Pages:
Author

Topic: Change your passwords (and secret question) (Suggest stake address) (Read 2048 times)

legendary
Activity: 1456
Merit: 1000
Locking thread it has lived it's life.  No need for it anymore.

I still STRONGLY suggest staking a BTC address if you have not done it yet.
legendary
Activity: 1456
Merit: 1000
Last day of thread. Tomorrow it will be locked and let die as most everyone knows about breach.

I suggest staking a btc address if you have not yet.
hero member
Activity: 532
Merit: 500
I get emails and advised to change the password only and is not to change the secret question

Can you post email? You should change it aswell as it's possible it was taken.
well now I've changed the secret question I do not want to take risks I hope that this forum could use 2FA google auth
legendary
Activity: 1456
Merit: 1000
Thanks for reminds, I just change my pass only, I'm not use secret question, that's important to set secret question?

I personally don't like it as it would allow change of password without email.  So if yo have a strong email password or better yet 2fa it really weakens your reset procedure.

Some use it, but I would stake a bitcoin address like I said.  And not use secret question.
legendary
Activity: 1456
Merit: 1000
I get emails and advised to change the password only and is not to change the secret question

Can you post email? You should change it aswell as it's possible it was taken.
legendary
Activity: 1106
Merit: 1000
Thanks for reminds, I just change my pass only, I'm not use secret question, that's important to set secret question?
hero member
Activity: 532
Merit: 500
I get emails and advised to change the password only and is not to change the secret question
legendary
Activity: 1456
Merit: 1000
Still highly reccomend all that care about their account stake a bitcoin address: You do it over in Meta - https://bitcointalksearch.org/topic/stake-your-bitcoin-address-here-996318

It needs to be a btc address you can sign a message with.  You ask someone else to quote the address that way if you are ever hacked 100 percent and lose access it would allow you to get your account back. 

With recent event's this is a very very good thing to have.

I also suggest that WE somehow suggest a 3rd method to send a PGP encrypted mail to a central email address, with a key phrase. When your account is compromised, you could just ask the Mod or that person to open that message with your key, to show proof that it's your account.

The email cannot be opened without the key. I know Protonmail provides a option where you send encrypted email to any person, and they can only open it, with the decryption password. It redirects you to the Protonmail service to open the email.

This is good for now, but people change Bitcoin addresses and the hacker can wipe threads and possibly backups too, if it's not stored offline.

I think it would be clever to make a print screen of your post, just to be safe.  Wink

That is whole reason of having someone else quote your post.  They are the proof.  Chances of your post and their post both changing are very slim.

Obviously keep the btc address stored very safe even a paper wallet would work.  You use it to sign for forum.

As far as suggesting a third way meta would be place to do that.  I don't disagree with PGP being another good option.
legendary
Activity: 1904
Merit: 1074
Still highly reccomend all that care about their account stake a bitcoin address: You do it over in Meta - https://bitcointalksearch.org/topic/stake-your-bitcoin-address-here-996318

It needs to be a btc address you can sign a message with.  You ask someone else to quote the address that way if you are ever hacked 100 percent and lose access it would allow you to get your account back. 

With recent event's this is a very very good thing to have.

I also suggest that WE somehow suggest a 3rd method to send a PGP encrypted mail to a central email address, with a key phrase. When your account is compromised, you could just ask the Mod or that person to open that message with your key, to show proof that it's your account.

The email cannot be opened without the key. I know Protonmail provides a option where you send encrypted email to any person, and they can only open it, with the decryption password. It redirects you to the Protonmail service to open the email.

This is good for now, but people change Bitcoin addresses and the hacker can wipe threads and possibly backups too, if it's not stored offline.

I think it would be clever to make a print screen of your post, just to be safe.  Wink
hero member
Activity: 700
Merit: 500
I noticed the site was down for a few days but did not check my e-mail about the need to change my password
Good to see it hasn't been hacked yet
Done and done thanks
legendary
Activity: 1456
Merit: 1000
This thread has about lived it's life.  In a day or two I will lock it as it was only really for the day's after the forum attack.

If you have not I highly suggest looking into staking a address still.  It is a smart thing to do and really does not take long.
newbie
Activity: 10
Merit: 0
Never recieved this message. But it does tell you in the news of this site to change your password.
legendary
Activity: 1456
Merit: 1000
Still highly reccomend all that care about their account stake a bitcoin address: You do it over in Meta - https://bitcointalksearch.org/topic/stake-your-bitcoin-address-here-996318

It needs to be a btc address you can sign a message with.  You ask someone else to quote the address that way if you are ever hacked 100 percent and lose access it would allow you to get your account back. 

With recent event's this is a very very good thing to have.
member
Activity: 103
Merit: 10
Ok will do this for sure to prevent my account from hi- jacking
legendary
Activity: 1120
Merit: 1000
looks like some signatures doesn't match and are leading to pishing sites.

So better type bitcointalk address before changing password than clicking in the link in email
legendary
Activity: 1456
Merit: 1000
thanks for this info , unfortunately I use the former password on a lot of sites. I hope the attacker does not sell this information to other attackers

After today I highly suggest stopping using that password.  I don't think we know if they have entire database.  But it is looking bad after today in meta.

Best is just to stop using it/change everywhere and if they sell it or try to use it you have rendered it useless.
full member
Activity: 182
Merit: 100
DaDice! Next Generation Dice Game
thanks for this info , unfortunately I use the former password on a lot of sites. I hope the attacker does not sell this information to other attackers
sr. member
Activity: 378
Merit: 250
Done, thank you guys
legendary
Activity: 1456
Merit: 1000
Also Highly Suggest to Stake a BTC address only you have access to.  You do it over in Meta - https://bitcointalksearch.org/topic/stake-your-bitcoin-address-here-996318

It needs to be a btc address you can sign a message with.  You ask someone else to quote the address that way if you are ever hacked 100 percent and lose access it would allow you to get your account back. 
legendary
Activity: 3542
Merit: 1352
Cashback 15%
I ain't receiving any spam email like the others here do. I only receive quoted replies to my posts and that is all fine by me. Also, I once considered putting a secret question to my account but changed my mind after I learned that having one would make your account more vulnerable to hacking attempts instead of having a second layer of protection for your account. Well in any case, I changed my password now. It's been a year or so since I last changed it, and luckily my account isn't compromised in any way.
Pages:
Jump to: