. FYI I have been using the android app. 
Topic: [ANN] [LTC] [PPS] [OTP 2FA] [Stratum only] LTCMine PPS mining pool (3.3%) - page 54. (Read 227582 times)
April 25, 2013, 01:44:35 PM
I have been using the 2FA auth and so far it works smooth for me anyway . FYI I have been using the android app.
. FYI I have been using the android app. 
April 25, 2013, 01:25:21 PM
2FA form rewritten. 
April 25, 2013, 09:55:13 AM
I remind you that any reports about 2FA are appreciated. When testing will be completed, I'll unlock address edit form for 2FA users.
April 25, 2013, 09:30:03 AM
rofloflo, send me PM with your account name, please.
April 25, 2013, 09:24:20 AM
For the past several hours I have been mining at an approx rate of 1000khs but no update no current reward.
Is this expected ?
As for Yipyip, definately an idiot lol....
Rule no.1 in the crypto world is to never leave any decent balance hanging anywhere besides your own LOCAL wallet.dat.
Balt has nothing to do with your friends' lack of etiquette in handling his own cash.
Is this expected ?
As for Yipyip, definately an idiot lol....
Rule no.1 in the crypto world is to never leave any decent balance hanging anywhere besides your own LOCAL wallet.dat.
Balt has nothing to do with your friends' lack of etiquette in handling his own cash.
April 25, 2013, 09:13:46 AM
stenkross
Such messages are too difficult to understand by person like him. People like YipYip are not capable to do anything useful. Submit piece of crap and run away (because they are afraid of responsibility for their own words and unable to apologize), that's all that they can do.
That's sad... I thought that YipYip was matured person.
Such messages are too difficult to understand by person like him. People like YipYip are not capable to do anything useful. Submit piece of crap and run away (because they are afraid of responsibility for their own words and unable to apologize), that's all that they can do.
That's sad... I thought that YipYip was matured person.
April 25, 2013, 08:32:43 AM
Cпacибo,
I was misguided by this post http://evadeflow.com/2011/09/desktop-authenticator-for-google-2fa/ , it seemed like google role there was just generating secret code for the phone/java app and developing android application
. I have seen hardware time-based tokens, and how they work i believe you generate private/public key pair, embed public part in hardware token and use it together with system time to generate OTPs
Currently used implementation described by RFC 2289. I was misguided by this post http://evadeflow.com/2011/09/desktop-authenticator-for-google-2fa/ , it seemed like google role there was just generating secret code for the phone/java app and developing android application
. I have seen hardware time-based tokens, and how they work i believe you generate private/public key pair, embed public part in hardware token and use it together with system time to generate OTPs
April 25, 2013, 08:23:16 AM
Cпacибo,
I was misguided by this post http://evadeflow.com/2011/09/desktop-authenticator-for-google-2fa/ , it seemed like google role there was just generating secret code for the phone/java app and developing android application. I have seen hardware time-based tokens, and how they work i believe you generate private/public key pair, embed public part in hardware token and use it together with system time to generate OTPs
I was misguided by this post http://evadeflow.com/2011/09/desktop-authenticator-for-google-2fa/ , it seemed like google role there was just generating secret code for the phone/java app and developing android application
. I have seen hardware time-based tokens, and how they work i believe you generate private/public key pair, embed public part in hardware token and use it together with system time to generate OTPs 
April 25, 2013, 08:06:12 AM
They used this list to access and steal $5k USD from my friends account
I'm new to ltcmine.ru, and new to bitcoin/litecoin community as a whole, so forgive my ignorance but, why store BTC/LTC worth $5k on a mining site (no offense Balthazar)?
I withdraw mine when I reach 10 LTC, because I trust noone but my own wallet.dat.
I can understand that does not work if you're a top miner, but even if you have 30MH/s, that would generate 80 LTC / day. If you generate that much I'd make sure to withdraw at least once / day or so.
April 25, 2013, 07:34:06 AM
I am trying to understand how it works here. You do not connect to google itself, right?
