The way bc.i works is your browser gets a copy of the encrypted wallet when it visits a page with a legitimate identifier. So aliases make it easy for hackers to get copies of encrypted wallets. All they have to do is run a bot that loops over a dictionary and harvests encrypted wallets en masse. Then they can take their sweet time brute forcing those wallets using their GPU farms. This is how many ordinary users who used simple passwords lost their coins.
So now when you visit an alias you get an email that tells you your wallet identifier and then you login using that.
Topic: blockchain.info wallet: aliases don't work anymore? (Read 3615 times)
Removed as a security risk
Any more info on this? What's the involved risk, exactly? Bad alias + bad password = more vulnerable to attacks than random GUID + bad password?
I does reusing addresses relate to using an alias instead of a guid as a blockchain wallet ID?
Oops nevermind
Yes usernames are bad because most people will use the same one here, etc. Now if the database leaks, they can now brute force your wallet if they think you're a big target.
Removed as a security risk
Any more info on this? What's the involved risk, exactly? Bad alias + bad password = more vulnerable to attacks than random GUID + bad password?
I does reusing addresses relate to using an alias instead of a guid as a blockchain wallet ID?
Removed as a security risk
Any more info on this? What's the involved risk, exactly? Bad alias + bad password = more vulnerable to attacks than random GUID + bad password?
I know reusing addresses is forbidden mostly
Removed as a security risk
Any more info on this? What's the involved risk, exactly? Bad alias + bad password = more vulnerable to attacks than random GUID + bad password?
Removed as a security risk
Sorry for hijacking thread, but kinda the same issue.
How do I login with another alias?
Like if I have two wallets.
Currently the only way for me to do it, is to do it in private mode because cookies or something save the wallet identifier and I cannot change it without going into private mode browsing.
How do I login with another alias?
Like if I have two wallets.
Currently the only way for me to do it, is to do it in private mode because cookies or something save the wallet identifier and I cannot change it without going into private mode browsing.
I use a couple of blockchain.info wallets for spare change, and I always logged in using an alias link, such as https://blockchain.info/wallet/MyBigFatWallet (just a random example)
But for a while now, these alias links (or entering the alias manually at https://blockchain.info/wallet/login ) don't seem to work anymore. Instead I'm getting this:
Insecure Alias. Please login using your wallet identifier link.
So instead of the alias names, I now have to use the explicit wallet identifier, such as https://blockchain.info/wallet/5a1949f9-3a0d-53bd-1b7d-b7082e4b7ea1 (again, just a random example)
Piuk or anyone else: is this correct, or did I mess something up?
Note that the error is different from what I'm getting when entering a non-existing alias, in that case it just says "Unknown Wallet Identifier".
But for a while now, these alias links (or entering the alias manually at https://blockchain.info/wallet/login ) don't seem to work anymore. Instead I'm getting this:
Insecure Alias. Please login using your wallet identifier link.
So instead of the alias names, I now have to use the explicit wallet identifier, such as https://blockchain.info/wallet/5a1949f9-3a0d-53bd-1b7d-b7082e4b7ea1 (again, just a random example)
Piuk or anyone else: is this correct, or did I mess something up?
Note that the error is different from what I'm getting when entering a non-existing alias, in that case it just says "Unknown Wallet Identifier".
Jump to: