- Shares startup difficulty is increased to x64 from x16.
- Targeting goal is decreased from 8 shares per minute to 6 shares per minute.
I'll perform some DB tweaks soon, this should help to make it faster.
Topic: [ANN] [LTC] [PPS] [OTP 2FA] [Stratum only] LTCMine PPS mining pool (3.3%) - page 52. (Read 227582 times)
April 27, 2013, 03:39:04 PM
Minor changes, service restarted.
I'll perform some DB tweaks soon, this should help to make it faster.
I'll perform some DB tweaks soon, this should help to make it faster.
April 27, 2013, 03:15:38 PM
Not at all. Mobile may be more secure because it can't be physically accessed without you knowing. 
https://github.com/mbmccormick/Authenticator/blob/master/Common/CodeGenerator.cs#L182
Edit: After all, it's java... and can't trust oracle! 
You can write your own OTP generator... Algorithm is quite simple https://github.com/mbmccormick/Authenticator/blob/master/Common/CodeGenerator.cs#L182
April 27, 2013, 03:10:11 PM
You are right with that, separated key storage on VPS/DS/Box/whatever will be more secure than mobile application. But it looks quite paranoid, I think. 
Guilty as charged! But still feeling safe at your pool party.Пpивeтcтвия!
Edit: After all, it's java... and can't trust oracle!
April 27, 2013, 03:01:53 PM
You are right with that, separated key storage on VPS/DS/Box/whatever will be more secure than mobile application. But it looks quite paranoid, I think.
April 27, 2013, 02:59:01 PM
Gotcha! That's absolutely true about not running it on the same machine you are logging in with, but still i think it's better to ssh to my miner/server through lan and run it there, no way mobile is gonna be more secure(?) The miner/server is a headless *nix box that has only the ports needed for mining opened to internet.
April 27, 2013, 02:43:59 PM
Actually it's more secure to use mobile application.
Why is this? In my experience at least mobile os are much more vulnerable to trojans and viruses as it is that their av development usually falls far behind even compared to windows. And I for one feel uncomfortable running anything that private on anything else than on a *nix platform at home. P.S. Just one example - I use JAuth on my Windows tablet. But there is nothing linked with pool at this tablet. No history records, no saved passwords, etc.
April 27, 2013, 02:39:20 PM
Actually it's more secure to use mobile application.
Why is this? In my experience at least mobile os are much more vulnerable to trojans and viruses as it is that their av development usually falls far behind even compared to windows. And I for one feel uncomfortable running anything that private on anything else than on a *nix platform at home. April 27, 2013, 02:25:49 PM
Actually it's more secure to use mobile application.
April 27, 2013, 02:19:28 PM
Cпacибo,
I was misguided by this post http://evadeflow.com/2011/09/desktop-authenticator-for-google-2fa/ , it seemed like google role there was just generating secret code for the phone/java app and developing android application. I have seen hardware time-based tokens, and how they work i believe you generate private/public key pair, embed public part in hardware token and use it together with system time to generate OTPs
Currently used implementation described by RFC 2289.I was misguided by this post http://evadeflow.com/2011/09/desktop-authenticator-for-google-2fa/ , it seemed like google role there was just generating secret code for the phone/java app and developing android application
. I have seen hardware time-based tokens, and how they work i believe you generate private/public key pair, embed public part in hardware token and use it together with system time to generate OTPsWorking perfectly with jauth and without google account, much appreciated. And special thanks for pointing to the RFC. After reading it very pleased on the concept. Banking level security is wise when dealing with financial assets.
April 27, 2013, 11:25:44 AM
Current status:
132 users has enabled OTP authentication today.
132 users has enabled OTP authentication today.
April 27, 2013, 07:40:39 AM
No, it wasn't OK. We had a technical problem with stratum server, now I applied workaround for this.
April 27, 2013, 07:31:03 AM
same here, stratum auth failed
edit: nm, it's up again
edit: nm, it's up again
April 27, 2013, 07:28:37 AM
Hi, I have the same problem: bad worker credentials
April 27, 2013, 07:19:33 AM
Hi! Trying to mine right now but I keep getting bad worker credentials. Tried with a different worker and still unable to connect. Is everything okay?
April 27, 2013, 06:23:20 AM
Fixed now. It was a problem with apache redirect settings.
April 27, 2013, 06:16:42 AM
When I go to http://ltcmine.ru I am immediately redirected to http://ltcmine.ru/tweak?act=newpassword which results in a "You are not authorized."
What's going on?
What's going on?
April 27, 2013, 06:05:19 AM
News for this weekend.
P.S. It is recommended to restart your session after password change or 2FA key generation.
- We see massive brute-force attempts, some chinese subnets are banned because of this.
- Due to brute-force attempts at ltcmine.ru, btc-e.com and give-me-ltc.com we decided to force all users to change their passwords. Password change request will appear after authorization.
- Wallet address change option automatically appears for 2FA users with new passwords, if 24 hours passed since 2FA activation.
P.S. It is recommended to restart your session after password change or 2FA key generation.
April 27, 2013, 04:52:13 AM
Hey when is the option coming available to change my address? I've activated 2FA, but there is still no option appearing to change the address.
April 26, 2013, 02:55:15 PM
algorithmic
I can reset your code, if you wish. And you will be able to try barcode scanning again with the new code.
I can reset your code, if you wish. And you will be able to try barcode scanning again with the new code.
I was going to offer, but looks like someone else succeeded already. Glad to do it if you need another test.
April 26, 2013, 01:04:50 PM
Jump to: