Pages:
Author

Topic: Do you agree to have 2fa Authentication on Bitcointalk.org? (Read 494 times)

sr. member
Activity: 1204
Merit: 388
Adding a 2fa authentication doesn't really make sense to me since you can easily stake your BTC wallet here as the person controlling the account  You can follow this topic. 2fa can get compromised but this method is known to have saved accounts on this forum
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
I haven't changed my password since May 2015. But then I don't click on random web sites or log in using just any other computer or browser.

I do have a sorta staked bitcoin address and one of my threads has my GPG public key.

If 2FA using Time is offered, I'll use it. If not, you should be fine. Use randomly generated passwords and you should be fine.
legendary
Activity: 2632
Merit: 1883
Leading Crypto Sports Betting & Casino Platform
Many are proponents of the 2FA authentication factor, personally I like it, and I see it as an additional layer of protection, I think the idea is not bad, and all systems must be updated and not be left behind, because it is not right to stick with the traditional and less when it comes to security.

With the new Epochtalk software it will be integrated, I am sure that the 2fa option will be optional, it will only be a matter of waiting until it is released. In our local Spanish forum this topic has also emerged, and for now it is better to secure the account with a signed message, I know that the initiative is born because of the fear of being hacked, and more with what is happening today in the Crypto world .
legendary
Activity: 1722
Merit: 2213
I know some of us here is having issues on their bitcointalk account being hacked. I just want to know if many will agreed to have 2fa Authentication on our bitcointalk account to protect it from hacking specially those who have high ranks. I hope Bitcointalk.org team will plan to put 2fa Authentication on our accounts. Thanks 😊😊😊

2fa ties your account to your Phone #.
Phone # ties to your Real Name.

2fa won't keep you secure.
https://www.cnbc.com/2019/01/04/how-secure-is-your-account-two-factor-authentication-may-be-hackable.html
https://shahmeeramir.com/4-methods-to-bypass-two-factor-authentication-2b0075d9eb5f
https://www.fox47news.com/news/national/hacker-uses-sim-card-issue-to-bypass-security-take-money-and-information

Thinking anything with your cellphone will secure you, is a step in getting you hacked.
Don't trust Cellphones.

It's already been brought up, for for the love of Satoshi please don't use SMS 2FA unless there's no other option. It's super easy to bypass and completely insecure. Use Google authenticator (or any auth app that uses a dynamic code) or even better, a Yubikey (or any other physical device).

True story, having a 2FA device based on a phone number that you fundamentally don't own is completely insecure. Only something like relies on TOTP/HOTP whereby you can own the private key (and keep it encrypted) is better security. Snooping on SMS's and hijacking phone numbers is too easy to do these days.
sr. member
Activity: 1204
Merit: 270
Hire Bitcointalk Camp. Manager @ r7promotions.com
i thing no need 2fa Authentication on Bitcointalk.org , already some people answer your question theymos can help you if your hacked or losses access so why you want to 2fa Authentication system on Bitcointalk.org?
sr. member
Activity: 1876
Merit: 437
Catalog Websites
I know some of us here is having issues on their bitcointalk account being hacked. I just want to know if many will agreed to have 2fa Authentication on our bitcointalk account to protect it from hacking specially those who have high ranks. I hope Bitcointalk.org team will plan to put 2fa Authentication on our accounts. Thanks 😊😊😊
Agree, this could be a great add on security on the website, and also a lot of fake phishing websites on the internet trying to copy the bitcoin talk website having this extra security could prevent account hacking to a lot of members in the forums. But Personally I don't like 2fa Authentication because sometimes other websites don't have safety measures if you lost your phone number or sim card you should be able to recover it from email and using this 2fa authentication you should be able to monitor or trace the one who opens the account.
legendary
Activity: 1382
Merit: 1122
I know some of us here is having issues on their bitcointalk account being hacked. I just want to know if many will agreed to have 2fa Authentication on our bitcointalk account to protect it from hacking specially those who have high ranks. I hope Bitcointalk.org team will plan to put 2fa Authentication on our accounts. Thanks 😊😊😊

2fa ties your account to your Phone #.
Phone # ties to your Real Name.

2fa won't keep you secure.
https://www.cnbc.com/2019/01/04/how-secure-is-your-account-two-factor-authentication-may-be-hackable.html
https://shahmeeramir.com/4-methods-to-bypass-two-factor-authentication-2b0075d9eb5f
https://www.fox47news.com/news/national/hacker-uses-sim-card-issue-to-bypass-security-take-money-and-information

Thinking anything with your cellphone will secure you, is a step in getting you hacked.
Don't trust Cellphones.

It's already been brought up, for for the love of Satoshi please don't use SMS 2FA unless there's no other option. It's super easy to bypass and completely insecure. Use Google authenticator (or any auth app that uses a dynamic code) or even better, a Yubikey (or any other physical device).
legendary
Activity: 1722
Merit: 2213
Bitcoin doesn't need 2FA, neither does Bitcointalk.

Bitcointalk isn't secured via SHA256 private keys, or backed by high mining power, at least not last I checked. Otherwise I'd agree with you.
hero member
Activity: 2268
Merit: 669
Bitcoin Casino Est. 2013
Even if 2FA is implemented on bitcointalk.org as an optional feature for securing an account is that I won't enable it unless it is highly recommended (Is A Must) for a forum user's account. Enabling 2FA is kind of time consuming where you have to copy and paste code which I am not fond of doing this kind of stuff but it is indeed helpful to help increase the security measure if our account.
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
The last time this forum got hacked, and the hashed passwords were leaked, was in 2015. It might be a good idea to update your password if you haven't changed it since then.

Otherwise, if your password is 20+ characters long, you should be okay against brute force attacks. The security of the machine you use to log in to is separate and you should be responsible for that.
legendary
Activity: 2800
Merit: 2736
Farewell LEO: o_e_l_e_o


I hope 2FA will add on the security feature. I personally don't own a single Bitcoin address, I usually create new BTC wallet address for every transaction that I will made. I have trezor to store my personal BTC but never used that address for public transaction to protect my asset since I don't want someone snooping on my assets. With that reason, I'm having trouble to have a singe wallet address to used for staking in this forum.
This 2FA security is discussed many times but still no clear answer from the administration.
Well it does not take too much time to download Electrum, create a wallet, get one of the address and sign a message to post in the forum. I see you are a hero member and I expect you to know much better than a lot of the users in here.

Imagine somehow your account gets hacked or gets compromised. How are you going to get it back? The only way is to prove the ownership of the account and how are you going to do that if you do not have a signed bitcoin address.

I hope you now understand the importance.
legendary
Activity: 2044
Merit: 1018
Not your keys, not your coins!
Secured or unsecured, it depends on how people use their devices, their accounts, and their other activities on the Internet-space. People still be hacked with their accounts on crypto exchanges even there are 2FA protections.

If people are careless enough to use their emails, their accounts, and their devices, sure there is nothing can protect them.

If the forum already have official good supports for account recoveries, with recent supports from Cryptios team, and thread to stake Bitcoin address as proof of ownerships. I think those protection layers are enough.

Careless guys will even don't care to secure their Bitcoin wallets, and don't stake their Bitcoin addresses with signed messages. That's the problem.

Careless guys don't secure:
- Account password.
- Email password.
- Devices.
- Bitcoin wallet.
- Don't sign message.
- 2FA code if there is 2FA.

If there is 2FA, what if the forum stop supporting users with account recoveries?
legendary
Activity: 2483
Merit: 1482
-> morgen, ist heute, schon gestern <-
Quote
Do you agree to have 2fa Authentication on Bitcointalk.org?

As an 'option' to choose, maybe ok
but as a 'must' NO

legendary
Activity: 1974
Merit: 1150
~snip
In many cases, risking a signed bitcoin address is one way to secure an account from hacking.
But people want to have a better level of security like adding 2FA, maybe that is a good idea. But I think bitcointalk.org doesnt need it.
OP, you only need to signed bitcoin address if you want your account to be safe from hackers. I have not done it, and as soon as possible will signed here.

legendary
Activity: 2758
Merit: 6830
-snip-
All these news and phone # = real name are related to the SMS based 2FA. We aren’t talking about this kind of 2FA.

Here: https://en.m.wikipedia.org/wiki/Time-based_One-time_Password_algorithm

No phone number (actually not even a phone is required) and in all cases, you use if you want (which shouldn’t be a reason to not allow these who want to have the feature Smiley).
legendary
Activity: 2758
Merit: 6830
Where he said " It's coming with the new forum" about a more new feature as well as 2fa authenticator too. But that might not have been possible.
I thought we knew this already?

Quote
Planned Features

[...]
- 2-Factor Authentication
Source: http://epochtalk.org/map.html
legendary
Activity: 2436
Merit: 1189
Need Campaign Manager?PM on telegram @sujonali1819
I have found a post by hilariousandco about the 2fa Authentication of bitcointalk.org in 2015. Here: https://bitcointalksearch.org/topic/m.11713916
see this screenshot if you have not time to visit the link.



Where he said " It's coming with the new forum" about a more new feature as well as 2fa authenticator too. But that might not have been possible.


jr. member
Activity: 77
Merit: 5

Ohh I see I'm just new here, by the way what bitcoin wallet can you suggest for me that have signed message?
There is no announcement or requirement in what bitcoin wallet you need to use to signed message. You can use any bitcoin wallet that is safe and secured. Just search which best bitcoin wallet to use for storing your bitcoin and sign message it. You can visit this thread https://bitcointalksearch.org/topic/general-bitcoin-wallets-which-what-why-1631151 on what type of bitcoin wallet is best to use and sign message and this thread https://bitcointalksearch.org/topic/how-to-sign-a-message-990345 on how to sign message your bitcoin address.

Thanks for the link sir, this could be a big help for me to protect my bitcointalk account  Smiley Smiley Smiley
legendary
Activity: 1134
Merit: 1118
You can manage without 2FA if you are using an uncompromised email and both your email password and forum password are securely managed by a 2FA-backed up password manager. I don't think there is any reasonable way for 2FA to be implemented while we are on SMF.
hero member
Activity: 616
Merit: 526
2FA may not be possible with the current forum software but there has to be some security. For people using Exchanges as their BTC wallet or even the people who had created their accounts in Blockchain wallet recently do not have the option to stake their wallets. What if a user loses access to his staked wallet? In the future 2FA can be an option but does not need to be forced.
Pages:
Jump to: