Topic: Do you agree to have 2fa Authentication on Bitcointalk.org? (Read 484 times)
I haven't changed my password since May 2015. But then I don't click on random web sites or log in using just any other computer or browser.
I do have a sorta staked bitcoin address and one of my threads has my GPG public key.
If 2FA using Time is offered, I'll use it. If not, you should be fine. Use randomly generated passwords and you should be fine.
I do have a sorta staked bitcoin address and one of my threads has my GPG public key.
If 2FA using Time is offered, I'll use it. If not, you should be fine. Use randomly generated passwords and you should be fine.
Many are proponents of the 2FA authentication factor, personally I like it, and I see it as an additional layer of protection, I think the idea is not bad, and all systems must be updated and not be left behind, because it is not right to stick with the traditional and less when it comes to security.
With the new Epochtalk software it will be integrated, I am sure that the 2fa option will be optional, it will only be a matter of waiting until it is released. In our local Spanish forum this topic has also emerged, and for now it is better to secure the account with a signed message, I know that the initiative is born because of the fear of being hacked, and more with what is happening today in the Crypto world .
With the new Epochtalk software it will be integrated, I am sure that the 2fa option will be optional, it will only be a matter of waiting until it is released. In our local Spanish forum this topic has also emerged, and for now it is better to secure the account with a signed message, I know that the initiative is born because of the fear of being hacked, and more with what is happening today in the Crypto world .
I know some of us here is having issues on their bitcointalk account being hacked. I just want to know if many will agreed to have 2fa Authentication on our bitcointalk account to protect it from hacking specially those who have high ranks. I hope Bitcointalk.org team will plan to put 2fa Authentication on our accounts. Thanks 😊😊😊
2fa ties your account to your Phone #.
Phone # ties to your Real Name.
2fa won't keep you secure.
https://www.cnbc.com/2019/01/04/how-secure-is-your-account-two-factor-authentication-may-be-hackable.html
https://shahmeeramir.com/4-methods-to-bypass-two-factor-authentication-2b0075d9eb5f
https://www.fox47news.com/news/national/hacker-uses-sim-card-issue-to-bypass-security-take-money-and-information
Thinking anything with your cellphone will secure you, is a step in getting you hacked.
Don't trust Cellphones.
It's already been brought up, for for the love of Satoshi please don't use SMS 2FA unless there's no other option. It's super easy to bypass and completely insecure. Use Google authenticator (or any auth app that uses a dynamic code) or even better, a Yubikey (or any other physical device).
True story, having a 2FA device based on a phone number that you fundamentally don't own is completely insecure. Only something like relies on TOTP/HOTP whereby you can own the private key (and keep it encrypted) is better security. Snooping on SMS's and hijacking phone numbers is too easy to do these days.
i thing no need 2fa Authentication on Bitcointalk.org , already some people answer your question theymos can help you if your hacked or losses access so why you want to 2fa Authentication system on Bitcointalk.org?
I know some of us here is having issues on their bitcointalk account being hacked. I just want to know if many will agreed to have 2fa Authentication on our bitcointalk account to protect it from hacking specially those who have high ranks. I hope Bitcointalk.org team will plan to put 2fa Authentication on our accounts. Thanks 😊😊😊
Agree, this could be a great add on security on the website, and also a lot of fake phishing websites on the internet trying to copy the bitcoin talk website having this extra security could prevent account hacking to a lot of members in the forums. But Personally I don't like 2fa Authentication because sometimes other websites don't have safety measures if you lost your phone number or sim card you should be able to recover it from email and using this 2fa authentication you should be able to monitor or trace the one who opens the account. 
I know some of us here is having issues on their bitcointalk account being hacked. I just want to know if many will agreed to have 2fa Authentication on our bitcointalk account to protect it from hacking specially those who have high ranks. I hope Bitcointalk.org team will plan to put 2fa Authentication on our accounts. Thanks 😊😊😊
2fa ties your account to your Phone #.
Phone # ties to your Real Name.
2fa won't keep you secure.
https://www.cnbc.com/2019/01/04/how-secure-is-your-account-two-factor-authentication-may-be-hackable.html
https://shahmeeramir.com/4-methods-to-bypass-two-factor-authentication-2b0075d9eb5f
https://www.fox47news.com/news/national/hacker-uses-sim-card-issue-to-bypass-security-take-money-and-information
Thinking anything with your cellphone will secure you, is a step in getting you hacked.
Don't trust Cellphones.
It's already been brought up, for for the love of Satoshi please don't use SMS 2FA unless there's no other option. It's super easy to bypass and completely insecure. Use Google authenticator (or any auth app that uses a dynamic code) or even better, a Yubikey (or any other physical device).
Bitcoin doesn't need 2FA, neither does Bitcointalk.
Bitcointalk isn't secured via SHA256 private keys, or backed by high mining power, at least not last I checked. Otherwise I'd agree with you.
Even if 2FA is implemented on bitcointalk.org as an optional feature for securing an account is that I won't enable it unless it is highly recommended (Is A Must) for a forum user's account. Enabling 2FA is kind of time consuming where you have to copy and paste code which I am not fond of doing this kind of stuff but it is indeed helpful to help increase the security measure if our account.
The last time this forum got hacked, and the hashed passwords were leaked, was in 2015. It might be a good idea to update your password if you haven't changed it since then.
Otherwise, if your password is 20+ characters long, you should be okay against brute force attacks. The security of the machine you use to log in to is separate and you should be responsible for that.
Otherwise, if your password is 20+ characters long, you should be okay against brute force attacks. The security of the machine you use to log in to is separate and you should be responsible for that.
I hope 2FA will add on the security feature. I personally don't own a single Bitcoin address, I usually create new BTC wallet address for every transaction that I will made. I have trezor to store my personal BTC but never used that address for public transaction to protect my asset since I don't want someone snooping on my assets. With that reason, I'm having trouble to have a singe wallet address to used for staking in this forum.
This 2FA security is discussed many times but still no clear answer from the administration.
Imagine somehow your account gets hacked or gets compromised. How are you going to get it back? The only way is to prove the ownership of the account and how are you going to do that if you do not have a signed bitcoin address.
I hope you now understand the importance.
Secured or unsecured, it depends on how people use their devices, their accounts, and their other activities on the Internet-space. People still be hacked with their accounts on crypto exchanges even there are 2FA protections.
If people are careless enough to use their emails, their accounts, and their devices, sure there is nothing can protect them.
If the forum already have official good supports for account recoveries, with recent supports from Cryptios team, and thread to stake Bitcoin address as proof of ownerships. I think those protection layers are enough.
Careless guys will even don't care to secure their Bitcoin wallets, and don't stake their Bitcoin addresses with signed messages. That's the problem.
Careless guys don't secure:
- Account password.
- Email password.
- Devices.
- Bitcoin wallet.
- Don't sign message.
- 2FA code if there is 2FA.
If there is 2FA, what if the forum stop supporting users with account recoveries?
If people are careless enough to use their emails, their accounts, and their devices, sure there is nothing can protect them.
If the forum already have official good supports for account recoveries, with recent supports from Cryptios team, and thread to stake Bitcoin address as proof of ownerships. I think those protection layers are enough.
Careless guys will even don't care to secure their Bitcoin wallets, and don't stake their Bitcoin addresses with signed messages. That's the problem.
Careless guys don't secure:
- Account password.
- Email password.
- Devices.
- Bitcoin wallet.
- Don't sign message.
- 2FA code if there is 2FA.
If there is 2FA, what if the forum stop supporting users with account recoveries?
Quote
Do you agree to have 2fa Authentication on Bitcointalk.org?
As an 'option' to choose, maybe ok
but as a 'must' NO
~snip
In many cases, risking a signed bitcoin address is one way to secure an account from hacking.But people want to have a better level of security like adding 2FA, maybe that is a good idea. But I think bitcointalk.org doesnt need it.
OP, you only need to signed bitcoin address if you want your account to be safe from hackers. I have not done it, and as soon as possible will signed here.
-snip-
All these news and phone # = real name are related to the SMS based 2FA. We aren’t talking about this kind of 2FA.Here: https://en.m.wikipedia.org/wiki/Time-based_One-time_Password_algorithm
No phone number (actually not even a phone is required) and in all cases, you use if you want (which shouldn’t be a reason to not allow these who want to have the feature
). Where he said " It's coming with the new forum" about a more new feature as well as 2fa authenticator too. But that might not have been possible.
I thought we knew this already? Quote
Planned Features
[...]
- 2-Factor Authentication
Source: http://epochtalk.org/map.html [...]
- 2-Factor Authentication
legendary
Activity: 2436
Merit: 1189
Need Campaign Manager?PM on telegram @sujonali1819
I have found a post by hilariousandco about the 2fa Authentication of bitcointalk.org in 2015. Here: https://bitcointalksearch.org/topic/m.11713916
see this screenshot if you have not time to visit the link.
Where he said " It's coming with the new forum" about a more new feature as well as 2fa authenticator too. But that might not have been possible.
see this screenshot if you have not time to visit the link.
Where he said " It's coming with the new forum" about a more new feature as well as 2fa authenticator too. But that might not have been possible.
Ohh I see I'm just new here, by the way what bitcoin wallet can you suggest for me that have signed message?
Thanks for the link sir, this could be a big help for me to protect my bitcointalk account
You can manage without 2FA if you are using an uncompromised email and both your email password and forum password are securely managed by a 2FA-backed up password manager. I don't think there is any reasonable way for 2FA to be implemented while we are on SMF.
2FA may not be possible with the current forum software but there has to be some security. For people using Exchanges as their BTC wallet or even the people who had created their accounts in Blockchain wallet recently do not have the option to stake their wallets. What if a user loses access to his staked wallet? In the future 2FA can be an option but does not need to be forced.
Jump to: