌      ██      █▌  ▄██    ██   ▀██▄   ▄▄   ▐█
  ████████████   ████████████         ▐█▌    ▐█▌   ▐█▌   ██    ▀█▌      ██      █████▀     ██    ▀█████▀▀   ▐█████▌
   ▀███████████ ███████████▀
     ▀███████████████████▀
        ▀▀▀█████████▀▀▀
FIND OUT MORE AT MINTDICE.COM
logfiles
Copper Member
Sr. Member
****
Offline Offline

Activity: 364
Merit: 307


Citizen of The Bitcoin Republic


View Profile WWW
June 05, 2019, 07:57:31 AM
 #8

If it's just an Option that can be checked and unchecked, then the hackers will disable the option when they are using victims' accounts to send messages just like they would u check "save copy to my inbox"

My suggestion is that maybe we have the account automatically locked when there is a sudden change in the IP address log from the usual pattern accompanied with a verification email with information about a mandatory security check.

2FA like exchanges do.
2FA will not be implemented on this forum software. Maybe on the new forum software. This has been suggested multiple times but nothing has been done.

          ▄▄████▄▄
      ▄▄███▀    ▀███▄▄
   ▄████████▄▄▄▄████████▄
  ▀██████████████████████▀
▐█▄▄ ▀▀████▀    ▀████▀▀ ▄▄██
▐█████▄▄ ▀██▄▄▄▄██▀ ▄▄██▀  █
▐██ ▀████▄▄ ▀██▀ ▄▄████  ▄██
▐██  ███████▄  ▄████████████
▐██  █▌▐█ ▀██  ██████▀  ████
▐██  █▌▐█  ██  █████  ▄█████
 ███▄ ▌▐█  ██  ████████████▀
  ▀▀████▄ ▄██  ██▀  ████▀▀
      ▀▀█████  █  ▄██▀▀
         ▀▀██  ██▀▀
WINDICE████
██
██
██
██
██
██
██
██
██
██
██
██
████
      ▄████████▀
     ▄████████
    ▄███████▀
   ▄███████▀
  ▄█████████████
 ▄████████████▀
▄███████████▀
     █████▀
    ████▀
   ████
  ███▀
 ██▀
█▀

██
██
██
██
██
██
██
██
██
██
██
██
     ▄▄█████▄   ▄▄▄▄
    ██████████▄███████▄
  ▄████████████████████▌
 ████████████████████████
▐████████████████████████▌
 ▀██████████████████████▀
     ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
     ▄█     ▄█     ▄█
   ▄██▌   ▄██▌   ▄██▌
   ▀▀▀    ▀▀▀    ▀▀▀
       ▄█     ▄█
     ▄██▌   ▄██▌
     ▀▀▀    ▀▀▀

██
██
██
██
██
██
██
██
██
██
██
██
                   ▄█▄
                 ▄█████▄
                █████████▄
       ▄       ██ ████████▌
     ▄███▄    ▐█▌▐█████████
   ▄███████▄   ██ ▀███████▀
 ▄███████████▄  ▀██▄▄████▀
▐█ ▄███████████    ▀▀▀▀
█ █████████████▌      ▄
█▄▀████████████▌    ▄███▄
▐█▄▀███████████    ▐█▐███▌
 ▀██▄▄▀▀█████▀      ▀█▄█▀
   ▀▀▀███▀▀▀
████
  ██
  ██
  ██
  ██
  ██
  ██
  ██
  ██
  ██
  ██
  ██
  ██
████


▄▄████████▄▄
▄████████████████▄
▄████████████████████▄
███████████████▀▀  █████
████████████▀▀      ██████
▐████████▀▀   ▄▄     ██████▌
▐████▀▀    ▄█▀▀     ███████▌
▐████████ █▀        ███████▌
████████ █ ▄███▄   ███████
████████████████▄▄██████
▀████████████████████▀
▀████████████████▀
▀▀████████▀▀
██████
██████
███
███
███
███
███
███
███
███
███
███
██████
██████
.Play Now.██████
██████
   ███
   ███
   ███
   ███
   ███
   ███
   ███
   ███
   ███
   ███
██████
██████
LoyceV
Legendary
*
Offline Offline

Activity: 1610
Merit: 4594


Largest Merit Circle on BPIP!


