Topic: [BTC-TC] Virtual Community Exchange [CLOSED] - page 81. (Read 316652 times)
Does value analysis in portfolio take into account dividends when producing overall profit/loss amounts? If not, would it be possible to incorporate that? If the work isn't worth it don't worry about it, It would be nice to see though, if it was only a couple lines of code or so. Thanks in advance
Having trouble setting Google Authenticator up. Error says: "Invalid or Reused Google Auth." When I tick the box "Revoke Current Secret & Issue New Secret" the secret is not changed.
So, hypothetically, say someone forgot their PIN, is there a way for one to reset it or have it sent to their email?
Forgotten PIN resets are manual.
Please submit a support request via the website.Cheers.
So, hypothetically, say someone forgot their PIN, is there a way for one to reset it or have it sent to their email?
Looks great! If only TAT.VIRTUALMINE had a shorter name 
Loving the ticker now, glad timestamp was added!
Looks great! If only TAT.VIRTUALMINE had a shorter name
I like the realtime widget, which is a really great addition, @burnside could you please timestamp the trades? Thanks
FTFY
I could possibly timestamp them, but it'd expand the width of the window that pops out. Anyone see any issues with this?
Also, to keep it minimalist, how's about a simple hh:mm in 24h mode?
Cheers.
I couldn't resist. It's done now. Note that it required a CSS change to widen the window, so you may have to purge cache or ctrl-R reload.
The times are UTC if not logged in. If logged in it should use your selected account timezone.
Cheers.
I love it 
Wow.. burnside you are overreactive
Wow.. burnside you are overreactive
I like the realtime widget, which is a really great addition, @burnside could you please timestamp the trades? Thanks
FTFY
I could possibly timestamp them, but it'd expand the width of the window that pops out. Anyone see any issues with this?
Also, to keep it minimalist, how's about a simple hh:mm in 24h mode?
Cheers.
I like the realtime widget, which is a really great addition, @burnside could you please timestamp the trades? Thanks
FTFY
Something like [HH:MM:SS] (B/S) # @ price STOCK-NAME
I like the realtime widget, which is a really great addition, @burnside could you please timestamp the trades? Thanks
FTFY
I like the realtime widget, @burnside could you please timestamp the trades? Thanks
Most/all banks and brokerage sites I know of do not require 2FA for their users. It is always optional.
Most/all banks I know have 8 character passwords, useless pins as a fake primitive 2FA, and many similar practices that would make any sane developer scream.Banks are not exactly a paragon of "doing it right". Actually they are one of the most prominent examples of "patch together some badly coded stuff, if anything breaks we don't really care".
you might consider offering an SMS token as google does with gmail logins
While this is a good idea in general, keep in mind that recently weird things have happened.Until a reasonable explanation comes up for that, I wouldn't feel much safe with SMSs.
If you're going to do mandatory 2FA (which I agree with)
WTF.Why would you agree with such a thing?
Some of us don't run computers infested with spywares.
Most/all banks and brokerage sites I know of do not require 2FA for their users. It is always optional.
Most that I know of don't even provide it. I guess they're worried about confusing the masses. But they also have the ability to recover funds and/or undo most of the damage done after a hack. With bitcoin the damage once done, is done.
good day, Happy to see you are addressing important issues regarding security and transparency. Also I'd like to publicly thank you for your quick response to our meta divisions' inquiries. Keep up the good work, we are especially looking forward to any updates to the NPC aspects of the game...Ira
If you're going to do mandatory 2FA (which I agree with)
WTF.Why would you agree with such a thing?
Some of us don't run computers infested with spywares.
Most/all banks and brokerage sites I know of do not require 2FA for their users. It is always optional.
Interesting. I think all major banks in the Netherlands require some form of 2FA for internet banking, but they typically provide the device required.
Even though I've not had a problem with malware or other security-matters in a decade or so, I wouldn't want to transact non-trivial amounts of funds without 2FA.
If you're going to do mandatory 2FA (which I agree with)
WTF.Why would you agree with such a thing?
Some of us don't run computers infested with spywares.
Most/all banks and brokerage sites I know of do not require 2FA for their users. It is always optional.
Most that I know of don't even provide it. I guess they're worried about confusing the masses. But they also have the ability to recover funds and/or undo most of the damage done after a hack. With bitcoin the damage once done, is done.
If you're going to do mandatory 2FA (which I agree with)
WTF.Why would you agree with such a thing?
Some of us don't run computers infested with spywares.
Most/all banks and brokerage sites I know of do not require 2FA for their users. It is always optional.
... and this is exactly why I do not like this at all. I still need to have 2 or more computers.
That's, like, the whole point of 2FA.Yeah, you do gain additional security, since many keyloggers just grab as many passwords on autopilot and that's it. However, if someone is specifically targeting you or uses a more advanced keylogger, they can access the 2FA program just as easily as your password.
Running a 2FA program on your main machine is a bit like using a Mac for security: It's not inherently more secure, but since it's less targeted by attackers, your chance of getting hit is reduced.
Yubikeys and old phones are cheap and readily available. An old phone doesn't even need cellular service. Just wifi to get the app installed and once it's installed, it doesn't even need that except to occasionally sync the time. I think we're in a good place security-wise. Where we could improve:
- One-time use form tokens. These also prevent double button press form submission issues. (90% done, it's in testing now.)
- 2FA input in a few places that don't already have it. (most places that don't are not particularly sensitive.)
- Require 2FA to use the site. Essentially no trading would be allowed until 2FA was turned on. (still thinking this one over.)
Cheers.
- Require 2FA to use the site. Essentially no trading would be allowed until 2FA was turned on. (still thinking this one over.)
If you're going to do mandatory 2FA (which I agree with), you might consider offering an SMS token as google does with gmail logins. It's probably not as secure as some other options, but any additional security that requires more than just a concurrent session is probably beneficial.
It's not entirely reasonable (just yet) to assume that everyone who may be using BTCT or LTCGlobal has a smartphone - but a mobile phone and/or yubikey requirement makes sense.
Jump to: