Email address change | Bitcointalksearch.org

shapetwist

hero member

Activity: 504

Merit: 502

Quote from: Coin-Keeper on February 15, 2017, 04:25:39 PM

The weak link in my model would be where a system design uses weak/stupid OPsec. For instance, they stupidly keep a staked wallet online and worse they don't encrypt their SEED since they don't use the wallet for transactions. Not thinking, when someone hacks their computer and the seed is visible they can create the same wallet and then sign accounts on the hacked username here. I know this is BTC-101 but if your seed is stolen so is your ID where address signing is used. I know you are familiar with this, but its the weak link.

I place great deference to signed btc addresses. If I see a member did things correctly and if they can sign again while I am dealing with them via PM or wherever I will accept that. I spread TRUST sparingly but you have to use tools to help you. Its good enough for me!

I get you. Would another layer of opsec like pgp signing would make things better?
We have to account that people save important info on their computers that they shouldn't. It's pretty hard to be fool proof as far as I understand it.

Coin-Keeper

hero member

Activity: 758

Merit: 606

The weak link in my model would be where a system design uses weak/stupid OPsec. For instance, they stupidly keep a staked wallet online and worse they don't encrypt their SEED since they don't use the wallet for transactions. Not thinking, when someone hacks their computer and the seed is visible they can create the same wallet and then sign accounts on the hacked username here. I know this is BTC-101 but if your seed is stolen so is your ID where address signing is used. I know you are familiar with this, but its the weak link.

I place great deference to signed btc addresses. If I see a member did things correctly and if they can sign again while I am dealing with them via PM or wherever I will accept that. I spread TRUST sparingly but you have to use tools to help you. Its good enough for me!

shapetwist

hero member

Activity: 504

Merit: 502

Quote from: Coin-Keeper on February 15, 2017, 04:12:13 PM

And looking at this from the other vantage point; if I were to notice a changed email address and the account username could not AGAIN (after the change) sign a message on the previously staked address it would be a NO GO for me personally. I would encourage any members here to employ that requirement against my account without exception. I don't have my staked address wallet anywhere on an online machine. There is NO possibility of a signed message on that address from any other person. I am hoping all members here are helping to protect this site with the same strict measures. If all members here employed the same counter measures it would be worthless to hack a member account. It would be useless because nobody would TRADE or DEAL with a member that can't sign their staked ID. I wish it was a site requirement, but I don't Admin here, while I do on some forums. Is this too harsh a requirement guys??

Yes, I totally understand it. That is why I am asking what is the appropriate thing to do in order to prove my identity ties to my user account.
Thank you.

Coin-Keeper

hero member

Activity: 758

Merit: 606

And looking at this from the other vantage point; if I were to notice a changed email address and the account username could not AGAIN (after the change) sign a message on the previously staked address it would be a NO GO for me personally. I would encourage any members here to employ that requirement against my account without exception. I don't have my staked address wallet anywhere on an online machine. There is NO possibility of a signed message on that address from any other person. I am hoping all members here are helping to protect this site with the same strict measures. If all members here employed the same counter measures it would be worthless to hack a member account. It would be useless because nobody would TRADE or DEAL with a member that can't sign their staked ID. I wish it was a site requirement for tradding or dealing, but I don't Admin here, while I do on some forums. Is this too harsh a requirement guys?? Just a thought to make this a safe place. I hate scammers, don't you??

shapetwist

hero member

Activity: 504

Merit: 502

Quote from: mocacinno on February 15, 2017, 02:57:55 PM

Quote from: shapetwist on February 15, 2017, 02:52:15 PM

Hi,

Sometimes when I changed my email address on my profile, I'd get suspicions that my account was sold.
How to change my address in the future and prove that I am the same person?

Thank you

Sign a message with a staked addres from before the email change when someone is suspicious when doing a deal.
It's not foolproof, but it's better than nothing

Alright, thanks. I usually use xapo or blockchain.info.. not easy to sign there.
Would a bitrated.com profile help or not really?

mocacinno

legendary

Activity: 3402

Merit: 5004

https://merel.mobi => buy facemasks with BTC/LTC

Quote from: shapetwist on February 15, 2017, 02:52:15 PM

Hi,

Sometimes when I changed my email address on my profile, I'd get suspicions that my account was sold.
How to change my address in the future and prove that I am the same person?

Thank you

Sign a message with a staked addres from before the email change when someone is suspicious when doing a deal.
It's not foolproof, but it's better than nothing

shapetwist

hero member

Activity: 504

Merit: 502

Hi,

Sometimes when I changed my email address on my profile, I'd get suspicions that my account was sold.
How to change my address in the future and prove that I am the same person?

Thank you

Topic: Email address change (Read 425 times)