Bitcoin Forum
December 08, 2016, 02:05:54 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Bitcoinica's poor security features. (user side)  (Read 581 times)
Transisto
Donator
Legendary
*
Offline Offline

Activity: 1624



View Profile WWW
February 13, 2012, 09:45:44 PM
 #1

Bitcoinica has very weak security feature for an exchange.

1. There is no OTP for withdrawal., no yubikey
2. This is no way to lock an address for withdrawal.
3. There is no limit on withdrawal, not that I'd want one, but given point 1+2 there should be one.
4. This is no time-out for session to expire. (I'm working with 30-40 open browser windows, how often do you think I leave the computer without closing them all ?)

I'm going long with Bitcoinica, these worry me a lot.

I have for now created multiple account to protect from an open browser hack.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481162754
Hero Member
*
Offline Offline

Posts: 1481162754

View Profile Personal Message (Offline)

Ignore
1481162754
Reply with quote  #2

1481162754
Report to moderator
1481162754
Hero Member
*
Offline Offline

Posts: 1481162754

View Profile Personal Message (Offline)

Ignore
1481162754
Reply with quote  #2

1481162754
Report to moderator
M4v3R
Hero Member
*****
Offline Offline

Activity: 607



View Profile
February 13, 2012, 10:02:38 PM
 #2

1. There is one for logging in, and to play it safe, see no. 4
2. This should be addressed
3. Please no, I hate limits on Mt. Gox.
4. Just log out every time you end using Bitcoinica. And don't use it on untrusted machines. You do this every time you're using your bank account online, right?
Littleshop
Legendary
*
Offline Offline

Activity: 1316



View Profile WWW
February 13, 2012, 10:11:58 PM
 #3

4. Just log out every time you end using Bitcoinica. And don't use it on untrusted machines. You do this every time you're using your bank account online, right?
My bank account sites that I use time out after 15 mins and logout and money there is a lot harder to steal. 

M4v3R
Hero Member
*****
Offline Offline

Activity: 607



View Profile
February 13, 2012, 10:14:55 PM
 #4

4. Just log out every time you end using Bitcoinica. And don't use it on untrusted machines. You do this every time you're using your bank account online, right?
My bank account sites that I use time out after 15 mins and logout and money there is a lot harder to steal.  

Mine too, but still, it's a GOOD PRACTICE to log out every time you finish working with any online financial service, especially when it's responsible for enough money that you care for it.

I understand that some people would like to see this. But if Bitcoinica were to implement OTPs for withdrawals, I'd like to see it as an optional feature.
Transisto
Donator
Legendary
*
Offline Offline

Activity: 1624



View Profile WWW
February 14, 2012, 02:44:33 AM
 #5

OTP for withdrawal would solve all problems.

I could leave my browser open and nobody could steal my BTCs.

The reply I got from them about this was, : "no care"
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!