Create an option to get an e-mail notification someone logs in

[erikalui]

It's tricky to get email notifications right so that they're not too spammy. Maybe later.

For now, I added this page where you can see your IP logs for the past 30 days: https://bitcointalk.org/myips.php . You could pretty easily write a userscript to periodically check this and warn you if it's weird. (But don't scrape it on every pageload.)

I don't want to make older IP logs automatically accessible because that'd give a hacker a bunch of useful/sensitive information. But 30 days is probably not too harmful.

I can see my log now but it's mainly Unknown city and unknown country and plus today my logs don't show an IP address at all.

[o_e_l_e_o]

I have been logging from various locations, but some are definitely out of my recognised range.
Country is the same, but very strange IP locations popping out here and there.

If you browse on mobile, your IP assigned to you by your carrier can frequently change, and may not always be geographically accurate. The best way to check is to see what your IP is on your mobile, and check it directly against your logs.

As someone who always connects via a VPN, I'll need to build a small database of all the VPN servers I use and their public IPs, and then cross reference that against my logs periodically to be completely sure, but there's nothing I can see at the moment that stands out at me.

[darklus123]

The log looks suspicious,
I have been logging from various locations, but some are definitely out of my recognised range.
Country is the same, but very strange IP locations popping out here and there.
I am going to change my password anyway.
This is the minimum required action.
But anyway this log need some double checking.

That is because of your service provider. I am not so sure if that is because they are using the Ip from the towers you are at.

Just like in the philippines the service provider just really sucks. You might even get similar IP from other people who uses the same service.

As long as you can recognize the date youve log in. I think thats just fine

[madnessteat]

I think that this innovation (https://bitcointalk.org/myips.php) can create an anonymous threat to users who do not use all sorts of anonymizers (using a static IP address). For example if a hacker were to gain access to a user account they could be restored by a signed message but the anonymity of the user would be compromised. In my opinion this is a call to use VPN services. Am I right?

[motienvolam]

I think that this innovation (https://bitcointalk.org/myips.php) can create an anonymous threat to users who do not use all sorts of anonymizers (using a static IP address). For example if a hacker were to gain access to a user account they could be restored by a signed message but the anonymity of the user would be compromised. In my opinion this is a call to use VPN services. Am I right?

How do hackers sign a message? Can you explain more about it, please. In my opinion, if real owners already signed a message previously before their accounts hacked. When they want to get accounts back, they have to sign another message with the same address. Hackers mostly can not have access to address used to sign message before. Personally, I think IPs show in that page only help users to discover strange IPs in their accounts' IP list, then if needed, they can change passwords of their accounts to have better security. It is just a preventive protectioin for users.
If accounts really hacked, real users can get their accounts back if they can show good proofs required in recovery process.

[madnessteat]

~snip~

I'm sorry. I understand that this is done for personal monitoring of IP addresses. I probably made a mistake because I still don't speak English well. I meant that if a hacker gets access to the account, he will be able to find out the IP address belonging to the owner of the account.

[kenzawak]

Hi everyone,

As you can imagine, I've been very busy the last three days trying to figure this thing out and improving my security here.
For those who don't know, I'm the OP of the thread that led to all this.

If I had any idea how I got hacked, I would share it, really. I haven't kept anything to myself in the other thread.
I was told hacking from a public wifi wasn't easy to do. I honestly don't know if it is or not. I don't know what can be done and how.

It seems that only my account here was compromised. Other accounts (bank, emails, wallets, exchanges...) seem ok.
That reinforces the idea that I was targeted because of my rep here.
So maybe, it comes from a phishing link or a malware that I would have downloaded here ? Even though I don't see myself doing it, I might have clicked the wrong thing, honestly I don't know.  

I've been using my wife's laptop for the past three days and I formatted my PC. The last IP logs (thank you Theymos for that) match so it looks safe . I'll definitely check on those very often.

I'm just a regular guy, definitely no tech expert. I apply basic recommendations, never thought this could happen to me and yet it did. I don't think anyone can say they're 100% safe.

These are my last IP logs. The ones in France match. Maybe you guys should check your own logs to see if any of those IPs shows up in them.

[asche]

As I proposed a few days ago in the thread mentioned in OP by bones, the smartest way to implement this would be sending an email either

• Connection from a new ip, which you need to validate in the email
• Or, connection from a different geographical region, which you could also validate through a link sent to you

Of course this would have to be an opt in option since some people might have used dispensable email accounts to create their account here.

However maybe this could be enforced and encourage people to change their email address to one they actually have access to.

[kenzawak]

Maybe just have a visible statistics of sent messages per day/week/month instead of notifications, like
Messages sent today 0.  I don't know where it could be placed but should be on a easy-to-spot place.

I like this idea as well, not sure if it's doable though.

[r1s2g3]

I am not liking the idea of ip log that is getting shared. The best way is 2FA and we are creating another complex solution that is not going to solve the problem.

What if , if hacker is also in same city?

[asche]

2FA can be and has been breached before.

Accessing iplogs IS a security feature as long as it is private to the user only.

So is a notification when a log in happens.

Both features exist on most secured websites like exchanges. I don't see how this would weaken the security of your forum account.