Author

Topic: Is 2FA safe enough??Bad News. A guy with 2FA in Mt has been stolen for $7000+ (Read 1587 times)

legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
As long as your computer is not compromised, you don't even "need" 2FA. It's a good idea, just in case.
legendary
Activity: 1274
Merit: 1004
As tradefortress told you, 2FA is safe as long as your pc,mobile etc are safe.

I use mtgox without 2FA like a boss..





Why??





Because it's empty. Cheesy
member
Activity: 89
Merit: 10
Couldn't read the comments other post, perhaps someone can give an update so we all may learn. In the case of a withdrawel MTGOX sends out an email confirming it. You still have some time to cancel it if you're fast.
Like mentioned before 2FA is very secure, but if someone has physical access to your phone or malware is installed you're still at risk. Personally, I use a cheap phone without any 3rd party software installed, solely for the purpose of google authenticator. Of course, nothing is 100% secure.

Still it would be nice if it's possible to get a sms alert from mtgox if a withdraw is made, just as an extra measure.
newbie
Activity: 34
Merit: 0
Happened to me to, but i was a idiot and thought a long and complex password were enough, but at this time i didnt know about the security problems at mtgox.
Now iam using google authenticator on everything on mtgox, withdrawal, security center etc., so my password cant be changed.

Also i dont let more then for some hours my money on mtgox.

I lost over 50 bitcoins.

If the "hacker" made a normal withdrawal you can cancel it if you tell it the support fast.
newbie
Activity: 44
Merit: 0
vip
Activity: 1316
Merit: 1043
👻
Stop spreading FUD, you already posted this in trading discussion. I've already explained it, but I'll explain it again possible compromises:

1) Physical compromise - someone got access to his phone, used it, or saved the 2FA secret so he can generate new 2FAs at any time
2) Malware on mobile phone
3) Special malware on computer - sends transaction when someone logs in and enters 2FA code.

You sure this is $7000 USD or 7000 yuan (which is $1110)
newbie
Activity: 44
Merit: 0
The point is whether it's possible to break 2FA protection and how?
newbie
Activity: 42
Merit: 0
Wish I could read gibberish in the original thread.
newbie
Activity: 44
Merit: 0
It's amazing that an account under 2FA in Mt.gox can be hacked. This guy found his money withdrawn on May 31, 2013. Someone changed his password and cancelled all 2FA in Security Center. He says he didn't use his mobile phone to get on Mt.gox. How did the hacker get his private key of 2FA?? I don't know whether there is someone experience the same.
It's so terrible which means the 2FA maybe not safe.

Link to this post:https://bitcointalk.org/index.php?topic=221098.0
Jump to: