Author

Topic: 2FA - authentication (Read 736 times)

brand new
Activity: 0
Merit: 0
December 06, 2022, 05:28:12 AM
#15
TEDA Exchange opens new domain name tedahk.com. TEDA is a leading global blockchain technology service provider, founded in 2022 and headquartered in Hong Kong. As a leader in blockchain technology services, TEDA now has mature products such as digital asset trading systems and wallets, and has built an industrial closed loop of technology services-flow-commercialization.

To date, the TEDA Cryptocurrency Exchange has provided blockchain technology services to thousands of companies and hundreds of thousands of customer groups around the world. the TEDA Exchange brings together financial professionals and blockchain technology professionals from around the world. They graduated from the world's leading universities with advanced degrees. The team members come from top international financial institutions, computer applications and other fields.

Security of user funds is our top priority! We have implemented a risk diversification system based on the principle that only 7% of assets are always stored in hot pockets. Assets stored in cold storage are protected by Multisig (multiple signature) access.

TEDA uses transaction fees to establish an insurance program that serves as an insurance fund to protect user assets. The TEDA Insurance Program protection fund has reached US$100 million.

Cutting-edge technology-based trading and aggregation engine ensures fast access to funds and order operations.

Original Super Password, a better security guard. Insist on autonomous control of assets and value user privacy. Safer assets and more transparent transactions.

Media Contacts.

Facebook: https://web.facebook.com/profile.php?id=100085659289678

Instagram: teda.hk

Twitter: @tedahkd

Company name: TEDA Crypto Exchange

Email: [email protected]

Website: https://www.teda.one, https://www.tedahk.com, https://www.teda.live

Facebook (https://web.facebook.com/profile.php?id=100085659289678)
Log in or sign up to view
See posts, photos and more on Facebook.
legendary
Activity: 2184
Merit: 3134
₿uy / $ell
June 29, 2022, 03:21:20 AM
#14
I can imagine such a measure discouraging some new users from participating because they have yet to learn how to do such a simple thing, or older users who lost access to the private key associated with the address (or users for whom it wouldn't be worth the hassle to search for the key).

2FA is a very simple concept that nearly every service that conducts financial transactions uses in one way or another (with some being less secure than others). I would have serious doubts that requiring 2FA would discourage participation.

I was replying to TheBeardedBaby's post where he proposed signing messages. A newbie is more likely to be confused how to sign a message compared with the more common use of scanning QR codes with Google Authenticator.

Also most people register on forums not to sell but to participate in discussions and if they don't associate monetary value with their account (compared with other services requiring 2FA), they might not care as much about losing their 2FA for one reason or another.

I thought more as an Option to choose when register you account, and possibly activate it later but not as a requirement to register. Same as the console browser view of the forum suggested by Cyrus some time ago. It's gonna be an option for those people who don't want to do anything with authenticators like Google or Microsoft and worried of being tracked.
legendary
Activity: 3472
Merit: 1721
June 13, 2022, 11:37:56 AM
#13
I can imagine such a measure discouraging some new users from participating because they have yet to learn how to do such a simple thing, or older users who lost access to the private key associated with the address (or users for whom it wouldn't be worth the hassle to search for the key).

2FA is a very simple concept that nearly every service that conducts financial transactions uses in one way or another (with some being less secure than others). I would have serious doubts that requiring 2FA would discourage participation.

I was replying to TheBeardedBaby's post where he proposed signing messages. A newbie is more likely to be confused how to sign a message compared with the more common use of scanning QR codes with Google Authenticator.

Also most people register on forums not to sell but to participate in discussions and if they don't associate monetary value with their account (compared with other services requiring 2FA), they might not care as much about losing their 2FA for one reason or another.
copper member
Activity: 1610
Merit: 1898
Amazon Prime Member #7
June 11, 2022, 04:51:02 PM
#12
I can imagine such a measure discouraging some new users from participating because they have yet to learn how to do such a simple thing, or older users who lost access to the private key associated with the address (or users for whom it wouldn't be worth the hassle to search for the key).

2FA is a very simple concept that nearly every service that conducts financial transactions uses in one way or another (with some being less secure than others). I would have serious doubts that requiring 2FA would discourage participation. Although there is the argument that 2FA may result in additional account recoveries, and may result in the threshold for recovering an account to be lowered because people have lost their 2FA keys.
legendary
Activity: 3472
Merit: 1721
June 10, 2022, 06:23:37 PM
#11
I can imagine such a measure discouraging some new users from participating because they have yet to learn how to do such a simple thing, or older users who lost access to the private key associated with the address (or users for whom it wouldn't be worth the hassle to search for the key).
Maybe if this sort of requirement only existed for some Marketplace child-boards, it could make sense to prevent some scams (not all, social engineering via PMs would still be possible, which perhaps could be countered with a message padded to the PM, something along the lines of "this user last authenticated X days ago").

legendary
Activity: 2184
Merit: 3134
₿uy / $ell
May 31, 2022, 05:31:13 PM
#10
How about adding a standard message (date and time) to be signed from a staked or registered address when you open an account.
It could be automated and If it's verified successfully you can log in.
This could be required on a random basis every month for security.
It's a bitcoin forum after all.
legendary
Activity: 2170
Merit: 3858
May 25, 2022, 09:14:50 AM
#9
There will be 2FA in a new forum software, Epochtalk.

For this forum software SMF, there will be no 2FA as the admin confirms it. There are other ways for you to secure your account as well as prepare for your account recovery in future.
legendary
Activity: 1540
Merit: 1274
May 25, 2022, 08:51:39 AM
#8

Thoughts? Ideas?

Perhaps one of the reasons this development takes a while is that the forum is open for public discussion, you are not supposed to share personal data here, messages are encrypted and it is better to encrypt it with yourself.

Two-factor authentication is good if the forum asks you for money or personal data, and the recovery of accounts does not take much time, you may make sure that you are signing a message correctly.
copper member
Activity: 1610
Merit: 1898
Amazon Prime Member #7
April 17, 2022, 03:11:26 AM
#7
That wouldn't eliminate the need for manual recoveries; it might even increase it as people lose their second factor. 2FA would be nice, but IMO the email notifications provide many of the same benefits, so it's not high on my to-do list.
This is the reason why I think it is unlikely for 2FA to ever be implemented on bitcointalk.

There is a lot of commerce that takes place on bitcointalk, however, a bitcointalk account is intended to be used for discussion. So the types of verifications that 2FA provides is better done when trading, rather than when logging in. There are sometimes occasions in which someone will legitimately lose access to their private keys, and the market can decide how to handle these situations, which will typically be that the person will need to earn trust subsequent to losing their private keys.

If 2FA is required to even log in, there will be instances in which the administration will be faced with the choice between not allowing someone who has evidence they are a long-standing forum member from accessing their account and potentially allowing an imported from accessing a long-standing forum member's account.
legendary
Activity: 2940
Merit: 3368
Crypto Swap Exchange
April 15, 2022, 11:48:13 AM
#6
there should be added support for any U2F keys like yubikey… or Trezor.
Only if it allows us to register multiple U2F keys or devices... I know a few platforms that have a limit of 1 and if you somehow lose both your device and the backup codes [or the recovery seed for Trezor], then you'd probably lose access "from your side [in other words, more work for the recovery team]"!
- I do know that the recovery options differ slightly based on the type of U2F device that's being used, but still...
legendary
Activity: 952
Merit: 1367
April 14, 2022, 04:48:13 PM
#5
Oh, it would be a great addition to the forum! I think not only Google Authenticator should be implemented, there should be added support for any U2F keys like yubikey… or Trezor.
https://blog.trezor.io/secure-two-factor-authentication-with-trezor-u2f-e940fd5a60af
full member
Activity: 627
Merit: 208
Belgian based crypto-enthusiast
April 13, 2022, 05:13:28 PM
#4
It may worth mentioning that although many see 2FA as ultimate safety, most keep the 2FA app on the same phone they need the 2FA codes - usually for crypto platforms/exchanges, but the new forum, if ever, will be another such case.

Known Bitcoin address is imho the best and most appropriate safety net.

I do share your opinion and 2FA is only as safe as the implementation of it is done securely, history has learned us that 2FA doesn't solve being secured. There are a lot of reports where 2FA could be bypassed etc.. nevertheless, I do opt for a more secure option to log in.
legendary
Activity: 3500
Merit: 6205
Farewell LEO, you *will* be missed.
April 12, 2022, 02:06:37 AM
#3
It may worth mentioning that although many see 2FA as ultimate safety, most keep the 2FA app on the same phone they need the 2FA codes - usually for crypto platforms/exchanges, but the new forum, if ever, will be another such case.

Known Bitcoin address is imho the best and most appropriate safety net.
copper member
Activity: 1974
Merit: 1757
฿itcoin for all, All for ฿itcoin.
April 11, 2022, 06:59:43 PM
#2
Hi,

I searched the forums and I was able to find an old thread, locked since some time now.
How about adding the option for 2FA when logging in? An integration with Google Authenticator or similar would greatly reduce the risk of account theft/ impersonation/ etc.

Thoughts? Ideas?

You are going to have to wait for it in the new forum software that is being polished up

Quote
Any plans for implementing some sort of a 2FA in the new forum? (this is especially important for people conducting trades over the forum)

Yes, there will be 2FA.

Admin has been reluctant to implement 2FA on this forum software, probably because it will be so time-consuming and so hard a task. You are definitely not the first to request for it

If someone wants to write a patch for it, I will seriously consider adding it. I believe that safely adding 2FA would be very time-consuming, so I'm not willing to do it myself or direct Slickage to do it.

That wouldn't eliminate the need for manual recoveries; it might even increase it as people lose their second factor. 2FA would be nice, but IMO the email notifications provide many of the same benefits, so it's not high on my to-do list.
copper member
Activity: 970
Merit: 287
Per aspera ad astra
April 11, 2022, 10:48:32 AM
#1
Hi,

I searched the forums and I was able to find an old thread, locked since some time now.
How about adding the option for 2FA when logging in? An integration with Google Authenticator or similar would greatly reduce the risk of account theft/ impersonation/ etc.

Thoughts? Ideas?

Cheers,
- anx.
Jump to: