Author

Topic: Do you agree to have 2fa Authentication on Bitcointalk.org? (Read 494 times)

sr. member
Activity: 1204
Merit: 388
Adding a 2fa authentication doesn't really make sense to me since you can easily stake your BTC wallet here as the person controlling the account  You can follow this topic. 2fa can get compromised but this method is known to have saved accounts on this forum
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
I haven't changed my password since May 2015. But then I don't click on random web sites or log in using just any other computer or browser.

I do have a sorta staked bitcoin address and one of my threads has my GPG public key.

If 2FA using Time is offered, I'll use it. If not, you should be fine. Use randomly generated passwords and you should be fine.
legendary
Activity: 2590
Merit: 1882
Leading Crypto Sports Betting & Casino Platform
Many are proponents of the 2FA authentication factor, personally I like it, and I see it as an additional layer of protection, I think the idea is not bad, and all systems must be updated and not be left behind, because it is not right to stick with the traditional and less when it comes to security.

With the new Epochtalk software it will be integrated, I am sure that the 2fa option will be optional, it will only be a matter of waiting until it is released. In our local Spanish forum this topic has also emerged, and for now it is better to secure the account with a signed message, I know that the initiative is born because of the fear of being hacked, and more with what is happening today in the Crypto world .
legendary
Activity: 1722
Merit: 2213
I know some of us here is having issues on their bitcointalk account being hacked. I just want to know if many will agreed to have 2fa Authentication on our bitcointalk account to protect it from hacking specially those who have high ranks. I hope Bitcointalk.org team will plan to put 2fa Authentication on our accounts. Thanks 😊😊😊

2fa ties your account to your Phone #.
Phone # ties to your Real Name.

2fa won't keep you secure.
https://www.cnbc.com/2019/01/04/how-secure-is-your-account-two-factor-authentication-may-be-hackable.html
https://shahmeeramir.com/4-methods-to-bypass-two-factor-authentication-2b0075d9eb5f
https://www.fox47news.com/news/national/hacker-uses-sim-card-issue-to-bypass-security-take-money-and-information

Thinking anything with your cellphone will secure you, is a step in getting you hacked.
Don't trust Cellphones.

It's already been brought up, for for the love of Satoshi please don't use SMS 2FA unless there's no other option. It's super easy to bypass and completely insecure. Use Google authenticator (or any auth app that uses a dynamic code) or even better, a Yubikey (or any other physical device).

True story, having a 2FA device based on a phone number that you fundamentally don't own is completely insecure. Only something like relies on TOTP/HOTP whereby you can own the private key (and keep it encrypted) is better security. Snooping on SMS's and hijacking phone numbers is too easy to do these days.
sr. member
Activity: 1204
Merit: 270
Hire Bitcointalk Camp. Manager @ r7promotions.com
i thing no need 2fa Authentication on Bitcointalk.org , already some people answer your question theymos can help you if your hacked or losses access so why you want to 2fa Authentication system on Bitcointalk.org?
sr. member
Activity: 1820
Merit: 436
I know some of us here is having issues on their bitcointalk account being hacked. I just want to know if many will agreed to have 2fa Authentication on our bitcointalk account to protect it from hacking specially those who have high ranks. I hope Bitcointalk.org team will plan to put 2fa Authentication on our accounts. Thanks 😊😊😊
Agree, this could be a great add on security on the website, and also a lot of fake phishing websites on the internet trying to copy the bitcoin talk website having this extra security could prevent account hacking to a lot of members in the forums. But Personally I don't like 2fa Authentication because sometimes other websites don't have safety measures if you lost your phone number or sim card you should be able to recover it from email and using this 2fa authentication you should be able to monitor or trace the one who opens the account.
legendary
Activity: 1382
Merit: 1122
I know some of us here is having issues on their bitcointalk account being hacked. I just want to know if many will agreed to have 2fa Authentication on our bitcointalk account to protect it from hacking specially those who have high ranks. I hope Bitcointalk.org team will plan to put 2fa Authentication on our accounts. Thanks 😊😊😊

2fa ties your account to your Phone #.
Phone # ties to your Real Name.

2fa won't keep you secure.
https://www.cnbc.com/2019/01/04/how-secure-is-your-account-two-factor-authentication-may-be-hackable.html
https://shahmeeramir.com/4-methods-to-bypass-two-factor-authentication-2b0075d9eb5f
https://www.fox47news.com/news/national/hacker-uses-sim-card-issue-to-bypass-security-take-money-and-information

Thinking anything with your cellphone will secure you, is a step in getting you hacked.
Don't trust Cellphones.

It's already been brought up, for for the love of Satoshi please don't use SMS 2FA unless there's no other option. It's super easy to bypass and completely insecure. Use Google authenticator (or any auth app that uses a dynamic code) or even better, a Yubikey (or any other physical device).
legendary
Activity: 1722
Merit: 2213
Bitcoin doesn't need 2FA, neither does Bitcointalk.

Bitcointalk isn't secured via SHA256 private keys, or backed by high mining power, at least not last I checked. Otherwise I'd agree with you.
hero member
Activity: 2268
Merit: 669
Bitcoin Casino Est. 2013
Even if 2FA is implemented on bitcointalk.org as an optional feature for securing an account is that I won't enable it unless it is highly recommended (Is A Must) for a forum user's account. Enabling 2FA is kind of time consuming where you have to copy and paste code which I am not fond of doing this kind of stuff but it is indeed helpful to help increase the security measure if our account.
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
The last time this forum got hacked, and the hashed passwords were leaked, was in 2015. It might be a good idea to update your password if you haven't changed it since then.

Otherwise, if your password is 20+ characters long, you should be okay against brute force attacks. The security of the machine you use to log in to is separate and you should be responsible for that.
legendary
Activity: 2800
Merit: 2736
Farewell LEO: o_e_l_e_o


I hope 2FA will add on the security feature. I personally don't own a single Bitcoin address, I usually create new BTC wallet address for every transaction that I will made. I have trezor to store my personal BTC but never used that address for public transaction to protect my asset since I don't want someone snooping on my assets. With that reason, I'm having trouble to have a singe wallet address to used for staking in this forum.
This 2FA security is discussed many times but still no clear answer from the administration.
Well it does not take too much time to download Electrum, create a wallet, get one of the address and sign a message to post in the forum. I see you are a hero member and I expect you to know much better than a lot of the users in here.

Imagine somehow your account gets hacked or gets compromised. How are you going to get it back? The only way is to prove the ownership of the account and how are you going to do that if you do not have a signed bitcoin address.

I hope you now understand the importance.
legendary
Activity: 2044
Merit: 1018
Not your keys, not your coins!
Secured or unsecured, it depends on how people use their devices, their accounts, and their other activities on the Internet-space. People still be hacked with their accounts on crypto exchanges even there are 2FA protections.

If people are careless enough to use their emails, their accounts, and their devices, sure there is nothing can protect them.

If the forum already have official good supports for account recoveries, with recent supports from Cryptios team, and thread to stake Bitcoin address as proof of ownerships. I think those protection layers are enough.

Careless guys will even don't care to secure their Bitcoin wallets, and don't stake their Bitcoin addresses with signed messages. That's the problem.

Careless guys don't secure:
- Account password.
- Email password.
- Devices.
- Bitcoin wallet.
- Don't sign message.
- 2FA code if there is 2FA.

If there is 2FA, what if the forum stop supporting users with account recoveries?
legendary
Activity: 2483
Merit: 1482
-> morgen, ist heute, schon gestern <-
Quote
Do you agree to have 2fa Authentication on Bitcointalk.org?

As an 'option' to choose, maybe ok
but as a 'must' NO

legendary
Activity: 1974
Merit: 1150
~snip
In many cases, risking a signed bitcoin address is one way to secure an account from hacking.
But people want to have a better level of security like adding 2FA, maybe that is a good idea. But I think bitcointalk.org doesnt need it.
OP, you only need to signed bitcoin address if you want your account to be safe from hackers. I have not done it, and as soon as possible will signed here.

legendary
Activity: 2758
Merit: 6830
-snip-
All these news and phone # = real name are related to the SMS based 2FA. We aren’t talking about this kind of 2FA.

Here: https://en.m.wikipedia.org/wiki/Time-based_One-time_Password_algorithm

No phone number (actually not even a phone is required) and in all cases, you use if you want (which shouldn’t be a reason to not allow these who want to have the feature Smiley).
legendary
Activity: 2758
Merit: 6830
Where he said " It's coming with the new forum" about a more new feature as well as 2fa authenticator too. But that might not have been possible.
I thought we knew this already?

Quote
Planned Features

[...]
- 2-Factor Authentication
Source: http://epochtalk.org/map.html
legendary
Activity: 2436
Merit: 1189
Need Campaign Manager?PM on telegram @sujonali1819
I have found a post by hilariousandco about the 2fa Authentication of bitcointalk.org in 2015. Here: https://bitcointalksearch.org/topic/m.11713916
see this screenshot if you have not time to visit the link.



Where he said " It's coming with the new forum" about a more new feature as well as 2fa authenticator too. But that might not have been possible.


jr. member
Activity: 77
Merit: 5

Ohh I see I'm just new here, by the way what bitcoin wallet can you suggest for me that have signed message?
There is no announcement or requirement in what bitcoin wallet you need to use to signed message. You can use any bitcoin wallet that is safe and secured. Just search which best bitcoin wallet to use for storing your bitcoin and sign message it. You can visit this thread https://bitcointalksearch.org/topic/general-bitcoin-wallets-which-what-why-1631151 on what type of bitcoin wallet is best to use and sign message and this thread https://bitcointalksearch.org/topic/how-to-sign-a-message-990345 on how to sign message your bitcoin address.

Thanks for the link sir, this could be a big help for me to protect my bitcointalk account  Smiley Smiley Smiley
legendary
Activity: 1134
Merit: 1118
You can manage without 2FA if you are using an uncompromised email and both your email password and forum password are securely managed by a 2FA-backed up password manager. I don't think there is any reasonable way for 2FA to be implemented while we are on SMF.
hero member
Activity: 616
Merit: 526
2FA may not be possible with the current forum software but there has to be some security. For people using Exchanges as their BTC wallet or even the people who had created their accounts in Blockchain wallet recently do not have the option to stake their wallets. What if a user loses access to his staked wallet? In the future 2FA can be an option but does not need to be forced.
TGD
hero member
Activity: 1288
Merit: 620
Wen Rolex?
^^
This has been talked several times and I thinking in this current system we will not have it however may be in the new forum software we may have something to keep our accounts more secure.
Alternatively, you can stake one of your bitcoin address with a sign message just in case of any compromised case you can prove the you are the original account holder.

I hope 2FA will add on the security feature. I personally don't own a single Bitcoin address, I usually create new BTC wallet address for every transaction that I will made. I have trezor to store my personal BTC but never used that address for public transaction to protect my asset since I don't want someone snooping on my assets. With that reason, I'm having trouble to have a singe wallet address to used for staking in this forum.
This 2FA security is discussed many times but still no clear answer from the administration.
hero member
Activity: 2240
Merit: 537
FREE passive income eBook @ tinyurl.com/PIA10

What if it's optional?

I'm confident it's definitely optional. No sites I've been on that strictly enforce 2FA unless you're working with those P&C stuffs (banking, tech, nuclear)
legendary
Activity: 2114
Merit: 2248
Playgram - The Telegram Casino
2fa is not going to be implemented on the forum, but you can use 2fa on the external sites that link to bitcointalk if you want extra security, such as your email address (if it permits it). If you observe the basic security measures and avoid logging in on external devices and clicking on phishing links, your account shod be fine. Don't expose your email address on your profile as well.
legendary
Activity: 2044
Merit: 1018
Not your keys, not your coins!
My very short answer.
List of Answered Suggestions. Please don't create topics before read them all!

2-Factors Authentication
TopicsDatewritten by
_____________________________________________________________________________________________________________________
Can bitcointalk.org get 2 factor authentication?17/4/2013StevenPine
Why doesn't Bitcointalk support 2FA?14/5/2016cryptoheadd
2FA on bitcoin talk05/9/2017dreamer81
Isn't it time to introduce 2FA to enhance user account security ?24/3/2018DdmrDdmr
Bitcointalk.org 2FA option/feature13/11/2018tiikol
Should there be an option of adding 2fa for forum accounts?30/5/2019iamsheikhadil
donator
Activity: 4760
Merit: 4323
Leading Crypto Sports Betting & Casino Platform
Bitcoin doesn't need 2FA, neither does Bitcointalk.
legendary
Activity: 2758
Merit: 6830
No!
I don't want more hoops to log in.
What if it's optional?
hero member
Activity: 1659
Merit: 687
LoyceV on the road. Or couch.
No!
I don't want more hoops to log in.
legendary
Activity: 3234
Merit: 1375
Slava Ukraini!
Many people are waiting for 2FA to be implemented here for many years already. But it won't be added before new forum software will be fully released.
Despite this, there is still some methods how to protect your Bitcointalk account. Starting from basic things like using strong and unique password. And finishing with things like staking your Bitcoin address with a signed message and using 2FA on your email account.
copper member
Activity: 1666
Merit: 1901
Amazon Prime Member #7
2FA is difficult to implement with the version of SMF the forum is using, and it is unlikely to be implemented until the new forum goes live.
hero member
Activity: 1092
Merit: 582
As we are not dealing with money on bitcointalk, it shouldn't be required. Staked bitcoin address or other addresses could be used in case of an account hack. It is a long process though.

Although I'll suggest freezing the email id, it will surely decrease the work of admin/moderators. Making the email change process chargeable after verifying the staked address is what I suggest.
legendary
Activity: 3374
Merit: 3095
Playbet.io - Crypto Casino and Sportsbook
2fa is not the only option to secure your BTCtalk account staking BTC address is enough to protect your account or if your account was hacked you can make a signed message of old stake address to recover your account back.

Since you are newbie better start posting your BTC address in this thread here https://bitcointalksearch.org/topic/stake-your-bitcoin-address-here-996318 and request to someone to quote it for future referrence.
legendary
Activity: 2338
Merit: 10802
There are lies, damned lies and statistics. MTwain
There’s a small recap of threads that have versed on 2FA on the forum in this thread: List of Answered Suggestions. Please don't create topics before read them all!. I asked the same question a couple of months after joining, surprised that it was not available as an optional feature.

There’s also this:

<…>
@theymos, couldn't a lot of this be avoided if we had a 2FA system in place?  I know you don't want to use the google system, and I don't blame you, but what about a decentralized system like using a PGP public key to generate single-use passwords, and send PGP encrypted password recovery links to the registered email?

I know we've discussed this numerous times, and it's always been shutdown.  Forgive me if I'm beating a dead horse, but I think I would rather live the downsides of a 2FA system opposed to the downsides of farming out account recovery.

That wouldn't eliminate the need for manual recoveries; it might even increase it as people lose their second factor. 2FA would be nice, but IMO the email notifications provide many of the same benefits, so it's not high on my to-do list.
hero member
Activity: 2268
Merit: 669
Bitcoin Casino Est. 2013

Ohh I see I'm just new here, by the way what bitcoin wallet can you suggest for me that have signed message?
There is no announcement or requirement in what bitcoin wallet you need to use to signed message. You can use any bitcoin wallet that is safe and secured. Just search which best bitcoin wallet to use for storing your bitcoin and sign message it. You can visit this thread https://bitcointalksearch.org/topic/general-bitcoin-wallets-which-what-why-1631151 on what type of bitcoin wallet is best to use and sign message and this thread https://bitcointalksearch.org/topic/how-to-sign-a-message-990345 on how to sign message your bitcoin address .
jr. member
Activity: 77
Merit: 5
^^
This has been talked several times and I thinking in this current system we will not have it however may be in the new forum software we may have something to keep our accounts more secure.
Alternatively, you can stake one of your bitcoin address with a sign message just in case of any compromised case you can prove the you are the original account holder.

Ohh I see I'm just new here, by the way what bitcoin wallet can you suggest for me that have signed message?
legendary
Activity: 2800
Merit: 2736
Farewell LEO: o_e_l_e_o
^^
This has been talked several times and I thinking in this current system we will not have it however may be in the new forum software we may have something to keep our accounts more secure.
Alternatively, you can stake one of your bitcoin address with a sign message just in case of any compromised case you can prove the you are the original account holder.
jr. member
Activity: 77
Merit: 5
I know some of us here is having issues on their bitcointalk account being hacked. I just want to know if many will agreed to have 2fa Authentication on our bitcointalk account to protect it from hacking specially those who have high ranks. I hope Bitcointalk.org team will plan to put 2fa Authentication on our accounts. Thanks 😊😊😊
Jump to: