Bitcoinica's poor security features. (user side)

Transisto (OP)

Donator
Legendary

Offline

Activity: 1731
Merit: 1008

Bitcoinica's poor security features. (user side)

February 13, 2012, 09:45:44 PM

Bitcoinica has very weak security feature for an exchange.

1. There is no OTP for withdrawal., no yubikey
2. This is no way to lock an address for withdrawal.
3. There is no limit on withdrawal, not that I'd want one, but given point 1+2 there should be one.
4. This is no time-out for session to expire. (I'm working with 30-40 open browser windows, how often do you think I leave the computer without closing them all ?)

I'm going long with Bitcoinica, these worry me a lot.

I have for now created multiple account to protect from an open browser hack.

1715113114

Hero Member

Offline

Posts: 1715113114

Ignore

1715113114

1715113114


	Report to moderator

1715113114

Hero Member

Offline

Posts: 1715113114

Ignore

1715113114


	Report to moderator

1715113114

Hero Member

Offline

Posts: 1715113114

Ignore

1715113114


	Report to moderator

The block chain is the main innovation of Bitcoin. It is the first distributed timestamping system.

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.

1715113114

Hero Member

Offline

Posts: 1715113114

Ignore

1715113114


	Report to moderator

1715113114

Hero Member

Offline

Posts: 1715113114

Ignore

1715113114


	Report to moderator

M4v3R

Hero Member

Offline

Activity: 607
Merit: 500

Re: Bitcoinica's poor security features. (user side)

February 13, 2012, 10:02:38 PM

1. There is one for logging in, and to play it safe, see no. 4
2. This should be addressed
3. Please no, I hate limits on Mt. Gox.
4. Just log out every time you end using Bitcoinica. And don't use it on untrusted machines. You do this every time you're using your bank account online, right?

Littleshop

Legendary

Offline

Activity: 1386
Merit: 1003

Re: Bitcoinica's poor security features. (user side)

February 13, 2012, 10:11:58 PM

Quote from: M4v3R on February 13, 2012, 10:02:38 PM

4. Just log out every time you end using Bitcoinica. And don't use it on untrusted machines. You do this every time you're using your bank account online, right?

My bank account sites that I use time out after 15 mins and logout and money there is a lot harder to steal.

Seller since 2011 hundreds of orders shipped

M4v3R

Hero Member

Offline

Activity: 607
Merit: 500

Re: Bitcoinica's poor security features. (user side)

February 13, 2012, 10:14:55 PM

Quote from: Littleshop on February 13, 2012, 10:11:58 PM

Quote from: M4v3R on February 13, 2012, 10:02:38 PM

4. Just log out every time you end using Bitcoinica. And don't use it on untrusted machines. You do this every time you're using your bank account online, right?

My bank account sites that I use time out after 15 mins and logout and money there is a lot harder to steal.

Mine too, but still, it's a GOOD PRACTICE to log out every time you finish working with any online financial service, especially when it's responsible for enough money that you care for it.

I understand that some people would like to see this. But if Bitcoinica were to implement OTPs for withdrawals, I'd like to see it as an optional feature.

Transisto (OP)

Donator
Legendary

Offline

Activity: 1731
Merit: 1008

Re: Bitcoinica's poor security features. (user side)

February 14, 2012, 02:44:33 AM

OTP for withdrawal would solve all problems.

I could leave my browser open and nobody could steal my BTCs.

The reply I got from them about this was, : "no care"

Pages: [1]

Bitcoin Forum > Economy > Marketplace > Bitcoinica's poor security features. (user side)

« previous topic next topic »