Author

Topic: Email address change (Read 450 times)

hero member
Activity: 504
Merit: 502
February 15, 2017, 03:43:34 PM
#7
The weak link in my model would be where a system design uses weak/stupid OPsec.  For instance, they stupidly keep a staked wallet online and worse they don't encrypt their SEED since they don't use the wallet for transactions.  Not thinking, when someone hacks their computer and the seed is visible they can create the same wallet and then sign accounts on the hacked username here.  I know this is BTC-101 but if your seed is stolen so is your ID where address signing is used.  I know you are familiar with this, but its the weak link.

I place great deference to signed btc addresses.  If I see a member did things correctly and if they can sign again while I am dealing with them via PM or wherever I will accept that.  I spread TRUST sparingly but you have to use tools to help you.  Its good enough for me!

I get you. Would another layer of opsec like pgp signing would make things better?
We have to account that people save important info on their computers that they shouldn't. It's pretty hard to be fool proof as far as I understand it.
hero member
Activity: 761
Merit: 606
February 15, 2017, 03:25:39 PM
#6
The weak link in my model would be where a system design uses weak/stupid OPsec.  For instance, they stupidly keep a staked wallet online and worse they don't encrypt their SEED since they don't use the wallet for transactions.  Not thinking, when someone hacks their computer and the seed is visible they can create the same wallet and then sign accounts on the hacked username here.  I know this is BTC-101 but if your seed is stolen so is your ID where address signing is used.  I know you are familiar with this, but its the weak link.

I place great deference to signed btc addresses.  If I see a member did things correctly and if they can sign again while I am dealing with them via PM or wherever I will accept that.  I spread TRUST sparingly but you have to use tools to help you.  Its good enough for me!
hero member
Activity: 504
Merit: 502
February 15, 2017, 03:14:05 PM
#5
And looking at this from the other vantage point;  if I were to notice a changed email address and the account username could not AGAIN (after the change) sign a message on the previously staked address it would be a NO GO for me personally.  I would encourage any members here to employ that requirement against my account without exception.  I don't have my staked address wallet anywhere on an online machine.  There is NO possibility of a signed message on that address from any other person.  I am hoping all members here are helping to protect this site with the same strict measures.  If all members here employed the same counter measures it would be worthless to hack a member account.  It would be useless because nobody would TRADE or DEAL with a member that can't sign their staked ID.  I wish it was a site requirement, but I don't Admin here, while I do on some forums.  Is this too harsh a requirement guys??

Yes, I totally understand it. That is why I am asking what is the appropriate thing to do in order to prove my identity ties to my user account.
Thank you.
hero member
Activity: 761
Merit: 606
February 15, 2017, 03:12:13 PM
#4
And looking at this from the other vantage point;  if I were to notice a changed email address and the account username could not AGAIN (after the change) sign a message on the previously staked address it would be a NO GO for me personally.  I would encourage any members here to employ that requirement against my account without exception.  I don't have my staked address wallet anywhere on an online machine.  There is NO possibility of a signed message on that address from any other person.  I am hoping all members here are helping to protect this site with the same strict measures.  If all members here employed the same counter measures it would be worthless to hack a member account.  It would be useless because nobody would TRADE or DEAL with a member that can't sign their staked ID.  I wish it was a site requirement for tradding or dealing, but I don't Admin here, while I do on some forums.  Is this too harsh a requirement guys??  Just a thought to make this a safe place.  I hate scammers, don't you??
hero member
Activity: 504
Merit: 502
February 15, 2017, 02:10:47 PM
#3
Hi,

Sometimes when I changed my email address on my profile, I'd get suspicions that my account was sold.
How to change my address in the future and prove that I am the same person?

Thank you

Sign a message with a staked addres from before the email change when someone is suspicious when doing a deal.
It's not foolproof, but it's better than nothing

Alright, thanks. I usually use xapo or blockchain.info.. not easy to sign there.
Would a bitrated.com profile help or not really?
legendary
Activity: 3584
Merit: 5243
https://merel.mobi => buy facemasks with BTC/LTC
February 15, 2017, 01:57:55 PM
#2
Hi,

Sometimes when I changed my email address on my profile, I'd get suspicions that my account was sold.
How to change my address in the future and prove that I am the same person?

Thank you

Sign a message with a staked addres from before the email change when someone is suspicious when doing a deal.
It's not foolproof, but it's better than nothing
hero member
Activity: 504
Merit: 502
February 15, 2017, 01:52:15 PM
#1
Hi,

Sometimes when I changed my email address on my profile, I'd get suspicions that my account was sold.
How to change my address in the future and prove that I am the same person?

Thank you
Jump to: