DVlog (OP)
Full Member
 Offline
Activity: 476
Merit: 212
Tontogether | Save Smart & Win Big
|
 |
August 10, 2023, 05:29:05 PM |
|
Bitcointalk is a well-known forum in the crypto industry where being a reputable member is like a dream for many. There are some security measures that can be taken to protect your bitcoin talk account from being stolen or hacked. A user can add secret questions, and stake their BTC address in the forum to protect their account. Despite this sometimes accounts got hacked and are taken by hackers.
So why don't we add a Google authentication option as a security feature to the forum? This could prevent from account being stolen if the user never showed up after a long period of inactivity or his password has been compromised.
|
|
|
|
|
|
|
|
|
|
|
It is a common myth that Bitcoin is ruled by a majority of miners. This is not true. Bitcoin miners "vote" on the ordering of transactions, but that's all they do. They can't vote to change the network rules.
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
|
|
|
|
|
RapTarX
|
|
August 10, 2023, 06:21:27 PM |
|
When you can prove authenticity by signing a message from any of your old/staked bitcoin address. why bother having 2FA? Learn to sign message if you are worried about account comprising.
|
|
|
|
LTU_btc
Legendary
Offline
Activity: 3038
Merit: 1330
Slava Ukraini!
|
|
August 10, 2023, 07:21:59 PM |
|
When you can prove authenticity by signing a message from any of your old/staked bitcoin address. why bother having 2FA? Learn to sign message if you are worried about account comprising.
Signing a message from staked address is solution of issue when account already got compromised. But until case with your account will be resolved, hacker can make significant damage for you. While having 2FA would be prevention that such things wouldn't happen. |
|
|
|
|
un_rank
|
|
August 10, 2023, 07:31:25 PM |
|
2FA is a good security measure to prevent account thefts and has been suggested several times on the forum. Staked address is a measure to restore an already stolen account which can already have some damage dealt to the user, but 2FA prevents the damage from happening if done properly from the user. @PowerGlove created an SMF patch [1] to make it easier for theymos and he dropped some merits there suggesting that theymos is open to including it just as he did with the OP tag on the thread starter. Let us wait a bit and see if any changes occur. A user can add secret questions Secret questions have been disabled on the forum due to security risk. So why don't we add a Google authentication option as a security feature to the forum?
2FA is good, but Gogle authenticator is the worst privacy option. There are so many preferred ones which the forum can use, or opt for the one created by a forum user. [1] https://bitcointalk.org/index.php?topic=5457330.0- Jay - |
| .SHUFFLE.COM.. | ███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████ | ███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████ | .
...Next Generation Crypto Casino... |
|
|
|
|
PX-Z
|
... I don't think Theymos has the intention of implementing 2FA authentication in this forum anytime soon.
He is, and theymos already give a thumbs up on what PowerGlove is creating [1], it will be up anytime soon actually. But let's see until theymos implement it successfully coz it's something a pain in the as merging to the current forum. [1] https://bitcointalk.org/index.php?topic=5457330.0 |
|
|
|
|
Dr.Bitcoin_Strange
|
When you can prove authenticity by signing a message from any of your old/staked bitcoin address. why bother having 2FA? Learn to sign message if you are worried about account comprising.
There's a need for 2FA integration in the forum. just as PowerGlove has also suggested on the thread provided by un_rank, and many reputable members have also concurred with the idea because of the importance of more security features. Imagine someone gaining access to your account and taking a non-collateral loan of $5,000, or maybe the person posts a malware link that results in your account being banned. e.g. Someone Loan using My Account |
|
|
|
dzungmobile
Sr. Member
Offline
Activity: 714
Merit: 369
I stand with Ukraine!
|
|
August 11, 2023, 04:23:56 AM |
|
Many times it was asked and Bitcointalk with SMF software will not deploy it offcially. It is also because of limited human resource as theymos is the only who manage the forum software and he does not want to deploy new things which can cause potential security problems. You must know that 2FA is not a perfect protection for your account if you have practice. If your practice is good with password, Internet using, it is enough to protect your account without 2FA. Stake your Bitcoin address, message and PGP key too. [Guide] How to use strong and secure passwordStake your PGP key hereStake your Bitcoin address and message here |
|
|
|
Husires
Legendary
Offline
Activity: 1596
Merit: 1284
|
So why don't we add a Google authentication option as a security feature to the forum? This could prevent from account being stolen if the user never showed up after a long period of inactivity or his password has been compromised.
Recently, Google added the option of restoring the service by uploading data to the cloud, and certainly your data may be shared across several parties on the Internet. So Google authentication is bad for privacy and security. As much as 2FA is important, but all the data in this forum is available to everyone, there is rarely anything of interest in PM, and the steps to recover the account are quick, hacking forum accounts is nothing more than sabotage activity or for personal reasons. |
|
|
|
joniboini
Legendary
Offline
Activity: 2184
Merit: 1789
|
|
August 11, 2023, 10:52:22 AM |
|
Recently, Google added the option of restoring the service by uploading data to the cloud, and certainly your data may be shared across several parties on the Internet. So Google authentication is bad for privacy and security.
If it is an option, does this mean by default they won't do it? It would be terrible if they store your secret key somewhere and allowed someone to access it to expose everything. As much as 2FA is important, but all the data in this forum is available to everyone, there is rarely anything of interest in PM, and the steps to recover the account are quick, hacking forum accounts is nothing more than sabotage activity or for personal reasons.
It would be different for each user of course. A legendary account that has records of trading or something similar is a good target to attack if they want to scam someone. A good example is also given above. Adding more security features is always a welcome addition as long as it doesn't compromise anything else imo. |
| | .
.Duelbits. | │ | ..........UNLEASH..........
THE ULTIMATE
GAMING EXPERIENCE | │ | DUELBITS
FANTASY
SPORTS | ████▄▄▄█████▄▄▄
░▄████████████████▄
▐██████████████████▄
████████████████████
████████████████████▌
█████████████████████
████████████████▀▀▀
███████████████▌
███████████████▌
████████████████
████████████████
████████████████
████▀▀███████▀▀ | .
▬▬
VS
▬▬ | ████▄▄▄█████▄▄▄
░▄████████████████▄
▐██████████████████▄
████████████████████
████████████████████▌
█████████████████████
███████████████████
███████████████▌
███████████████▌
████████████████
████████████████
████████████████
████▀▀███████▀▀ | /// PLAY FOR FREE ///
WIN FOR REAL | │ | ..PLAY NOW.. | |
|
|
|
|
Sandra_hakeem
|
|
August 11, 2023, 07:43:06 PM |
|
The fuckin' SMF patch is yet to be enacted by Theymos... This also makes me feel he sees everything that's happening in here.., especially here in the meta- verse  he gave some merit to the post as wellI keep saying this - If it ain't safe, then it ain't worth the stress this whole time.... I don't think anyone would stay happy if Thier accounts are compromised all of a sudden. Sandra 🧑🦰 |
|
|
|
Cryptomultiplier
Full Member
Offline
Activity: 756
Merit: 180
Eloncoin.org - Mars, here we come!
|
|
August 11, 2023, 09:22:25 PM |
|
I was thinking more in the direction as to why it couldn't be possible to develop this Bitcointalk forum into an app that can be downloaded, or if it already exists, or the idea had been downplayed, please hint.
Otherwise and still, any good thought as this concerning security and privacy of accounts is always a welcomed read for me.
|
|
|
|
|
Adbitco
|
|
August 12, 2023, 10:45:01 AM |
|
To protect and increase your account security regularly changing of passwords can also help to improve your account safety. As reputable user you don't need to stressed yourself much and besides the dream of this forum is enable everyone has a seamless access and will power to control their account without any restrictions that limit people especially newbies not to have the utmost accessibility to the forum. The forum is place to teach and learn things that are related to bitcoin advancement and progression, adding any restrictions is like bridging the mission of Bitcointalk forum, henceforth any one and everyone are liable for their account security.
|
|
|
|
Timelord2067
Legendary
Offline
Activity: 3654
Merit: 2216
💲🏎️💨🚓
|
 |
August 12, 2023, 12:20:15 PM |
|
Signing a message became meaningless many years ago when it was uncovered accounts were being sold WITH a corresponding priv key to a wallet address that had been staked.
It's a dead end security feature.
The same for PGP/GPG keys which can likewise be ported.
|
|
|
|
Lucius
Legendary
Offline
Activity: 3234
Merit: 5634
Blackjack.fun-Free Raffle-Join&Win $50🎲
|
|
August 12, 2023, 01:32:17 PM |
|
I have nothing against additional security when it comes to our BTT accounts, but I wonder to what extent even 2FA would protect those who behave carelessly in protecting their private data. As we know, most CEX (perhaps even all of them) have some type of 2FA, but even such accounts are often hacked, because no one should be fooled that 2FA is some kind of ultimate solution for absolute security.
To protect and increase your account security regularly changing of passwords can also help to improve your account safety. security.
~snip~
If I have a strong password that consists of, say, 20+ random characters, and if that same password is stored in a way that I'm sure it's accessible only to me, what's the point of regularly changing the password? It can even be counterproductive if you pick up a keylogger in the meantime, and by changing your password you actually compromise yourself. |
.
.BLACKJACK ♠ FUN. | | | ███▄██████
██████████████▀
████████████
█████████████████
████████████████▄▄
░█████████████▀░▀▀
██████████████████
░██████████████
█████████████████▄
░██████████████▀
████████████
███████████████░██
██████████ | | CRYPTO CASINO &
SPORTS BETTING | | │ | | │ | ▄▄███████▄▄
▄███████████████▄
███████████████████
█████████████████████
███████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████████████
█████████████████████
███████████████████
▀███████████████▀
███████████████████ | | .
|
|
|
|
LoyceV
Legendary
 Online
Activity: 3290
Merit: 16581
Thick-Skinned Gang Leader and Golden Feather 2021
|
|
August 12, 2023, 01:48:43 PM |
|
Signing a message became meaningless many years ago when it was uncovered accounts were being sold WITH a corresponding priv key to a wallet address that had been staked. 2FA isn't meant to stop account sales, it's meant to stop accounts from getting compromised. |
|
|
|
Bureau
Sr. Member
Offline
Activity: 406
Merit: 262
Eloncoin.org - Mars, here we come!
|
|
August 12, 2023, 03:36:49 PM |
|
I do not have any issues with 2FA getting added for account security. What I do think is that it should be a user's responsibility to secure his/her account. Adding another layer is only a pain for people who are aware on how to secure their accounts. Already the CAPTCHA on the login screen is pain when you are using a VPN or TOR browser to access the forum. I won't be happy if the forum imposes a strict rule for 2FA. I would be happy if they give an option to ignore it.
|
|
|
|
|
Adbitco
|
|
August 12, 2023, 03:47:07 PM |
|
To protect and increase your account security regularly changing of passwords can also help to improve your account safety. security.
~snip~
If I have a strong password that consists of, say, 20+ random characters, and if that same password is stored in a way that I'm sure it's accessible only to me, what's the point of regularly changing the password? It can even be counterproductive if you pick up a keylogger in the meantime, and by changing your password you actually compromise yourself. Oh no! You mean you are that strong to have about 20 random character as password? I never thought of that maybe I was thinking password is only limited to 8 to 12 characters, though you are right I don't see any reason of constantly changing password if someone already choose a solid one that could not be easily accessible by someone. However I don't think an active account could have that slime chance of getting hacked just like that, so far I never witnessed where an active is being stolen from the original owner. |
|
|
|
|
SamReomo
|
|
August 12, 2023, 04:10:23 PM |
|
Bitcointalk is a well-known forum in the crypto industry where being a reputable member is like a dream for many. There are some security measures that can be taken to protect your bitcoin talk account from being stolen or hacked. A user can add secret questions, and stake their BTC address in the forum to protect their account. Despite this sometimes accounts got hacked and are taken by hackers.
So why don't we add a Google authentication option as a security feature to the forum? This could prevent from account being stolen if the user never showed up after a long period of inactivity or his password has been compromised.
I'm quite sure that within few months theymos will implement 2FA patch that PowerGlove shared via his post. I have read almost every comment on that thread and I have seen that theymos also gave merits to that post of PowerGlove and that shows that he's interested in implementing that feature on the forum. The only reason he might be delaying that thing can be the issue of slow down or maybe he's still busy these days with some other projects. I don't think that Google Authentication would be a good choice for 2FA on the forum. We can search for open source solutions instead that would allow us to complete the 2FA. We can also go with the open source app named "AuthPass" as that one can be more reliable for us. There are many such open source 2FA solutions that we can choose and some of them are cross platform supported as well. |
|
|
|
|
PX-Z
|
|
August 12, 2023, 04:23:33 PM |
|
I never thought of that maybe I was thinking password is only limited to 8 to 12 characters, though you are right I don't see any reason of constantly changing password if someone already choose a solid one that could not be easily accessible by someone.
I do have that kind of passwords, a combination of familiar words and numbers but not random characters coz it's way too difficult to remember, you will end up resetting your password again lmao. |
|
|
|
|
