Pages:
Author

Topic: [ANN] Boost your account security thanks to Mt.Gox's new Security Center!!! (Read 2722 times)

full member
Activity: 214
Merit: 100
Love my Yubikey

Thanks MtGox
newbie
Activity: 58
Merit: 0
One option (works for any google auth site) is to print out the QR code before enrolling your phone.  If you lose your phone and have the paper QR code backup you can just enroll another phone.  Make sure to keep the paper safe it essentially is the 2nd factor anyone with the paper can generate the correct codes.

Great answer! Thanks D&T Smiley
donator
Activity: 1218
Merit: 1079
Gerald Davis
One option (works for any google auth site) is to print out the QR code before enrolling your phone.  If you lose your phone and have the paper QR code backup you can just enroll another phone.  Make sure to keep the paper safe it essentially IS the 2nd factor.  Anyone with that QR code can generate the correct authentication number.
hero member
Activity: 490
Merit: 500
I have a question.  I have set up Google Authenticator for my Mt. Gox account on my Droid.  What happens if I lose my phone?  Am I locked out of my account?  If I set G.A. for withdrawls and Security Center only and then lose my phone, how can I make withdrawls?

I think you will need to provide with some information about your account IE: username, withdraw option, latest deposit..
But I would try not to loose it lol
newbie
Activity: 58
Merit: 0
I have a question.  I have set up Google Authenticator for my Mt. Gox account on my Droid.  What happens if my phone is lost, stolen, breaks, or dies?  Am I locked out of my account?  If I set G.A. for withdrawls and Security Center only, and my phone is lost, stolen, etc., how can I make withdrawls?
vip
Activity: 571
Merit: 504
I still <3 u Satoshi
Android, I used the 32 bit key.

I'm just saying because it may cause confusion
vip
Activity: 308
Merit: 250
Alright! it works! Just attached my google authenticator to my account.

Why the option for 16bit or 32 bit keys? What's the purpose behind that?


Good question, our tech explained me the reason yesterday and I still have difficulty to still understand it, still some application will accept both and some only one... Your device is an Android Phone? iPhone?
vip
Activity: 571
Merit: 504
I still <3 u Satoshi
Alright! it works! Just attached my google authenticator to my account.

Why the option for 16bit or 32 bit keys? What's the purpose behind that?

vip
Activity: 308
Merit: 250
Quote
You phone is not stupid, we found out what's going in and we are making some modification right now for you and people in your situation.

sweet! You guys rock. Next time I'm in Japan I'm going to bake you a cake

Should work now! Chose either one of the new 16Bit or 32 Bit Private Key
vip
Activity: 308
Merit: 250
Mr Mt Gox,

Can I use a Yubikey I got directly from Yubico ? I know you can reprogram those things and the new ones have 2 configuration slots.

Please send an email to the support team for that.

Cheers
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
Mr Mt Gox,

Can I use a Yubikey I got directly from Yubico ? I know you can reprogram those things and the new ones have 2 configuration slots.
vip
Activity: 571
Merit: 504
I still <3 u Satoshi
Quote
You phone is not stupid, we found out what's going in and we are making some modification right now for you and people in your situation.

sweet! You guys rock. Next time I'm in Japan I'm going to bake you a cake
vip
Activity: 308
Merit: 250
I'm trying to add a google authenticator to my account, but when I try to enter my private key into my phone the google app says that 8's and 9's are invalid characters.
 
edit: just to be sure... I'm supposed to be inputing the private key mt.gox generates into the google authenticator app in the field that says "enter your key" right? Thats how I'm interpreting it.


Do you have the same problem when scanning the QR Code?

Unfortunately my job requires that I not have phones capable of taking pictures. I have to type in the key manually.

edit: can anyone else test that for me? Maybe my phone is just plain stupid. See if you can input a 9 or 8 into the key field

You phone is not stupid, we found out what's going on and we are making some modification right now for you and people in your situation.
vip
Activity: 571
Merit: 504
I still <3 u Satoshi
I'm trying to add a google authenticator to my account, but when I try to enter my private key into my phone the google app says that 8's and 9's are invalid characters.
 
edit: just to be sure... I'm supposed to be inputing the private key mt.gox generates into the google authenticator app in the field that says "enter your key" right? Thats how I'm interpreting it.


Do you have the same problem when scanning the QR Code?

Unfortunately my job requires that I not have phones capable of taking pictures. I have to type in the key manually.

edit: can anyone else test that for me? Maybe my phone is just plain stupid. See if you can input a 9 or 8 into the key field
vip
Activity: 308
Merit: 250
I'm trying to add a google authenticator to my account, but when I try to enter my private key into my phone the google app says that 8's and 9's are invalid characters.
 
edit: just to be sure... I'm supposed to be inputing the private key mt.gox generates into the google authenticator app in the field that says "enter your key" right? Thats how I'm interpreting it.


Do you have the same problem when scanning the QR Code?
vip
Activity: 571
Merit: 504
I still <3 u Satoshi
I'm trying to add a google authenticator to my account, but when I try to enter my private key into my phone the google app says that 8's and 9's are invalid characters.
 
edit: just to be sure... I'm supposed to be inputing the private key mt.gox generates into the google authenticator app in the field that says "enter your key" right? Thats how I'm interpreting it.
vip
Activity: 308
Merit: 250
Google Auth.  Sweet.  I will be enabling NOW.

On edit a couple of suggestions:
The terms "security center" and "extra security" are used interchangeably.  Seems like you need a name change and didn't update all the text?

When adding a Google Auth the term "secret" isn't exactly clear.  Something like "confirm current authentication code" or some kind of popup or info tag might help.  Or maybe I am just stupid without my morning coffee.

A well deserved Thank you for enabling a universal solution.  I have no need or desire to use yubikey as it is a single site solution.  Worse I usually access bitcoin exchange via remote desktop session which doesn't play nice with yubikey.  Google Auth allows me cellphone to authenticate multiple sites and it is always with me and it is itself protected by a strong login.

Lastly I love the idea of only "locking down" withdrawals.  Awesome idea.

Thanks for your comments, we will check what can be don on the wording.
legendary
Activity: 1078
Merit: 1000
Charlie 'Van Bitcoin' Shrem
Good job MtGox

You guys really are the frontrunners in security  Smiley
legendary
Activity: 1008
Merit: 1000
Google Auth.  Sweet.  I will be enabling NOW.
A well deserved Thank you for enabling a universal solution.  Google Auth allows me cellphone to authenticate multiple sites and it is always with me and it is itself protected by a strong login.

+1 Very nice job Gox
sr. member
Activity: 476
Merit: 250
Tangible Cryptography LLC
Google Auth.  Sweet.  I will be enabling NOW.

On edit a couple of suggestions:
The terms "security center" and "extra security" are used interchangeably.  Seems like you need a name change and didn't update all the text?

When adding a Google Auth the term "secret" isn't exactly clear.  Something like "confirm current authentication code" or some kind of popup or info tag might help.  Or maybe I am just stupid without my morning coffee.

A well deserved Thank you for enabling a universal solution.  I have no need or desire to use yubikey as it is a single site solution.  Worse I usually access bitcoin exchange via remote desktop session which doesn't play nice with yubikey.  Google Auth allows me cellphone to authenticate multiple sites and it is always with me and it is itself protected by a strong login.

Lastly I love the idea of only "locking down" withdrawals.  Awesome idea.
Pages:
Jump to: