jhonjhon
|
|
May 02, 2020, 10:56:24 PM |
|
At this time, I believe everyone is looking at the safety assurance of our money, and not that email option could make it safer than having option two (2FA).
If someone/somebody has an interest in your wallet, it surely they crack your keys when you are just having an option 1. Yes, I was experiencing it early this year, I received the notification that someone would like to transfer money out from my wallet. Maybe I was lucky because he/she was not able to get the code from my email and that it change my mind, and I have to config my account and change into a 2FA option. That makes safer than I was thinking about.
|
|
|
|
noormcs5
|
|
May 02, 2020, 11:10:50 PM |
|
Option 1: Email Based Authentication
Option 2: Keys Based Authentication
I will go with the email based authentication. I am a part time gambler and therefore i do not put a big amount of money on gambling sites. So i will prefer an easy authentication method based on email. If i had a lot of money deposited on gambling sites, then for sure the Keys Based Authentication best suited me.
|
..Stake.com.. | | | ▄████████████████████████████████████▄ ██ ▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄ ██ ▄████▄ ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██ ██████ ██ ██████████ ██ ██ ██████████ ██ ▀██▀ ██ ██ ██ ██████ ██ ██ ██ ██ ██ ██ ██████ ██ █████ ███ ██████ ██ ████▄ ██ ██ █████ ███ ████ ████ █████ ███ ████████ ██ ████ ████ ██████████ ████ ████ ████▀ ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██ ██ ▀▀▀▀▀▀▀▀▀▀ ██ ▀█████████▀ ▄████████████▄ ▀█████████▀ ▄▄▄▄▄▄▄▄▄▄▄▄███ ██ ██ ███▄▄▄▄▄▄▄▄▄▄▄▄ ██████████████████████████████████████████ | | | | | | ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄ █ ▄▀▄ █▀▀█▀▄▄ █ █▀█ █ ▐ ▐▌ █ ▄██▄ █ ▌ █ █ ▄██████▄ █ ▌ ▐▌ █ ██████████ █ ▐ █ █ ▐██████████▌ █ ▐ ▐▌ █ ▀▀██████▀▀ █ ▌ █ █ ▄▄▄██▄▄▄ █ ▌▐▌ █ █▐ █ █ █▐▐▌ █ █▐█ ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█ | | | | | | ▄▄█████████▄▄ ▄██▀▀▀▀█████▀▀▀▀██▄ ▄█▀ ▐█▌ ▀█▄ ██ ▐█▌ ██ ████▄ ▄█████▄ ▄████ ████████▄███████████▄████████ ███▀ █████████████ ▀███ ██ ███████████ ██ ▀█▄ █████████ ▄█▀ ▀█▄ ▄██▀▀▀▀▀▀▀██▄ ▄▄▄█▀ ▀███████ ███████▀ ▀█████▄ ▄█████▀ ▀▀▀███▄▄▄███▀▀▀ | | | ..PLAY NOW.. |
|
|
|
pakhitheboss
|
|
May 03, 2020, 12:36:57 AM |
|
Account security and anonymity have major importance in crypto gambling industry. I will explain two authentication processes and their pros/cons that an under-development project is considering. Through this thread I want to take views/suggestions of the community on the better of the two processes. Here are the candidates:
Option 1: Email Based Authentication
Under this option, you will be asked by casino to fill username, password and email id on registration. To increase the security, you will be asked to set-up 2FA authentication. To make withdrawal, you have to confirm email id.
Pros: Easy to use and remember system. Easy to retrieve system if password gets compromised.
Cons: Easy to hack and brute-force. Identity may be linked if same email is used somewhere else on web. Always need additional device (phone) to login (for 2FA code).
Option 2: Keys Based Authentication
Under this option, you will be asked to fill username and password on registration. Then a private code (long alphanumeric) will be generated for you and encoded with the help of password you entered in first step. Now you have to store private code somewhere safe. There onward, you have to paste private code and password to login into system.
Pros: Complete anonymity Highest degree of security. No one can hack or brute force your account even if database is compromised.
Cons: Extra care needed to maintain the security of private code. Since code is not saved anywhere on server side, losing code = losing account. One mistake and your account is gone. Impossible to change code. If you give away code to someone over phishing page, etc, then you cannot retrieve/secure the account again.
That's all. Which of the two systems would you prefer as a crypto gambler. Suggestions/views are welcome.
For me, option 1 is better than option 2 as I use the same email to access all my accounts and it is kind of easy to remember. I do not hold a lot in any of my accounts so in case if it gets hacked only a small amount will get stolen.
|
|
|
|
Twinkledoe
Full Member
Offline
Activity: 1904
Merit: 138
★Bitvest.io★ Play Plinko or Invest!
|
|
May 03, 2020, 09:20:00 AM |
|
At this time, I believe everyone is looking at the safety assurance of our money, and not that email option could make it safer than having option two (2FA).
If someone/somebody has an interest in your wallet, it surely they crack your keys when you are just having an option 1. Yes, I was experiencing it early this year, I received the notification that someone would like to transfer money out from my wallet. Maybe I was lucky because he/she was not able to get the code from my email and that it change my mind, and I have to config my account and change into a 2FA option. That makes safer than I was thinking about.
Based from the poll, the leading choice is the email based authentication. I am guessing that a lot of users here are not too worried with their account security. Though I prefer to have 2FA at least, but if I know that I will only be playing small amount, email auth is enough for me. Maybe, this is the reason why for some others email auth is more than enough because they are not playing big amounts.
|
|
|
|
jademaxsuy
|
|
May 03, 2020, 11:07:06 AM |
|
Option 1 won't linked your identity at all which you are not completely correct. Not all are creating an account with same email. Experts suggested that he/she should use different email on every site related to crypto which is why not all accounts will linked to their identity. So, i think the linking of identity will only happen when same email is used.
|
|
|
|
bitcoin-shark
|
|
May 03, 2020, 11:31:36 AM |
|
for me anonymity is very important so of course I prefer option two, just be a little careful and keep a possible code / private key safe for good as it happens for altcoins wallets
|
|
|
|
Sadlife
|
|
May 03, 2020, 09:36:41 PM |
|
I like email based authentication rather key code based security because once you've lost your private keys there's no way to recover your account. If ever that account gets hack or you've forgotten the password, why i prefer email based security is because some email provider sites now uses anti brute force security and implemented 2nd layer of security and that is captcha.
|
▄▄▄▀█▀▀▀█▀▄▄▄ ▀▀ █ █ ▀ █ █ █ ▄█▄ ▐▌ █▀▀▀▀▀▀█ █▀▀▀▀▀▀▀█ █ ▀█▀ █ █ █ █ █ █ ▄█▄ █▄▄▄▄▄▄▄▄█▄▄▄▄▄▄▄█ █ █ ▐▌ ▀█▀ █▀▀▀▄ █ █ ▀▄▄▄█▄▄ █ █ ▀▀▀▄█▄▄▄█▄▀▀▀ | . CRYPTO CASINO FOR WEB 3.0 | | . ► | | | ▄▄▄█▀▀▀ ▄▄████▀████ ▄████████████ █▀▀ ▀█▄▄▄▄▄ █ ▄█████ █ ▄██████ ██▄ ▄███████ ████▄▄█▀▀▀██████ ████ ▀▀██ ███ █ ▀█ █ ▀▀▄▄ ▄▄▄█▀▀ ▀▀▀▄▄▄▄ | | . OWL GAMES | | | . Metamask WalletConnect Phantom | | | | ▄▄▄███ ███▄▄▄ ▄▄████▀▀▀▀ ▀▀▀▀████▄▄ ▄ ▀▀▀▄▄▀▀▀▀▀▀▀▀▀▄▄▀▀▀ ▄ ██▀ ▄▀▀ ▀▀▄ ▀██ ██▀ █ ▄ ▄█▄▀ ▄ █ ▀██ ██▀ █ ███▄▄███████▄▄███ █ ▀██ █ ▐█▀ ▀█▀ ▀█▌ █ ██▄ █ ▐█▌ ▄██ ▄██ ▐█▌ █ ▄██ ██▄ ████▄ ▄▄▄ ▄████ ▄██ ██▄ ▀█████████████████▀ ▄██ ▀ ▄▄▄▀▀█████████▀▀▄▄▄ ▀ ▀▀████▄▄▄▄ ▄▄▄▄████▀▀ ▀▀▀███ ███▀▀▀ | | . DICE SLOTS BACCARAT BLACKJACK | | . GAME SHOWS POKER ROULETTE CASUAL GAMES | | ▄███████████████████▄ ██▄▀▄█████████████████████▄▄ ███▀█████████████████████████ ████████████████████████████▌ █████████▄█▄████████████████ ███████▄█████▄█████████████▌ ███████▀█████▀█████████████ █████████▄█▄██████████████▌ ██████████████████████████ █████████████████▄███████▌ ████████████████▀▄▀██████ ▀███████████████████▄███▌ ▀▀▀▀█████▀ |
|
|
|
chaser15
Legendary
Offline
Activity: 2688
Merit: 1065
Undeads.com - P2E Runner Game
|
|
May 03, 2020, 09:54:07 PM |
|
I disagree with option 1 that it's easy to hack and be brute-forced. It's possible but I don't think it will happen all the time. Just make sure that everything was set up securely and we should already know how to do this.