We are using google OTP api. It's quite simple:1) We are generating secret key, which then saved by our service and user.
2) System time of all sides syncronized from the same source.
3) User runs offline generation of OTP code using his copy of secret key and his own system time. Code will be valid for 60s since generation time.
4) User sends OTP code to us
5) We are calling OTP api method, which runs code validation
6) If it's returned true, code is valid and authentication is completed.
What if i have (or will be using) google auth on my phone with existing google account - can keys from ltcmine.ru and google "coexist"?
OTP api is completely independent from user accounts. It's used by google to implement authentication, but anyone also can use it for own services. And you can use any amount of secret keys simultaneously. April 25, 2013, 07:18:09 AM
If someone got a trojan, that isn't our fault. Try to think about it.
2) We don't store passwords, only salted hashes.
3) All pool funds except for withdrawn from compromised accounts are still here.
That's all.
Quote
What do u want me to explain u got hacked....u gave the hackers a complete list of usernames and passwords
1) We are not hacked. Simply try to understand this. 2) We don't store passwords, only salted hashes.
3) All pool funds except for withdrawn from compromised accounts are still here.
That's all.
April 25, 2013, 07:11:34 AM
P.S. You don't need google account for this. You only need the authentication codes generator application.
I am trying to understand how it works here. You do not connect to google itself, right? All verification is done on the phone(client) using time and secret key generated on the web? It seems different from i.e. https://www.duosecurity.com/features .
What if i have (or will be using) google auth on my phone with existing google account - can keys from ltcmine.ru and google "coexist"?
April 25, 2013, 07:03:17 AM
how would u like 1400ltc stolen from you and all u get from teh person that caused all of this is "its not my problem " and "I am sick of listening to it"
Did your friend loose the money from ltcmine.ru or btc-e.com ?
btc-e ...only because ltcmine.ru gave them a complete list of user names and passwords to use to access btc-e
What do u want me to explain u got hacked....u gave the hackers a complete list of usernames and passwords
They used this list to access and steal $5k USD from my friends account
Thats it !!
April 25, 2013, 06:51:26 AM
how would u like 1400ltc stolen from you and all u get from teh person that caused all of this is "its not my problem " and "I am sick of listening to it"
Did your friend loose the money from ltcmine.ru or btc-e.com ?
btc-e ...only because ltcmine.ru gave them a complete list of user names and passwords to use to access btc-e
April 25, 2013, 06:48:06 AM
how would u like 1400ltc stolen from you and all u get from teh person that caused all of this is "its not my problem " and "I am sick of listening to it"
Did your friend loose the money from ltcmine.ru or btc-e.com ?
btc-e ...only because ltcmine.ru gave them a complete list of user names and passwords to use to access btc-e
April 25, 2013, 06:45:49 AM
how would u like 1400ltc stolen from you and all u get from teh person that caused all of this is "its not my problem " and "I am sick of listening to it"
Did your friend loose the money from ltcmine.ru or btc-e.com ?
April 25, 2013, 06:43:12 AM
Stop taking this drugs, it's just an advice. Dumbass is already your middle name, your post has nothing connected with reality.
P.S. Our database wasn't compromised, so take care to explain your bullshit or get the fuck out of there.
P.S. Our database wasn't compromised, so take care to explain your bullshit or get the fuck out of there.
April 25, 2013, 05:53:55 AM
Previous post was updated.
April 25, 2013, 05:51:38 AM
Booбщe этo нe oчeнь пpaвильнo...
Кaк я пoнимaю, лaйткoв yкpaли нe тaк мнoгo.
Moжнo былo бы и кoмпeнcиpoвaть...
A кaкoгo poдa плaниpyeтcя кoмпeнcaция?
Кaк я пoнимaю, лaйткoв yкpaли нe тaк мнoгo.
Moжнo былo бы и кoмпeнcиpoвaть...
A кaкoгo poдa плaниpyeтcя кoмпeнcaция?
April 25, 2013, 05:35:16 AM
We are not obliged to do so, but we have a compensation plan.
Jump to: