Topic: Create an option to get an e-mail notification someone logs in (Read 1062 times)

2FA can be and has been breached before.

Accessing iplogs IS a security feature as long as it is private to the user only.

So is a notification when a log in happens.

Both features exist on most secured websites like exchanges. I don't see how this would weaken the security of your forum account.

I am not liking the idea of ip log that is getting shared. The best way is 2FA and we are creating another complex solution that is not going to solve the problem.

What if , if hacker is also in same city?

I like this idea as well, not sure if it's doable though.

As I proposed a few days ago in the thread mentioned in OP by bones, the smartest way to implement this would be sending an email either

• Connection from a new ip, which you need to validate in the email
• Or, connection from a different geographical region, which you could also validate through a link sent to you

Of course this would have to be an opt in option since some people might have used dispensable email accounts to create their account here.

However maybe this could be enforced and encourage people to change their email address to one they actually have access to.

Hi everyone,

As you can imagine, I've been very busy the last three days trying to figure this thing out and improving my security here.
For those who don't know, I'm the OP of the thread that led to all this.

If I had any idea how I got hacked, I would share it, really. I haven't kept anything to myself in the other thread.
I was told hacking from a public wifi wasn't easy to do. I honestly don't know if it is or not. I don't know what can be done and how.

It seems that only my account here was compromised. Other accounts (bank, emails, wallets, exchanges...) seem ok.
That reinforces the idea that I was targeted because of my rep here.
So maybe, it comes from a phishing link or a malware that I would have downloaded here ? Even though I don't see myself doing it, I might have clicked the wrong thing, honestly I don't know.  

I've been using my wife's laptop for the past three days and I formatted my PC. The last IP logs (thank you Theymos for that) match so it looks safe . I'll definitely check on those very often.

I'm just a regular guy, definitely no tech expert. I apply basic recommendations, never thought this could happen to me and yet it did. I don't think anyone can say they're 100% safe.

These are my last IP logs. The ones in France match. Maybe you guys should check your own logs to see if any of those IPs shows up in them.

I'm sorry. I understand that this is done for personal monitoring of IP addresses. I probably made a mistake because I still don't speak English well. I meant that if a hacker gets access to the account, he will be able to find out the IP address belonging to the owner of the account.

How do hackers sign a message? Can you explain more about it, please. In my opinion, if real owners already signed a message previously before their accounts hacked. When they want to get accounts back, they have to sign another message with the same address. Hackers mostly can not have access to address used to sign message before. Personally, I think IPs show in that page only help users to discover strange IPs in their accounts' IP list, then if needed, they can change passwords of their accounts to have better security. It is just a preventive protectioin for users.
If accounts really hacked, real users can get their accounts back if they can show good proofs required in recovery process.

I think that this innovation (https://bitcointalk.org/myips.php) can create an anonymous threat to users who do not use all sorts of anonymizers (using a static IP address). For example if a hacker were to gain access to a user account they could be restored by a signed message but the anonymity of the user would be compromised. In my opinion this is a call to use VPN services. Am I right?

That is because of your service provider. I am not so sure if that is because they are using the Ip from the towers you are at.

Just like in the philippines the service provider just really sucks. You might even get similar IP from other people who uses the same service.

As long as you can recognize the date youve log in. I think thats just fine

If you browse on mobile, your IP assigned to you by your carrier can frequently change, and may not always be geographically accurate. The best way to check is to see what your IP is on your mobile, and check it directly against your logs.

As someone who always connects via a VPN, I'll need to build a small database of all the VPN servers I use and their public IPs, and then cross reference that against my logs periodically to be completely sure, but there's nothing I can see at the moment that stands out at me.

I can see my log now but it's mainly Unknown city and unknown country and plus today my logs don't show an IP address at all.

The log looks suspicious,
I have been logging from various locations, but some are definitely out of my recognised range.
Country is the same, but very strange IP locations popping out here and there.
I am going to change my password anyway.
This is the minimum required action.
But anyway this log need some double checking.

Theymos stepped in and did hard for forum users. The switch from bitcointalk.org to Epochtalk might be a huge migration (or hugest) in history of crypto forums. Mainly because bitcointalk.org is the biggest and unique crypto forum, for years. I don't know which set of security methods for accounts will be applied in the new forum with 2-factor authentication, but I guess there are three methods: emails, signed message, and 2FA. It will be likely a tripple security method, that is hard for hackers to steal accounts.

At the moment they could but in the 2nd part of his post CryptopreneurBrainboss says:
This could be useful for the current forum but once the forum switches to the new software, hopefully with a 2FA option, it would no longer be needed.

OP suggested like a 2 way factor authentication and yes it does sound good to use email rather than a smart phone with its number. A smartphone has disadvantage that whenever it will be stolen the the two way factor will be not be activated and it is the same as like you are also will not be able to access your btc precious account.

It's tricky to get email notifications right so that they're not too spammy. Maybe later.

For now, I added this page where you can see your IP logs for the past 30 days: https://bitcointalk.org/myips.php . You could pretty easily write a userscript to periodically check this and warn you if it's weird. (But don't scrape it on every pageload.)

I don't want to make older IP logs automatically accessible because that'd give a hacker a bunch of useful/sensitive information. But 30 days is probably not too harmful.

Depends on the type of authentication method used. You can extract session token/JWT's from request headers but again installing the fake cert on your own system and making sure the system accepts it is a very difficult task. Basically, your system will be already compromised if the MITM managed to install a fake cert on the system.

     First of all, let's get something straight. When an account gets hacked, the main blame goes to the hacker. It's not like hackers are some wild predatory animals that just can't control their instincts. I'm not suggesting that Bitcointalk holds people's hands. I'm just suggesting an additional tool for users to implement.

They can't hold your hand, account security falls on you.  No one to blame but yourself.

Or a keylogger, or an XSS exploit to grab the cookie, or his password was password123, or a salty ex-girlfriend/boyfriend tried to screw him over...

WiFi MITM attack isn't that simple IMO. To extract a password from an HTTPS session you'd need to fool the user into accepting a fake cert, or plant a fake CA.