gravitate (OP)
Legendary
Offline
Activity: 1372
Merit: 1000
|
|
September 23, 2014, 12:38:27 PM |
|
I followed all the recommendations and bought 2 bitcoins worth of nxt coins. Logged in and they were gone. No one knows how or why. Just be warned guys. Here is a link to what exactly happened https://nxtforum.org/general/have-i-been-hacked/Basically I would not recommend anyone holding lot of Nxt in there. Thats from my own experience. 1000usd flushed down the toilet from no fault of my own. If I kept it in bitcoin it would still be sat on my computer with all my other alts.
|
To peel or not to peel.
|
|
|
gravitate (OP)
Legendary
Offline
Activity: 1372
Merit: 1000
|
|
September 23, 2014, 12:41:20 PM |
|
No I mean I followed recommendations about a secure pass phrase.... I thought nxt were ok as they were at every conference I was at I got sucked in. It is the security of the coins ' brain wallet' that I question.
|
To peel or not to peel.
|
|
|
instacalm
|
|
September 23, 2014, 12:44:41 PM Last edit: September 23, 2014, 01:23:26 PM by instacash |
|
Sorry for your loss gravitate
I've had several NXT accounts since November 2013 and I've never had any account compromised or stolen
Here's a sample password (50 chars including digits and symbols): {^32y3C2pgte%)]MA2Q%XaBQ#ryxc2F89Vd.9#xpifR=9jsMdg
Either use passwords like the above OR the built-in password generator. Both are fine to secure your account.
|
|
|
|
gravitate (OP)
Legendary
Offline
Activity: 1372
Merit: 1000
|
|
September 23, 2014, 12:45:13 PM |
|
ok ok well I got hacked after being scammed then. Double wammy
|
To peel or not to peel.
|
|
|
devphp
|
|
September 23, 2014, 12:46:06 PM |
|
What's your passphrase? https://bitcointalk.org/index.php?topic=792600.msg8930621#msg89306211) Your pass phrase would confirm your claim is legitimate. And yes, why would anyone believe your claim in this nest of vipers that this forum is 2) Your pass phrase would shed light on whether your account was hacked due to the weak pass phrase.
|
|
|
|
gravitate (OP)
Legendary
Offline
Activity: 1372
Merit: 1000
|
|
September 23, 2014, 12:46:47 PM |
|
Hopefully there will be answers however.Maybe not. I wouldn't buy any more though now until someone can answer how my account was hacked
|
To peel or not to peel.
|
|
|
instacalm
|
|
September 23, 2014, 12:48:46 PM |
|
until someone can answer how my account was hacked
As I said, I've never had an account hacked/stolen since December 2013 when I first stumbled upon NXT. There are many different factors that could have lead to this, thus it is very important that you give as much information as possible. How many chars did your password have, which operating system (keylogger?), which sites/apps did you use et cetera.
|
|
|
|
gravitate (OP)
Legendary
Offline
Activity: 1372
Merit: 1000
|
|
September 23, 2014, 12:49:14 PM |
|
tim cum sim prawn gin yuk bim rarl per tip pop from
It was similar to that... I am not prepared to post it public. It was no less or no more complicated than that.
If that isn't secure enough then what is?
|
To peel or not to peel.
|
|
|
instacalm
|
|
September 23, 2014, 12:51:18 PM Last edit: September 23, 2014, 01:24:22 PM by instacash |
|
If that isn't secure enough then what is?
Here are a few examples of strong passphrases, these are impossible to bruteforce: - u4xJU7F#E>?MZ6z{g&MrX9ePu6)yKPEcd4]8^)FJzJ28q^4Cwc
- Wm3&F,y;pFQm4GRc26Pr4tM,[4mW>Kr=$4c4X*M4BT+JtVQ2zx
- }ZL4.yph}.g4AUHPFp}n9$4H9W43EqLXN#8W6=j,4r]uWeVAaQ
- H8+D/rqrA&?cK3xw82KoWC^Z#=ptjvTaqML968TA,43B&>dQF8
- }FczoDRt*wmGJ8QL7>47BNqZ{a4c,>BQ>9VG9*p;62RH3bLaB&
Please use KeePass or 1Password to generate secure passwords like the above or use the password generator built-in the wallet. I'm using passwords like these, generated by 1Password, and I've never had issues. Again sorry for your loss mate, I know that sucks.
|
|
|
|
gravitate (OP)
Legendary
Offline
Activity: 1372
Merit: 1000
|
|
September 23, 2014, 12:51:28 PM |
|
insta I answered all these questions in the thread I linked if you are interested. Anyway I never used it online ever. I never reused it apart from some of the words.
I use mavericks and I have recently done a scan and nothing on my computer. If there was a key logger by bitcoin bit bargain.co.uk account would have been emptied
|
To peel or not to peel.
|
|
|
gravitate (OP)
Legendary
Offline
Activity: 1372
Merit: 1000
|
|
September 23, 2014, 12:52:22 PM |
|
ok well nobody has said this is not secure enough so far anyway
|
To peel or not to peel.
|
|
|
devphp
|
|
September 23, 2014, 12:52:26 PM |
|
tim cum sim prawn gin yuk bim rarl per tip pop from
It was similar to that... I am not prepared to post it public. It was no less or no more complicated than that.
If that isn't secure enough then what is?
Well, there are a lot of passphrases one can think of that are more secure than that, but your refusal to post the passphrase is typical.
|
|
|
|
Vega
|
|
September 23, 2014, 12:54:34 PM |
|
Well, there are a lot of passphrases one can think of that are more secure than that, but your refusal to post the passphrase is typical.
These Nxt stolen topics have one thing in common. The story never starts like this: "I random generated a passphrase..."
|
|
|
|
devphp
|
|
September 23, 2014, 12:58:58 PM |
|
Well, there are a lot of passphrases one can think of that are more secure than that, but your refusal to post the passphrase is typical.
These Nxt stolen topics have one thing in common. The story never starts like this: "I random generated a passphrase..." Yup. Either you're a newbie or an advanced user. If you're a newbie, the software generates a passphrase for you. If you're an advanced user and want to do it yourself - you're on your own, don't complain if your passphrase is cracked, because you can't think of a random complex passphrase.
|
|
|
|
gravitate (OP)
Legendary
Offline
Activity: 1372
Merit: 1000
|
|
September 23, 2014, 01:03:06 PM |
|
hi devphp the pass phrase is like this tim cum sim prawn gin yuk bim rarl per tip pop from
It is NO more complicated or NO MORE simplified. If you want to call me a liar by not posting MY pass phrase to cover up security issues with nxt then carry on please.
If I was going to lie about it I would include numbers and characters to make myself look bullet proof to any hacks. The fact is I was hacked and no body has said there is a problem with the pass phrase. Which means nxt in my opinion is not secure enough if the strength of my pass phrase is ok.
|
To peel or not to peel.
|
|
|
|
gravitate (OP)
Legendary
Offline
Activity: 1372
Merit: 1000
|
|
September 23, 2014, 01:27:11 PM |
|
OK well it is funny how the nxt community didnt say it wasnt strong enough and they also said it could not be brute forced.
Anyway I am not here to argue about how amazingly secure this coin is. I bought it becasue of how I saw them promoting it all the time.
Anyway let this be a lesson to everyone. If you have a 'secure' password then it will be hacked and your coins will be stolen and then your pass phrase will be considered not secure.
I cant be bothered arguing about it anymore. I hope this serves as a warning to other people thats all.
|
To peel or not to peel.
|
|
|
3x2
Legendary
Offline
Activity: 1526
Merit: 1004
|
|
September 23, 2014, 01:34:44 PM |
|
OK well it is funny how the nxt community didnt say it wasnt strong enough and they also said it could not be brute forced.
Anyway I am not here to argue about how amazingly secure this coin is. I bought it becasue of how I saw them promoting it all the time.
Anyway let this be a lesson to everyone. If you have a 'secure' password then it will be hacked and your coins will be stolen and then your pass phrase will be considered not secure.
I cant be bothered arguing about it anymore. I hope this serves as a warning to other people thats all.
i have less than 30 alphabet password and never got hacked, No number,dot,comma or anything. Dont blame coin for your own mistakes, if someone can hack in to your computer and copy wallet.dat file without the encryption will you still blame BTC for that?
|
|
|
|
gravitate (OP)
Legendary
Offline
Activity: 1372
Merit: 1000
|
|
September 23, 2014, 01:42:05 PM |
|
Bitcoin is more secure full stop. Also the nxt community should be warningh against these pass phrases if they are not secure. I am not blaming anyone for my own stupid mistake by chosing a pass phrase that the nxt community did NOT think was a risk. I am merely posting this as a warning for new people who are thinking about buying nxt coins.
I would not wish this to happen to anyone else and I would not like any hacker to benefit from it. So you have the same security pass phrase after reading this will you open a new account?
|
To peel or not to peel.
|
|
|
devphp
|
|
September 23, 2014, 02:08:46 PM |
|
OK well it is funny how the nxt community didnt say it wasnt strong enough and they also said it could not be brute forced.
It's never enough when it comes to security, but since you don't post your passphrase, it's hard to tell if it's strong enough or not. What's generated by the client for newbies is strong enough. This has been verified by a few security experts. When you make your own passphrase, nobody can say if it's secure enough, especially if you don't present it. I am not saying you're a liar, but I don't have to believe you either. Other software projects use the same 12-word approach, like Counterparty or Dogeparty, where you have 12 random words that the private key is generated from ( https://wallet.dogeparty.io/). Just 12 dictionary words, selected randomly, so it's not like NXT is pioneering anything here in generation of passphrases for newbies.
|
|
|
|
|