View Profile WWW
June 05, 2019, 08:02:01 AM
 #9

I don't think this is going to help. I have 1847 sent messages. If I would have received 1847 emails, I would have disabled that option a long time ago, or filter them to be deleted.

Better than that, can't we have access to our own IP logs? We get such information from exchanges and even Google so if possible, we can see if any other IP address has been accessing your account.
That wouldn't only work for you, it would also give someone who gains access to your account access to your IP (and approximate location).


I've seen cases indeed where a hacker doesn't change the password so the account doesn't get locked. I'd say that means the account locking and recovery system is starting to pay off!
It's still quite rare to happen, so a solution that can only prevent a small fraction of this rare thing won't really help much.

erikalui
Legendary
*
Offline Offline

Activity: 1764
Merit: 1053



View Profile WWW
June 05, 2019, 08:03:06 AM
 #10


2FA will not be implemented on this forum software. Maybe on the new forum software. This has been suggested multiple times but nothing has been done.

2FA has not been considered for the new forum software but something like an email notification when the IP changes also would prove to be useful. Your suggestion of locking such an account also would be good but people would keep complaining everytime their account gets locked so a notification also would suffice.




.




  ▄▄▄▄▄▄▄▄▄▄▄▄▄
▄████████▀▀▀▀███▄
███████▀     ████
███████   ███████
█████        ████
███████   ███████
▀██████   ██████▀
  ▀▀▀▀▀   ▀▀▀▀▀

  ▄▄▄▄▄▄▄▄▄▄▄▄▄
▄██▀▀▀▀▀▀▀▀▀▀▀██▄
██    ▄▄▄▄▄ ▀  ██
██   █▀   ▀█   ██
██   █▄   ▄█   ██
██    ▀▀▀▀▀    ██
▀██▄▄▄▄▄▄▄▄▄▄▄██▀
  ▀▀▀▀▀▀▀▀▀▀▀▀▀

            ▄▄▄
█▄▄      ████████▄
 █████▄▄████████▌
▀██████████████▌
  █████████████
  ▀██████████▀
   ▄▄██████▀
    ▀▀▀▀▀

    ██  ██
  ███████████▄
    ██      ▀█
    ██▄▄▄▄▄▄█▀
    ██▀▀▀▀▀▀█▄
    ██      ▄█
  ███████████▀
    ██  ██




               ▄
       ▄  ▄█▄ ▀█▀      ▄
      ▀█▀  ▀   ▄  ▄█▄ ▀█▀
███▄▄▄        ▀█▀  ▀     ▄▄▄███       ▐█▄    ▄█▌   ▐█▌   █▄    ▐█▌   ████████   █████▄     ██    ▄█████▄▄   ▐█████▌
████████▄▄           ▄▄████████       ▐███▄▄███▌   ▐█▌   ███▄  ▐█▌      ██      █▌  ▀██    ██   ▄██▀   ▀▀   ▐█
███████████▄       ▄███████████       ▐█▌▀██▀▐█▌   ▐█▌   ██▀██▄▐█▌      ██      █▌   ▐█▌   ██   ██          ▐█████▌
 ████████████     ████████████        ▐█▌    ▐█▌   ▐█▌   ██  ▀███▌      ██      █▌  ▄██    ██   ▀██▄   ▄▄   ▐█
  ████████████   ████████████         ▐█▌    ▐█▌   ▐█▌   ██    ▀█▌      ██      █████▀     ██    ▀█████▀▀   ▐█████▌
   ▀███████████ ███████████▀
     ▀███████████████████▀
        ▀▀▀█████████▀▀▀
FIND OUT MORE AT MINTDICE.COM
mikeywith
Hero Member
*****
Offline Offline

Activity: 532
Merit: 1176


be constructive or S.T.F.U


View Profile
June 05, 2019, 08:04:32 AM
 #11

"a default setting that can't be changed and message saved in outbox can only be deleted after certain number of days like 90days period.

This seems like a better option ( 90 days is a lot , maybe 30 ?) since there is no guarantee the user will see the Email before their account is used to scam, or maybe the two together for better security? But most importantly people should start using more complex passwords and take care of their own accounts security, babysitting does not always solve the problem.

Quote
Or requesting a confirmation via email before a PM can be sent?

No please , ain't nobody got time for that.

iasenko
Hero Member
*****
Online Online

Activity: 686
Merit: 1213


Running my first Full Node :)


View Profile WWW
June 05, 2019, 08:12:17 AM
 #12

Maybe just have a visible statistics of sent messages per day/week/month instead of notifications, like
Messages sent today 0.  I don't know where it could be placed but should be on a easy-to-spot place.

Pmalek
Legendary
*
Offline Offline

Activity: 1064
Merit: 1141



View Profile
June 05, 2019, 08:44:23 AM
Merited by suchmoon (4)
 #13

Having an option like that would only make sense if the option can't be turned off. If a hacker manages to gain access to an account and un-tick the option for sending a notification via email when a PM is sent we are back to square one.

But in that case we will encounter the problem that LoyceV highlighted. Possibly getting 1000 emails and notifications of sent PMs.

The best option I think is having all sent PMs automatically go to the Outbox folder like CryptopreneurBrainboss suggested.   
 

████████████████████████████
████████▀▀ █▀ █▀ ▀██████████
█████████▄ ▄▄▄▄▄▄███████████
██████████▀     ▀  ▀████████
███████▀ ▀  ▄█▀▀▀█▀▀████████
██████▄      █▄  ▀▀  ▀██████
██████         ▄▄█▄ ▄ ▀█████
█████ ▄         ▀▀ ▄ ▀ █████
██████▌          █▀█▀ ▐█████
███████  ▄▌         ▄ ██████
████████▄█         ▄████████
█████████▀     ▄▄ ▄█████████
████████████████████████████
.JACKMATE'S...........
.
MAJESTIC..
████████████████████████
███████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
.
..WIN 1 BITCOIN ON EVERY PREMIER LEAGUE MATCHDAY..
████████████████████████████████
████████████▀█▀ ▀█▀█▀███████████
███████████▄ ▄▄▄▄▄▄▄████████████
███████████▀▀▄▄▄▄▄▄▄▄███████████
█████████▀▄ ██▀▄▄▄ ▀ ▄▀█████████
███████▀ ▀█████▄▄▄█▄▄▄██████████
███████▀▄████████▀  ▀█ █▐███████
███████ ▀█████████▄█▀▀██ ███████
████████ ███▀██████ ▄ ██ ███████
████████▌▐▀▄ ██████████ ▄███████
█████████▄██▌▐█████▀██ █████████
████████████▄▀▀▀▀▀▄ ▀▄██████████
████████████████████████████████
.
.JOIN US - IT'S FREE! .
bones261
Legendary
*
Offline Offline

Activity: 1680
Merit: 1695


KnowNoBorders.io


View Profile
June 05, 2019, 12:45:37 PM
Last edit: June 05, 2019, 12:59:13 PM by bones261
 #14

If it's just an Option that can be checked and unchecked, then the hackers will disable the option when they are using victims' accounts to send messages just like they would u check "save copy to my inbox"

My suggestion is that maybe we have the account automatically locked when there is a sudden change in the IP address log from the usual pattern accompanied with a verification email with information about a mandatory security check.
2FA will not be implemented on this forum software. Maybe on the new forum software. This has been suggested multiple times but nothing has been done.
     I already thought about hackers disabling the option.
    Also, an e-mail notification would be sent whenever someone decides to opt-in or opt-out.
If a hacker was trying to cover his tracks by disabling, sending PM and then enabling again, you would get 3 e-mails. It would probably be better if someone had the option of getting a text by phone. However, I'm not sure this is possible, or if this site even wants to store something as sensitive as a phone number.


How about the option of making the "save a copy to my outbox" a default setting that can't be changed and message saved in outbox can only be deleted after certain number of days like 30days period.


Some people may not want a certain PM stored in their outbox for any period of time. They may want to convey some personal information that they also request the receiver delete when they are done with it. I realize there are better ways to go about this, though.

   ▄▄██████▄▄
  ████████████
███▄▄
 ██████████████▀▀▀██▄
████████████████   ▀██▄
████████████████     ▀██
██████████████       ██▌
██████████████        ▐██
██▌▀▀██████▀▀         ▐██
▐██                   ██▌
 ██▄                 ▄██
  ▀██▄             ▄██▀
    ▀██▄▄▄     ▄▄▄██▀
      ▀▀█████████▀▀
MAIN CLUB
PARTNER of
W A T F O R D  FC
Industry Leading Crypto Sportsbook
|
SPECIAL
WATFORD FC
PROMOTIONS
|
UNIQUE
CONTENT &
GIVEAWAYS
|
▄▄█████████▄▄
▄█████████████████▄
▄██████████▀▀▀▀███████▄
▄█████████▀     ████████▄
▄██████████   ████████████▄
█████████        ██████████
█████████▄▄   ▄▄███████████
███████████   █████████████
▀██████████   ████████████▀
▀█████████   ███████████▀
▀████████▄▄▄██████████▀
▀█████████████████▀
▀▀█████████▀▀
.PLAY  HERE.
[/t
erikalui
Legendary
*
Offline Offline

Activity: 1764
Merit: 1053



View Profile WWW
June 05, 2019, 01:14:00 PM
 #15

Having an option like that would only make sense if the option can't be turned off. If a hacker manages to gain access to an account and un-tick the option for sending a notification via email when a PM is sent we are back to square one.

But in that case we will encounter the problem that LoyceV highlighted. Possibly getting 1000 emails and notifications of sent PMs.

The best option I think is having all sent PMs automatically go to the Outbox folder like CryptopreneurBrainboss suggested.   
 

Can't the hacker delete the sent PMs from the user's account? When they can send PMs without the knowledge of the user, they can easily delete their own sent PMs as well as we can do now manually.




.




  ▄▄▄▄▄▄▄▄▄▄▄▄▄
▄████████▀▀▀▀███▄
███████▀     ████
███████   ███████
█████        ████
███████   ███████
▀██████   ██████▀
  ▀▀▀▀▀   ▀▀▀▀▀

  ▄▄▄▄▄▄▄▄▄▄▄▄▄
▄██▀▀▀▀▀▀▀▀▀▀▀██▄
██    ▄▄▄▄▄ ▀  ██
██   █▀   ▀█   ██
██   █▄   ▄█   ██
██    ▀▀▀▀▀    ██
▀██▄▄▄▄▄▄▄▄▄▄▄██▀
  ▀▀▀▀▀▀▀▀▀▀▀▀▀

            ▄▄▄
█▄▄      ████████▄
 █████▄▄████████▌
▀██████████████▌
  █████████████
  ▀██████████▀
   ▄▄██████▀
    ▀▀▀▀▀

    ██  ██
  ███████████▄
    ██      ▀█
    ██▄▄▄▄▄▄█▀
    ██▀▀▀▀▀▀█▄
    ██      ▄█
  ███████████▀
    ██  ██




               ▄
       ▄  ▄█▄ ▀█▀      ▄
      ▀█▀  ▀   ▄  ▄█▄ ▀█▀
███▄▄▄        ▀█▀  ▀     ▄▄▄███       ▐█▄    ▄█▌   ▐█▌   █▄    ▐█▌   ████████   █████▄     ██    ▄█████▄▄   ▐█████▌
████████▄▄           ▄▄████████       ▐███▄▄███▌   ▐█▌   ███▄  ▐█▌      ██      █▌  ▀██    ██   ▄██▀   ▀▀   ▐█
███████████▄       ▄███████████       ▐█▌▀██▀▐█▌   ▐█▌   ██▀██▄▐█▌      ██      █▌   ▐█▌   ██   ██          ▐█████▌
 ████████████     ████████████        ▐█▌    ▐█▌   ▐█▌   ██  ▀███▌      ██      █▌  ▄██    ██   ▀██▄   ▄▄   ▐█
  ████████████   ████████████         ▐█▌    ▐█▌   ▐█▌   ██    ▀█▌      ██      █████▀     ██    ▀█████▀▀   ▐█████▌
   ▀███████████ ███████████▀
     ▀███████████████████▀
        ▀▀▀█████████▀▀▀
FIND OUT MORE AT MINTDICE.COM
DdmrDdmr
Hero Member
*****
Offline Offline

Activity: 616
Merit: 2655

There are lies, damned lies and statistics. MTwain


View Profile WWW
June 05, 2019, 02:43:11 PM
 #16

<…>
What if there's an email notification every time a user login on its forum account to top this. And with this ,
Quote
Perhaps these e-mails can also come with an option to lock the account.
I’d say that this is a better option. A person can perform a silent hack into someone’s account (not changing the credentials nor email) and not just PM some shady stuff, but also create posts such as those seen recently in this and other threads: Please disable Fake ANNs download links , theymos !. A couple of related cases were reported as silent hacks, and verified to be so to the extent that can be done through taking a look at the IP logs.

An email notification when someone logs into an account could be useful in order to act as quick as possible. This could have it’s tweaks such as only notify when you do so from a new IP (to delimit the number of notifications), and have an opt-in option to activate it.

ReverseDirect
Newbie
*
Offline Offline

Activity: 2
Merit: 0


View Profile
June 05, 2019, 03:04:44 PM
 #17

If it's just an Option that can be checked and unchecked, then the hackers will disable the option when they are using victims' accounts to send messages just like they would u check "save copy to my inbox"

My suggestion is that maybe we have the account automatically locked when there is a sudden change in the IP address log from the usual pattern accompanied with a verification email with information about a mandatory security check.
2FA will not be implemented on this forum software. Maybe on the new forum software. This has been suggested multiple times but nothing has been done.
     I already thought about hackers disabling the option.
    Also, an e-mail notification would be sent whenever someone decides to opt-in or opt-out.
If a hacker was trying to cover his tracks by disabling, sending PM and then enabling again, you would get 3 e-mails. It would probably be better if someone had the option of getting a text by phone. However, I'm not sure this is possible, or if this site even wants to store something as sensitive as a phone number.


How about the option of making the "save a copy to my outbox" a default setting that can't be changed and message saved in outbox can only be deleted after certain number of days like 30days period.


Some people may not want a certain PM stored in their outbox for any period of time. They may want to convey some personal information that they also request the receiver delete when they are done with it. I realize there are better ways to go about this, though.

I don't like the idea of sharing your phone number in this forum. This beats the purpose of anonymity and the hacker will get far more valuable information if they can check out your phone number after hacking your account.
I really like the idea of changing the password via email only. This will ensure that a foreign IP cannot log you out of your account. If notifying by email isn't possible, maybe share the login time and all the activities of the user's database on another website? This will also help Mods trace out scammers. The fact that you can delete all your past activities in a forum where a transaction is built on trust is scary.
DireWolfM14
Hero Member
*****
Offline Offline

Activity: 518
Merit: 752



View Profile WWW
June 05, 2019, 03:18:24 PM
Merited by Jet Cash (2)
 #18

Having an option like that would only make sense if the option can't be turned off.

This is true, and would be a pain in the ass in my opinion.   I don't need a notification sent to my email whenever I send a PM.  I'm already getting notifications for received PMs, and I hate to say it but the Maggiordomo bot has been getting a bit irritating in that regard.  Removing the option to not save outgoing PM in the outbox isn't going to do much, because the hacker can just delete the message after it's sent.  

The situation that spurred bones to create this topic is a bit concerning, but I would like to think it's an isolated case.  I don't recall learning about any other situation with a similar account breach.  

Since most of us are into cryptocurrency we should all understand the importance of self reliance and accountability when it comes to our own security.  Maybe some people don't take the security of their forum account as seriously as their bitcoin wallet, but maybe that's what needs to change.  This is especially true for those of us who've developed a trusted reputation here, it's not only our account and reputation that are on the line, but someone may get scammed.   Continuing to ask theymos to implement troublesome features to compensate for a few members' lack of accountability and responsibility isn't a great solution.

bones261
Legendary
*
Offline Offline

Activity: 1680
Merit: 1695


KnowNoBorders.io


View Profile
June 05, 2019, 03:52:49 PM
Last edit: June 05, 2019, 04:20:28 PM by bones261
 #19

I have changed the poll and topic to explore if it would be better to just have the option to get notified whenever they log in.

Edit: I forgot to take a screen shot of the previous poll. It was 9 to 5 in favor of adding an option to get e-mail notification when sending a PM.

   ▄▄██████▄▄
  ████████████
███▄▄
 ██████████████▀▀▀██▄
████████████████   ▀██▄
████████████████     ▀██
██████████████       ██▌
██████████████        ▐██
██▌▀▀██████▀▀         ▐██
▐██                   ██▌
 ██▄                 ▄██
  ▀██▄             ▄██▀
    ▀██▄▄▄     ▄▄▄██▀
      ▀▀█████████▀▀
MAIN CLUB
PARTNER of
W A T F O R D  FC
Industry Leading Crypto Sportsbook
|
SPECIAL
WATFORD FC
PROMOTIONS
|
UNIQUE
CONTENT &
GIVEAWAYS
|
▄▄█████████▄▄
▄█████████████████▄
▄██████████▀▀▀▀███████▄
▄█████████▀     ████████▄
▄██████████   ████████████▄
█████████        ██████████
█████████▄▄   ▄▄███████████
███████████   █████████████
▀██████████   ████████████▀
▀█████████   ███████████▀
▀████████▄▄▄██████████▀
▀█████████████████▀
▀▀█████████▀▀
.PLAY  HERE.
[/t
darklus123
Hero Member
*****
Offline Offline

Activity: 1106
Merit: 582


LocalEthereum.com


View Profile
June 05, 2019, 03:54:40 PM
 #20

Quote
to be notified by e-mail whenever a PM is sent from your account?
There is actually an option like this. I've been receiving email notifications everytime a got a pmed.

I think the best thing to do right now than waiting for theymos to do your suggestions which is actually has a very  small percentage of getting considered. Try to add a 2fa security for a higher security of your account. Here is a very good guide

https://bitcointalk.org/index.php?topic=5041789.0;all

Here as well
Why even bother to use Google Authenticator? You can download a open source 2FA app such as andOTP[1] that has the option to backup and restore 2FA codes. Then, you can just set up your 2FA and upload an encrypted backup to any free cloud provider you want. Never losing access to your accounts again.

[1] https://play.google.com/store/apps/details?id=org.shadowice.flocke.andotp&hl=pt_BR


Note: It is mainly your responsibility to take good care of your account and add up as much security as you can so you don't have to rely on the current forum features.

████
████
████
████
████          
████             █████████▄
████           ██████████████
████          ██████     ██████
████         ██████       █████
██████████████████████████████
█████████████████████████████▀
              ██████▄
               ██████████████
                 ████████████
  LocalEthereum    50+ Ways To Buy & Sell Ethereum (ETH)   ▄████████████████████▄
██████████████████████
██████████████████████
██████▀▀██████████████
████▀░░░░▀████████████
███▀░░▄▄░░░░░░░░░░████
███▄░░▀▀░░▄▄░░▄▄░░████
████▄░░░░▄██▄▄██▄▄████
██████▄▄██████████████
██████████████████████
██████████████████████
▀████████████████████▀
▄████████████████████▄
██████████████████████
██████████████████████
█████░░▀▀░░░░▀▀░░█████
█████░░░░░░░░░▄░░█████
█████▄░░░░░░▄▀░░▄█████
██████░░░▀▄▀░░░░██████
███████░░░░░░░░███████
████████░░░░░░████████
█████████▄░░▄█████████
██████████████████████
▀████████████████████▀
No verificationsNon-Custodial
Built-in Escrow   ● External Wallet Integration
Pages: [1] 2 3 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!