Bitcoin Forum
December 03, 2016, 10:04:00 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 [2]  All
  Print  
Author Topic: Two-factor authentication and GLBSE  (Read 3687 times)
unclescrooge
aka Raphy
Hero Member
*****
Offline Offline

Activity: 868


View Profile
May 18, 2012, 07:14:51 AM
 #21

Nevermind, I found the "trick": you have to be slow before hitting the "Login" button.

If you type too fast captcha and auth code and hit the logjn button, it somehow assume the auth code is wrong. Weird...

1480802640
Hero Member
*
Offline Offline

Posts: 1480802640

View Profile Personal Message (Offline)

Ignore
1480802640
Reply with quote  #2

1480802640
Report to moderator
1480802640
Hero Member
*
Offline Offline

Posts: 1480802640

View Profile Personal Message (Offline)

Ignore
1480802640
Reply with quote  #2

1480802640
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1480802640
Hero Member
*
Offline Offline

Posts: 1480802640

View Profile Personal Message (Offline)

Ignore
1480802640
Reply with quote  #2

1480802640
Report to moderator
zer0
Sr. Member
****
Offline Offline

Activity: 350



View Profile
May 19, 2012, 10:26:31 PM
 #22

Also check the time on your phone. If its off by a few seconds then 2factor/Google Authenticator may not work.
kuroshiro
Newbie
*
Offline Offline

Activity: 9


View Profile
June 01, 2012, 11:26:03 PM
 #23

So, I'm actually trying to enable two factor on my account, and I don't understand what I'm supposed to do. I click on the "enable" button for two-factor authentication. It takes me to a page with a QR code, the manual text code, and 4 check boxes for various aspects of the site. under that is a field to enter an auth code if you already have two-factor enabled. I scan in the qr code to authenticator, i selected what I wanted to protect with two-factor, then I hit submit, because I don't already have two-factor enabled. I get an error that says "wrong auth code" and get the page back with a new QR code. So now I have to delete the one I added, add the new one, select things, then this time I add the current auth code for that account and submit. Same error message.

What am I doing wrong?

--
If I've posted something you find useful, please give me a tip:
13ndhNvWsbvHxoZDQcDcuem5frf2zbz5Xx
Tomatocage
Legendary
*
Offline Offline

Activity: 1526

brb keeping up with the Kardashians


View Profile
June 03, 2012, 05:52:00 AM
 #24

So, I'm actually trying to enable two factor on my account, and I don't understand what I'm supposed to do. I click on the "enable" button for two-factor authentication. It takes me to a page with a QR code, the manual text code, and 4 check boxes for various aspects of the site. under that is a field to enter an auth code if you already have two-factor enabled. I scan in the qr code to authenticator, i selected what I wanted to protect with two-factor, then I hit submit, because I don't already have two-factor enabled. I get an error that says "wrong auth code" and get the page back with a new QR code. So now I have to delete the one I added, add the new one, select things, then this time I add the current auth code for that account and submit. Same error message.

What am I doing wrong?

Exact same thing happens to me.  I've tried the 6-digit code from my Google Authenticator app, and I've tried that 16-digit string under the QR code multiple times.  Every time it just says "Auth code is not correct, please try again"

THIS SPOT FOR RENT* | GPG ID: 4880D85C | 1% Escrow | 8% IPO/ICO Escrow services Temporarily Closed | Bitcointalk is the ONLY place where I use this name (No Skype/IRC/YIM/AIM/etc) | 13CsmTqGNwvFXb7tD9yFvJcEYCDTB8wQTS | Beware of these SCAM sites! | *Sponsored Link
Francesco
Sr. Member
****
Offline Offline

Activity: 252


View Profile
June 29, 2012, 10:23:29 PM
 #25

Same thing here: said "incorrect code", and ther's absolutely no way around. This was on a test account.
Now it seems my phone clock was out of sync of over half a second, corrected, it works. Now I'll try to enable it on the "real" account; let's hope for no bad surprise...
Bitcoin Oz
Hero Member
*****
Offline Offline

Activity: 700


Wat


View Profile WWW
June 29, 2012, 10:25:05 PM
 #26

Nevermind, I found the "trick": you have to be slow before hitting the "Login" button.

If you type too fast captcha and auth code and hit the logjn button, it somehow assume the auth code is wrong. Weird...

Thats a feature not a bug Cheesy

Nefario
Hero Member
*****
Offline Offline

Activity: 602


GLBSE Support support@glbse.com


View Profile WWW
August 25, 2012, 10:15:26 AM
 #27

2 factor auth has now been made easier, the time on most peoples phones is set by the carriers network, turns out most networks like to be about a minute fast. I've updated 2fa to take this into account and should allow users with slightly fast phones to get in.

Nefario

PGP key id at pgp.mit.edu 0xA68F4B7C

To get help and support for GLBSE please email support@glbse.com
Tritonio
Hero Member
*****
Offline Offline

Activity: 652


Vanity of vanities; all is vanity...


View Profile WWW
August 25, 2012, 07:57:14 PM
 #28

I got this old bug where 2 step is enabled without ever enabling it. :-(
And I noticed it yesterday so I will probably have to wait till Monday to withdraw some of my funds. (even though my ticket says it has been assigned)

testconpastas2
Full Member
***
Offline Offline

Activity: 199



View Profile
September 18, 2012, 06:24:08 PM
 #29

well , I have enabled 2-factor auth and when it is used from firefox with tor, it didnt let me log in.

if i turn off tor,  everything works again. ( using foxyproxy standart)

any hint?

Thank you.


Bitmessage: BM-2DAetLWJBKWHZoPbNCgg5z8jwaPpDYWwd4
gpg key id:C6EF5CE3
Nefario
Hero Member
*****
Offline Offline

Activity: 602


GLBSE Support support@glbse.com


View Profile WWW
September 18, 2012, 06:31:04 PM
 #30

well , I have enabled 2-factor auth and when it is used from firefox with tor, it didnt let me log in.

if i turn off tor,  everything works again. ( using foxyproxy standart)

any hint?

Thank you.



Don't use tor.

PGP key id at pgp.mit.edu 0xA68F4B7C

To get help and support for GLBSE please email support@glbse.com
testconpastas2
Full Member
***
Offline Offline

Activity: 199



View Profile
September 18, 2012, 06:57:15 PM
 #31

nice advice, but  using glbsee with tor seems a good thing to me.
Nefario have you thought about using a Tor hidden service?

Bitmessage: BM-2DAetLWJBKWHZoPbNCgg5z8jwaPpDYWwd4
gpg key id:C6EF5CE3
Nefario
Hero Member
*****
Offline Offline

Activity: 602


GLBSE Support support@glbse.com


View Profile WWW
September 19, 2012, 01:23:17 AM
 #32

nice advice, but  using glbsee with tor seems a good thing to me.
Nefario have you thought about using a Tor hidden service?

Really I'm only kidding, often the issue is the time since GAuth used on GLBSE is time based.

Anyway, I've ordered a Yubikey so will adding this as a two-factor auth method as well.

PGP key id at pgp.mit.edu 0xA68F4B7C

To get help and support for GLBSE please email support@glbse.com
mila
Sr. Member
****
Offline Offline

Activity: 462



View Profile
September 19, 2012, 08:58:07 AM
 #33

well.

and what about the .onion access point to glbse?
or releasing 1.0 javascript black/blue version with keys only for authentication?
Wink

your ad here:
Nefario
Hero Member
*****
Offline Offline

Activity: 602


GLBSE Support support@glbse.com


View Profile WWW
September 20, 2012, 03:20:15 AM
 #34

well.

and what about the .onion access point to glbse?
or releasing 1.0 javascript black/blue version with keys only for authentication?
Wink

I see no reason to provide .onion access to GLBSE as most accounts that have been compromised the attacker has used Tor to do so.

As for releasing GLBSE 1.0 code, I suppose, all it will do is show how bad a code I am I think.

PGP key id at pgp.mit.edu 0xA68F4B7C

To get help and support for GLBSE please email support@glbse.com
mila
Sr. Member
****
Offline Offline

Activity: 462



View Profile
September 21, 2012, 05:49:10 PM
 #35

I see no reason to provide .onion access to GLBSE as most accounts that have been compromised the attacker has used Tor to do so.

I did not know that. Fair enough. Thanks for sharing the info

your ad here:
Pages: « 1 [2]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!