Pages:
Author

Topic: [ANN] [LTC] [PPS] [OTP 2FA] [Stratum only] LTCMine PPS mining pool (3.3%) - page 54. (Read 227601 times)

full member
Activity: 201
Merit: 100
I have been using the 2FA auth and so far it works smooth for me anyway  Grin.  FYI I have been using the android app.
legendary
Activity: 3108
Merit: 1359
legendary
Activity: 3108
Merit: 1359
I remind you that any reports about 2FA are appreciated. When testing will be completed, I'll unlock address edit form for 2FA users.
legendary
Activity: 3108
Merit: 1359
rofloflo, send me PM with your account name, please.
newbie
Activity: 14
Merit: 0
For the past several hours I have been mining at an approx rate of 1000khs but no update no current reward.
Is this expected ?

As for Yipyip, definately an idiot lol....

Rule no.1 in the crypto world is to never leave any decent balance hanging anywhere besides your own LOCAL wallet.dat.
Balt has nothing to do with your friends' lack of etiquette in handling his own cash.
legendary
Activity: 3108
Merit: 1359
stenkross
Such messages are too difficult to understand by person like him. People like YipYip  are not capable to do anything useful. Submit piece of crap and run away (because they are afraid of responsibility for their own words and unable to apologize), that's all that they can do.

That's sad... I thought that YipYip was matured person.
legendary
Activity: 3108
Merit: 1359
Cпacибo,
I was misguided by this post http://evadeflow.com/2011/09/desktop-authenticator-for-google-2fa/ , it seemed like google role there was just generating secret code for the phone/java app and developing android application Smiley. I have seen hardware time-based tokens, and how they work i believe you generate private/public key pair, embed public part in hardware token and use it together with system time to generate OTPs
Currently used implementation described by RFC 2289.
newbie
Activity: 30
Merit: 0
Cпacибo,
I was misguided by this post http://evadeflow.com/2011/09/desktop-authenticator-for-google-2fa/ , it seemed like google role there was just generating secret code for the phone/java app and developing android application Smiley. I have seen hardware time-based tokens, and how they work i believe you generate private/public key pair, embed public part in hardware token and use it together with system time to generate OTPs
sr. member
Activity: 330
Merit: 250
They used this list to access and steal $5k USD from my friends account

I'm new to ltcmine.ru, and new to bitcoin/litecoin community as a whole, so forgive my ignorance but, why store BTC/LTC worth $5k on a mining site (no offense Balthazar)?
I withdraw mine when I reach 10 LTC, because I trust noone but my own wallet.dat.
I can understand that does not work if you're a top miner, but even if you have 30MH/s, that would generate 80 LTC / day. If you generate that much I'd make sure to withdraw at least once / day or so.
legendary
Activity: 3108
Merit: 1359
I am trying to understand how it works here. You do not connect to google itself, right?
We are using google OTP api. It's quite simple:

1) We are generating secret key, which then saved by our service and user.
2) System time of all sides syncronized from the same source.
3) User runs offline generation of OTP code using his copy of secret key and his own system time. Code will be valid for 60s since generation time.
4) User sends OTP code to us
5) We are calling OTP api method, which runs code validation
6) If it's returned true, code is valid and authentication is completed.

What if i have (or will be using) google auth on my phone with existing google account - can keys from ltcmine.ru and google "coexist"?
OTP api is completely independent from user accounts. It's used by google to implement authentication, but anyone also can use it for own services. And you can use any amount of secret keys simultaneously.
legendary
Activity: 3108
Merit: 1359
If someone got a trojan, that isn't our fault. Try to think about it.

Quote
What do u want me to explain u got hacked....u gave the hackers a complete list of usernames and passwords
1) We are not hacked. Simply try to understand this.
2) We don't store passwords, only salted hashes.
3) All pool funds except for withdrawn from compromised accounts are still here.

That's all.
newbie
Activity: 30
Merit: 0
P.S. You don't need google account for this. You only need the authentication codes generator application.

I am trying to understand how it works here. You do not connect to google itself, right? All verification is done on the phone(client) using time and secret key generated on the web? It seems different from i.e. https://www.duosecurity.com/features .
What if i have (or will be using) google auth on my phone with existing google account - can keys from ltcmine.ru and google "coexist"?
hero member
Activity: 574
Merit: 500
how would u like 1400ltc stolen from you and all u get from teh person that caused all of this is "its not my problem " and "I am sick of listening to it"

Did your friend loose the money from ltcmine.ru or btc-e.com ?

btc-e ...only because ltcmine.ru gave them a complete list of user names and passwords to use to access btc-e  Angry


I'm asking you again, take care to explain your bullshit.

What do u want me to explain u got hacked....u gave the hackers a complete list of usernames and passwords

They used this list to access and steal $5k USD from my friends account

Thats it !!
legendary
Activity: 3108
Merit: 1359
how would u like 1400ltc stolen from you and all u get from teh person that caused all of this is "its not my problem " and "I am sick of listening to it"

Did your friend loose the money from ltcmine.ru or btc-e.com ?

btc-e ...only because ltcmine.ru gave them a complete list of user names and passwords to use to access btc-e  Angry


I'm asking you again, take care to explain your bullshit.
hero member
Activity: 574
Merit: 500
how would u like 1400ltc stolen from you and all u get from teh person that caused all of this is "its not my problem " and "I am sick of listening to it"

Did your friend loose the money from ltcmine.ru or btc-e.com ?

btc-e ...only because ltcmine.ru gave them a complete list of user names and passwords to use to access btc-e  Angry

sr. member
Activity: 330
Merit: 250
how would u like 1400ltc stolen from you and all u get from teh person that caused all of this is "its not my problem " and "I am sick of listening to it"

Did your friend loose the money from ltcmine.ru or btc-e.com ?
legendary
Activity: 3108
Merit: 1359
Stop taking this drugs, it's just an advice. Dumbass is already your middle name, your post has nothing connected with reality.

P.S. Our database wasn't compromised, so take care to explain your bullshit or get the fuck out of there.
legendary
Activity: 3108
Merit: 1359
Previous post was updated.
sr. member
Activity: 406
Merit: 254
Booбщe этo нe oчeнь пpaвильнo...
Кaк я пoнимaю, лaйткoв yкpaли нe тaк мнoгo.
Moжнo былo бы и кoмпeнcиpoвaть...

A кaкoгo poдa плaниpyeтcя кoмпeнcaция?
legendary
Activity: 3108
Merit: 1359
We are not obliged to do so, but we have a compensation plan.
Pages:
Jump to: