Bizmark13 (OP)
Sr. Member
 Offline
Activity: 462
Merit: 250
WikiScams.org - Information about Bitcoin Scams
|
 |
March 17, 2015, 05:05:08 AM |
|
I created an account a while ago for a website that I was going to launch. However, I used an email address that has since been deleted and is probably not available for re-registration. Since the passwords for our accounts in the new forum will be sent via email to the email addresses we have on our profiles, would it not be possible to access this account once the forum software is migrated? Is it recommended that I register a new email address and change it to this one before the switchover happens?
|
|
|
|
|
|
|
|
|
|
|
|
Make sure you back up your wallet regularly! Unlike a bank account, nobody can help you if you lose access to your BTC.
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
Decksperiment
|
|
March 17, 2015, 05:10:12 AM |
|
If you mean logging into this forum, by migrating, it's safe to assume your login/password will remain the same?
|
|
|
|
|
|
Chijio
|
|
March 17, 2015, 07:42:46 AM |
|
I created an account a while ago for a website that I was going to launch. However, I used an email address that has since been deleted and is probably not available for re-registration. Since the passwords for our accounts in the new forum will be sent via email to the email addresses we have on our profiles, would it not be possible to access this account once the forum software is migrated? Is it recommended that I register a new email address and change it to this one before the switchover happens?
i guess it will be safe if you create new email address for your active accounts just in case the migration happens.. |
|
|
|
|
Muhammed Zakir
|
|
March 17, 2015, 09:41:24 AM |
|
Create a new email address and use it for this forum. It can be similar to your username if you are doing any sort of business here. If you mean logging into this forum, by migrating, it's safe to assume your login/password will remain the same?
No. Slickage team can't access to passwords. So they will set up a bot to send emails to every users with a reset link. We can only access the forum if you reset the password. This is what I know. It might change. |
|
|
|
kcud_dab
Legendary
Offline
Activity: 1652
Merit: 1000
Bitcoin enthusiast!
|
|
March 17, 2015, 09:50:31 AM |
|
So they will set up a bot to send emails to every users with a reset link. We can only access the forum if you reset the password. This is what I know. It might change.
Source? |
|
|
|
|
Muhammed Zakir
|
|
March 17, 2015, 09:59:51 AM |
|
So they will set up a bot to send emails to every users with a reset link. We can only access the forum if you reset the password. This is what I know. It might change.
Source? Sorry! I will try to put source when posting something like this. As a confirmation, we're working really hard to make sure as much of the data is carried over. The only thing we can't carry over is passwords, so when you first log on to the new forum, you'll need to set a new password.
This will probably be done over email so make sure the email you have registered with THIS forum is your email and not ... say a burner email account like mailinator or something like that.
|
|
|
|
|
R2D221
|
|
March 17, 2015, 07:03:04 PM |
|
They don't have access to passwords, but what about the password hashes? Why not just transfer the hashes to the new system?
|
An economy based on endless growth is unsustainable.
|
|
|
theymos
Administrator
Legendary
Offline
Activity: 5180
Merit: 12884
|
|
March 17, 2015, 08:21:43 PM |
|
To prevent people from thinking, "This is a phishing site trying to steal my password!", the primary method of resetting your password will be email reset. A secondary (maybe slightly-hidden) method will be to use your current password. So you needn't worry about having an invalid email address now.
A valid email address might be required in the new software, though. I'm not sure about that yet.
|
1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
|
|
|
Bizmark13 (OP)
Sr. Member
Offline
Activity: 462
Merit: 250
WikiScams.org - Information about Bitcoin Scams
|
|
March 21, 2015, 02:23:37 PM |
|
To prevent people from thinking, "This is a phishing site trying to steal my password!", the primary method of resetting your password will be email reset. A secondary (maybe slightly-hidden) method will be to use your current password. So you needn't worry about having an invalid email address now.
A valid email address might be required in the new software, though. I'm not sure about that yet.
Ah, OK thanks for that answer. I did change my email address to a valid one as a precautionary measure. The secondary method would probably be quite useful for a lot of members here, I would think. Since the forums don't currently enforce the use of a valid email address, I suspect many people might no longer be able to access their old email address or they might have signed up using an invalid one. Looking forward to seeing the new forum up and running soon.  |
|
|
|
|
guitarplinker
Legendary
Offline
Activity: 1694
Merit: 1024
|
|
March 21, 2015, 03:15:47 PM |
|
They don't have access to passwords, but what about the password hashes? Why not just transfer the hashes to the new system?
It could be that the new forum has a new method of hashing passwords (different algorithm maybe), so if the old hashes were transferred over, your old password wouldn't work because of the new algorithm. |
|
|
|
|
|
Muhammed Zakir
|
|
March 21, 2015, 04:09:24 PM |
|
They don't have access to passwords, but what about the password hashes? Why not just transfer the hashes to the new system?
It could be that the new forum has a new method of hashing passwords (different algorithm maybe), so if the old hashes were transferred over, your old password wouldn't work because of the new algorithm. AFAIK they use same algorithm, SHA-256. The idea that bcrypt is somehow extra strong is AFAIK entirely a myth. bcrypt is based on a fast Blowfish-based hash function comparable to SHA-256 and other cryptographically-secure hash functions. It makes the entire process slow by hashing the password many times. But this is exactly what any decent key derivation function does.
The forum uses sha256crypt (which has an extremely similar interface to bcrypt) with 7500 iterations. If SHA-256 and bcrypt's underlying hash function were exactly the same speed, this would be equivalent to a bcrypt cost of about 13. I prefer SHA-2 because Blowfish (and especially bcrypt's Blowfish-based hash function) are not as widely used or studied.
|
|
|
|
GoodMerchant
Newbie
Offline
Activity: 52
Merit: 0
|
|
March 22, 2015, 02:56:35 AM |
|
They don't have access to passwords, but what about the password hashes? Why not just transfer the hashes to the new system?
i dont agree with this method, i would go for email reset password to left those dummy accounts and the forum will be clean |
|
|
|
|
|
R2D221
|
|
March 22, 2015, 03:15:07 AM |
|
They don't have access to passwords, but what about the password hashes? Why not just transfer the hashes to the new system?
i dont agree with this method, i would go for email reset password to left those dummy accounts and the forum will be clean But what about legitimate users who have a now invalid email? Why are you leaving them out? |
An economy based on endless growth is unsustainable.
|
|
|
|
Muhammed Zakir
|
|
March 22, 2015, 04:41:10 AM |
|
i dont agree with this method, i would go for email reset password to left those dummy accounts and the forum will be clean
But what about legitimate users who have a now invalid email? Why are you leaving them out? Probably they will put a short message saying to change email and put a link to thread. Also, this might also be available. IMHO it is better not to give access to passwords. =snip= A secondary (maybe slightly-hidden) method will be to use your current password. So you needn't worry about having an invalid email address now.
A valid email address might be required in the new software, though. I'm not sure about that yet.
|
|
|
|
|
Fiiasco
|
|
March 22, 2015, 07:42:20 AM |
|
I created an account a while ago for a website that I was going to launch. However, I used an email address that has since been deleted and is probably not available for re-registration. Since the passwords for our accounts in the new forum will be sent via email to the email addresses we have on our profiles, would it not be possible to access this account once the forum software is migrated? Is it recommended that I register a new email address and change it to this one before the switchover happens?
You should definitely change your email address now, just in case that we move the forum anytime soon. |
|
|
|
|
