OTP for withdrawal would solve all problems.
I could leave my browser open and nobody could steal my BTCs.
The reply I got from them about this was, : "no care"
Topic: Bitcoinica's poor security features. (user side) (Read 813 times)
4. Just log out every time you end using Bitcoinica. And don't use it on untrusted machines. You do this every time you're using your bank account online, right?
My bank account sites that I use time out after 15 mins and logout and money there is a lot harder to steal. Mine too, but still, it's a GOOD PRACTICE to log out every time you finish working with any online financial service, especially when it's responsible for enough money that you care for it.
I understand that some people would like to see this. But if Bitcoinica were to implement OTPs for withdrawals, I'd like to see it as an optional feature.
4. Just log out every time you end using Bitcoinica. And don't use it on untrusted machines. You do this every time you're using your bank account online, right?
My bank account sites that I use time out after 15 mins and logout and money there is a lot harder to steal.
1. There is one for logging in, and to play it safe, see no. 4
2. This should be addressed
3. Please no, I hate limits on Mt. Gox.
4. Just log out every time you end using Bitcoinica. And don't use it on untrusted machines. You do this every time you're using your bank account online, right?
2. This should be addressed
3. Please no, I hate limits on Mt. Gox.
4. Just log out every time you end using Bitcoinica. And don't use it on untrusted machines. You do this every time you're using your bank account online, right?
Bitcoinica has very weak security feature for an exchange.
1. There is no OTP for withdrawal., no yubikey
2. This is no way to lock an address for withdrawal.
3. There is no limit on withdrawal, not that I'd want one, but given point 1+2 there should be one.
4. This is no time-out for session to expire. (I'm working with 30-40 open browser windows, how often do you think I leave the computer without closing them all ?)
I'm going long with Bitcoinica, these worry me a lot.
I have for now created multiple account to protect from an open browser hack.
1. There is no OTP for withdrawal., no yubikey
2. This is no way to lock an address for withdrawal.
3. There is no limit on withdrawal, not that I'd want one, but given point 1+2 there should be one.
4. This is no time-out for session to expire. (I'm working with 30-40 open browser windows, how often do you think I leave the computer without closing them all ?)
I'm going long with Bitcoinica, these worry me a lot.
I have for now created multiple account to protect from an open browser hack.
Jump to: