Bitcoin Forum
December 05, 2016, 08:49:45 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: eclipsemc.com  (Read 2739 times)
Enigma81
Full Member
***
Offline Offline

Activity: 177



View Profile
January 14, 2012, 11:36:27 AM
 #1

Maybe I'm paranoid about security, but this error message scares the daylights out of me.  I've sent a message to support@eclipsemc.com, but I might suggest that no-one else try logging in to eclipsemc.com until this gets cleared up.  I am 101% positive that my password was typed correctly, and I have no idea what google would have to do with my login...

Enigma

1480927785
Hero Member
*
Offline Offline

Posts: 1480927785

View Profile Personal Message (Offline)

Ignore
1480927785
Reply with quote  #2

1480927785
Report to moderator
1480927785
Hero Member
*
Offline Offline

Posts: 1480927785

View Profile Personal Message (Offline)

Ignore
1480927785
Reply with quote  #2

1480927785
Report to moderator
1480927785
Hero Member
*
Offline Offline

Posts: 1480927785

View Profile Personal Message (Offline)

Ignore
1480927785
Reply with quote  #2

1480927785
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1480927785
Hero Member
*
Offline Offline

Posts: 1480927785

View Profile Personal Message (Offline)

Ignore
1480927785
Reply with quote  #2

1480927785
Report to moderator
1480927785
Hero Member
*
Offline Offline

Posts: 1480927785

View Profile Personal Message (Offline)

Ignore
1480927785
Reply with quote  #2

1480927785
Report to moderator
1480927785
Hero Member
*
Offline Offline

Posts: 1480927785

View Profile Personal Message (Offline)

Ignore
1480927785
Reply with quote  #2

1480927785
Report to moderator
Inaba
Legendary
*
Offline Offline

Activity: 1260



View Profile WWW
January 14, 2012, 03:52:08 PM
 #2

We implemented a new security feature to allow people to use Google Authenticator as a 2nd factor login credential.  I thought I had tested every iteration of login possibilities, but apparently I neglected to test the most important one and went to bed.  So it was trying to authenticate everyone against the GA, even if they did not have it enabled.

The problem has been corrected and you should be able to login with out a GA token now. Additionally, you should be able to properly generate the GH QR code & token if you wish to enable it.

I apologize for the confusion and problems logging in.  Everything should be good to go now.

If you're searching these lines for a point, you've probably missed it.  There was never anything there in the first place.
Enigma81
Full Member
***
Offline Offline

Activity: 177



View Profile
January 15, 2012, 12:31:45 AM
 #3

Thanks for the explanation.  I certainly understand that sometimes things go wrong - I'm just one of those people who is quite paranoid about security, and when I see notices about a completely different company (google in this case) having something to do with my login credentials, I get quite nervous.

I do like your pool though - been mining with one small rig for a few days to try it out, and I'm quite satisfied so far.  Considering switching all of my hash power over in another week or so..

Enigma
Inaba
Legendary
*
Offline Offline

Activity: 1260



View Profile WWW
January 15, 2012, 01:24:42 AM
 #4

I'm a big proponent of security as well, which is why I have put these two 2 factor mechanisms in place.  I hope more people will use them.  Between the Yubikey and the Google Auth, there should be no reason for anyone not to use one of the two methods. 

Google Auth has the added advantage of not having to be online to authenticate.  The Google Auth mechanism I elected to use is deterministic, and therefore you can either pre-generate your keys and keep them with you, they are only good once.  There's no call backs to any Google Servers or any notification to Google or anything to do with google beyond using their authenticator app on your mobile device.  Definitely a plus.


If you're searching these lines for a point, you've probably missed it.  There was never anything there in the first place.
rjk
Sr. Member
****
Offline Offline

Activity: 420


1ngldh


View Profile
January 15, 2012, 01:26:39 AM
 #5

Google Auth has the added advantage of not having to be online to authenticate.  The Google Auth mechanism I elected to use is deterministic, and therefore you can either pre-generate your keys and keep them with you, they are only good once.  There's no call backs to any Google Servers or any notification to Google or anything to do with google beyond using their authenticator app on your mobile device.  Definitely a plus.
They do this now? I coulda swore the last time I checked that they only supported time based mechanisms (OATH-TOTP).

Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!
Inaba
Legendary
*
Offline Offline

Activity: 1260



View Profile WWW
January 15, 2012, 06:51:53 AM
 #6

Nope, both TOTP and HOTP... I chose HOTP in this instance.

If you're searching these lines for a point, you've probably missed it.  There was never anything there in the first place.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!