DefaultTrust & changing BTC address

[Gleb Goodston]

Hi If I send Defaulttrust my btc address for recovery reasons but then want to change my btc address down the line how should I do that? Should I said a message to defaulttrust with the old btc address & the new one & then sign from old address just to confirm?

[hilariousandco]

Just send the new address.

[Gleb Goodston]

Just send the new address.

Surely that's a security flaw though? although it makes it much easier for me but lets say someones account was hacked and they sent a new address to DefaultTrust then the rightful owner can't do anything.

[hilariousandco]

Then the person who can sign a message from the earlier address can still get it back, but it isn't ever going to be a foolproof system. Hopefully people won't need to do this with the 2-factor auth on the new forum.

[Gleb Goodston]

Then the person who can sign a message from the earlier address can still get it back, but it isn't ever going to be a foolproof system. Hopefully people won't need to do this with the 2-factor auth on the new forum.

Isn't it being alpha tested now? What type of 2 factor? Email phone? google auth?

[shorena]

Then the person who can sign a message from the earlier address can still get it back, but it isn't ever going to be a foolproof system. Hopefully people won't need to do this with the 2-factor auth on the new forum.

Isn't it being alpha tested now? What type of 2 factor? Email phone? google auth?

https://bitcointalk.org/index.php?topic=523070.0

https://bitcointalk.org/index.php?board=167.0

[pissedoff]

I think this is almost useless & only plays a small part in the recovery process.

[FattyMcButterpants]

Then the person who can sign a message from the earlier address can still get it back, but it isn't ever going to be a foolproof system. Hopefully people won't need to do this with the 2-factor auth on the new forum.

theymos has said that he will investigate any claim of a hacked account thoroughly enough so that he will not recover an account based on a signed message only. If there is evidence that the account was sold then he seems to not recover an account.

[pissedoff]

Then the person who can sign a message from the earlier address can still get it back, but it isn't ever going to be a foolproof system. Hopefully people won't need to do this with the 2-factor auth on the new forum.

theymos has said that he will investigate any claim of a hacked account thoroughly enough so that he will not recover an account based on a signed message only. If there is evidence that the account was sold then he seems to not recover an account.

That's the way to do it but I can see theymos not recovering many accounts because that would be a awfully long process I can't wait for the new forum software so we can rest a little easier with 2 factor authentication. Hopefully we'll have a phone + email choice. I don't get on with google authentication very well.

[FattyMcButterpants]

Then the person who can sign a message from the earlier address can still get it back, but it isn't ever going to be a foolproof system. Hopefully people won't need to do this with the 2-factor auth on the new forum.

theymos has said that he will investigate any claim of a hacked account thoroughly enough so that he will not recover an account based on a signed message only. If there is evidence that the account was sold then he seems to not recover an account.

That's the way to do it but I can see theymos not recovering many accounts because that would be a awfully long process I can't wait for the new forum software so we can rest a little easier with 2 factor authentication. Hopefully we'll have a phone + email choice. I don't get on with google authentication very well.

I don't think it is 100% certain that we will have 2FA with the new forum, although I may be incorrect on this. I would think that any 2FA would likely somehow involve the signing of a message from either a PGP key or a bitcoin address as this would be much cheaper then using email/text messages (it costs money to send emails and text messages)