I found it hassle if these gambling sites will have the same feature as most exchanges today. Email-based should be enough and have the support help you just in case of account recovery.
|
|
|
|
Oilacris
|
|
May 03, 2020, 10:05:50 PM |
|
I disagree with option 1 that it's easy to hack and be brute-forced. It's possible but I don't think it will happen all the time. Just make sure that everything was set up securely and we should already know how to do this.
I found it hassle if these gambling sites will have the same feature as most exchanges today. Email-based should be enough and have the support help you just in case of account recovery.
It should be enough and its been used mostly by gambling sites.It doesnt really need to be that complicated because gamblers do come and go which means account security wont matter much because most of them would bust up in the end of the day. But well option 2 is good but not really that much important because creating a new gambling account is easy as 1,2,3 but doesnt need to complicate things up because email system is enough, yes it is less secured but its not really that a big issue in talks here on gambling field.
|
|
|
|
famososMuertos
Legendary
Offline
Activity: 1764
Merit: 2799
LE ☮︎ Halving es la purga
|
|
May 04, 2020, 12:32:55 AM |
|
Actually I have never seen weakness in either of these two methods in fact both are very safe the weakness on the part of the users.
In my case I move very well between both systems, by the way not all betting sites offer both systems at the same time, so in general what predominates is method one.
|
|
|
|
robelneo
Legendary
Offline
Activity: 3262
Merit: 1206
#SWGT CERTIK Audited
|
|
May 04, 2020, 01:09:14 AM |
|
I always prefer the email authentication the cons you mentioned between the two favors the email authentication many people prefer that way if you know how to fully secure your email it will be the best file keeper, I'm confident that all my files and keys are safe using my email, use all the available authentication for your email.
|
|
|
|
Hippocrypto
|
|
May 04, 2020, 01:42:15 AM |
|
Actually I have never seen weakness in either of these two methods in fact both are very safe the weakness on the part of the users.
In my case I move very well between both systems, by the way not all betting sites offer both systems at the same time, so in general what predominates is method one.
Yeah it's good that indeed if we're using those systems, but first and foremost email authentication is the only way to make it more safer. That's why we should have a legit mails to use and avoid any aliases, or even your mobile numbers must always be legit one. As a gambler we must be transparent to every transactions made to avoid any mess in the future.
|
|
|
|
kotajikikox
Full Member
Offline
Activity: 2394
Merit: 210
★Bitvest.io★ Play Plinko or Invest!
|
|
May 04, 2020, 10:49:19 AM |
|
Actually I have never seen weakness in either of these two methods in fact both are very safe the weakness on the part of the users.
Of course it is our responsibility to become safer because this is our money and we are the one who needs to keep the precautions. but there are instances that hackers or scammers mislead us and we cannot really prevent this in a lifetime. In my case I move very well between both systems, by the way not all betting sites offer both systems at the same time, so in general what predominates is method one.
Well that is mostly activated in gambling sites but Of course Email is mostly prone to scammers and sometimes hackers so better be aware and make sure to not clicking links instantly.
|
|
|
|
kayvie
|
|
May 04, 2020, 11:18:15 AM |
|
Option 1 is what we often used but I don't think that it is easy to hack just like you have said. Email also has their 2FA (SMS verification or authenticator) and that is something that really secures our email. It indeed requires an additional device to activate or to do the verification but it is better since it helps to secure your account.
|
|
|
|
7788bitcoin
Legendary
Offline
Activity: 2282
Merit: 1023
|
|
May 04, 2020, 01:43:29 PM |
|
I like the concept of Keys Based Authentication but i have not seen any site giving that option, in all the gambling site i enrolled i usually go with Email Based Authentication and would enable 2FA authentication and that too not mandatory for several sites until i deposit.
@OP are you planning to release your own gambling site with a key based authentication as i have seen your Face-Off game, can you list a couple of sites that has this feature enabled so that i wanted to try that out.
|
|
|
|
Distinctin
|
|
May 04, 2020, 02:11:13 PM |
|
I consider 2FA as the highest level of account security but should it needs to have it? Maybe it is not the ideal thing when you are not a big-time gambler because having $100 inside won't give the interest of the other people and that email confirmation is good enough. In fact, I didn't do any 2FA coz I see a big problem if ever I lost my phone and it is really hard to recover by then, but using option 1 could make you easy to access.
One thing we should have to do to make it safe, we must be careful in visiting sites.
|
| | . .Duelbits. | │ | ..........UNLEASH.......... THE ULTIMATE GAMING EXPERIENCE | │ | DUELBITS FANTASY SPORTS | ████▄▄▄█████▄▄▄ ░▄████████████████▄ ▐██████████████████▄ ████████████████████ ████████████████████▌ █████████████████████ ████████████████▀▀▀ ███████████████▌ ███████████████▌ ████████████████ ████████████████ ████████████████ ████▀▀███████▀▀ | . ▬▬ VS ▬▬ | ████▄▄▄█████▄▄▄ ░▄████████████████▄ ▐██████████████████▄ ████████████████████ ████████████████████▌ █████████████████████ ███████████████████ ███████████████▌ ███████████████▌ ████████████████ ████████████████ ████████████████ ████▀▀███████▀▀ | /// PLAY FOR FREE /// WIN FOR REAL | │ | ..PLAY NOW.. | |
|
|
|
matchi2011
Sr. Member
Offline
Activity: 1456
Merit: 267
Buy $BGL before it's too late!
|
|
May 04, 2020, 02:18:48 PM |
|
Option 1 is what we often used but I don't think that it is easy to hack just like you have said. Email also has their 2FA (SMS verification or authenticator) and that is something that really secures our email. It indeed requires an additional device to activate or to do the verification but it is better since it helps to secure your account.
If you understand how to secure your account just like what you have said, email can also be secured by means of 2fa if you configured and activate this from your account, regarding to option number 2 it's also good since you don't need to provide any information best for gamblers who wanted to have full anonymity to, types of players who wanted to play and go.
|
|
|
|
LbtalkL
|
|
May 04, 2020, 06:55:44 PM |
|
I prefer Option 2, I am concern with my info. Sometimes email-based authentication requires some permission to access your personal info, like numbers, birthday, etc. With this small info, they can try to hack or bypass and access our emails or some accounts, I am really concern with privacy and security. But in option 2 you need to store your keys carefully so that it cannot be stolen.
|
|
|
|
deisik
Legendary
Offline
Activity: 3444
Merit: 1280
English ⬄ Russian Translation Services
|
|
May 04, 2020, 07:36:38 PM |
|
Always need additional device (phone) to login (for 2FA code) In fact, you don't necessarily need anything extra for 2FA (like a cellphone or whatever). Just use a browser plugin instead and you are good to go. I'm using one myself for sites where 2FA is a requirement (with Google Chrome) Then a private code (long alphanumeric) will be generated for you and encoded with the help of password you entered in first step. Now you have to store private code somewhere safe. There onward, you have to paste private code and password to login into system I don't really see how it is different from going with password only. Your scheme would make our lives more difficult, not more secure, as far as I can tell. If they can steal your password, they will be able to steal your pass code as well. So the conclusion is simple and straightforward, 2FA does add to more security overall, while the second option presented does not (unless I'm missing something)
|
|
|
|
blockman
|
|
May 04, 2020, 07:41:37 PM |
|
Option 1 is what we often used but I don't think that it is easy to hack just like you have said. Email also has their 2FA (SMS verification or authenticator) and that is something that really secures our email. It indeed requires an additional device to activate or to do the verification but it is better since it helps to secure your account.
Ohh yes, I forgot about the authenticator that our email does whenever someone, a stranger logs in from an unknown IP. It will be questioned by the email provider and that's another security for the email authenticator that we used to register. The 2FA authenticator is another additional security that everybody should add.
|
|
|
|
|