Topic: KanoPool kano.is lowest 0.9% fee 🐈 since 2014 - Worldwide - 2432 blocks - page 2033. (Read 5352086 times)
August 11, 2015, 07:49:39 AM
Block!!! Like 4 hours ago!!
August 10, 2015, 10:41:31 PM
Payout 369248 sent
93a028efea45f6e43e4ba082bb361cc242db131c0ef08b4d5066806027b57f09
and confirmed
93a028efea45f6e43e4ba082bb361cc242db131c0ef08b4d5066806027b57f09
and confirmed
August 10, 2015, 08:32:04 PM
Well TheOneJester has a Google Play app
https://bitcointalksearch.org/topic/m.11687928
No idea if anyone else has done an AppStore app.
https://bitcointalksearch.org/topic/m.11687928
No idea if anyone else has done an AppStore app.
August 10, 2015, 07:52:28 PM
Right now its adding several clicks to the usual several click to login then check your worker status. Its a lot of clicks unless you have a dedicated page on at all time auto refreshing so your session doesn't time out. Why not let read-only data always on?
I don't see a reason for always having to relog.
Same reason why a bank logs you out.I don't see a reason for always having to relog.
Right, but a bank is transactional.
Not sure what the point is though.
Quote
I think what he is saying is stay logged in to read stats and data and require login again if changing anything.
Session life time is fixed at where I consider it optimal and as the system wide php setting.If you want to stay logged in then use firefox with a reload every 5 minutes (like I do) or some other such option.
Or use the API which has no session life time.
Yes that is what i meant. There's no need for session expiring security on my private computer, imo. The information i'm interested to read is already public and kinda public. (Hashrate/Worker)
Then if you need to change settings, you already need to re input your password so *shrug*.
I might go the API route. The auto refresh doesn't work in every for situation for me. Maybe it could even be turned into a simple rain meter widget. That would be dandy.
I don't mind this on the computer, but on my phone it's a PITA to keep logging in to check on my workers and hash. It was perfect before as my Mac would remember credentials in safari and all that is synched with my phone so I would just auto fill on phone. Now I have to type it in each time on my phone.
August 10, 2015, 06:59:27 PM
Right now its adding several clicks to the usual several click to login then check your worker status. Its a lot of clicks unless you have a dedicated page on at all time auto refreshing so your session doesn't time out. Why not let read-only data always on?
I don't see a reason for always having to relog.
Same reason why a bank logs you out.I don't see a reason for always having to relog.
Right, but a bank is transactional.
Not sure what the point is though.
Quote
I think what he is saying is stay logged in to read stats and data and require login again if changing anything.
Session life time is fixed at where I consider it optimal and as the system wide php setting.If you want to stay logged in then use firefox with a reload every 5 minutes (like I do) or some other such option.
Or use the API which has no session life time.
Yes that is what i meant. There's no need for session expiring security on my private computer, imo. The information i'm interested to read is already public and kinda public. (Hashrate/Worker)
Then if you need to change settings, you already need to re input your password so *shrug*.
I might go the API route. The auto refresh doesn't work in every for situation for me. Maybe it could even be turned into a simple rain meter widget. That would be dandy.
August 10, 2015, 06:26:33 PM
Right now its adding several clicks to the usual several click to login then check your worker status. Its a lot of clicks unless you have a dedicated page on at all time auto refreshing so your session doesn't time out. Why not let read-only data always on?
I don't see a reason for always having to relog.
Same reason why a bank logs you out.I don't see a reason for always having to relog.
Right, but a bank is transactional.
Not sure what the point is though.
Quote
I think what he is saying is stay logged in to read stats and data and require login again if changing anything.
Session life time is fixed at where I consider it optimal and as the system wide php setting.If you want to stay logged in then use firefox with a reload every 5 minutes (like I do) or some other such option.
Or use the API which has no session life time.
August 10, 2015, 06:14:47 PM
Right now its adding several clicks to the usual several click to login then check your worker status. Its a lot of clicks unless you have a dedicated page on at all time auto refreshing so your session doesn't time out. Why not let read-only data always on?
I don't see a reason for always having to relog.
Same reason why a bank logs you out.I don't see a reason for always having to relog.
Right, but a bank is transactional. I think what he is saying is stay logged in to read stats and data and require login again if changing anything.
August 10, 2015, 06:02:33 PM
Right now its adding several clicks to the usual several click to login then check your worker status. Its a lot of clicks unless you have a dedicated page on at all time auto refreshing so your session doesn't time out. Why not let read-only data always on?
I don't see a reason for always having to relog.
Same reason why a bank logs you out. I don't see a reason for always having to relog.
August 10, 2015, 06:01:53 PM
...
PS. What about forwarding HTTP to HTTPS for the landing page? Then you could use the original login/pass that was at the top right, just a suggestion.
I don't want to forward it, since without forwarding, it allows anyone to access the index page and blocks page and also without having to issue a redirect.PS. What about forwarding HTTP to HTTPS for the landing page? Then you could use the original login/pass that was at the top right, just a suggestion.
It also means API access is however you choose, i.e. any web accessible program can access the API http or https
The way it is now, it forces a switch to https before you can type your password, thus you stay at https after that, but otherwise leaves it alone.
The forced switch going to the login page solves the problem for people logging in accidentally on http, but only when you click on it, so that was also another reason why I've changed it to that way.
August 10, 2015, 11:28:05 AM
Right now its adding several clicks to the usual several click to login then check your worker status. Its a lot of clicks unless you have a dedicated page on at all time auto refreshing so your session doesn't time out. Why not let read-only data always on?
I don't see a reason for always having to relog.
I don't see a reason for always having to relog.
August 10, 2015, 10:54:01 AM
ckdb fixed - restarted and block now showing up properly.
Of course as per usual with a ckdb restart, no mining was affected at all.
As for the login page, can you clear all the remembered form data for the web site and see if that helps?
I do have it showing up on one of my browsers (I have 2fa on all the time now)
As for 2fa itself, if you don't enable 2fa, login is still just username+password as before.
You don't have to enable 2fa if you don't want to.
If you enable 2fa (later when it's ready - or if you want to try it now) then the 2fa value will also be required everywhere you enter your password.
Of course as per usual with a ckdb restart, no mining was affected at all.
As for the login page, can you clear all the remembered form data for the web site and see if that helps?
I do have it showing up on one of my browsers (I have 2fa on all the time now)
As for 2fa itself, if you don't enable 2fa, login is still just username+password as before.
You don't have to enable 2fa if you don't want to.
If you enable 2fa (later when it's ready - or if you want to try it now) then the 2fa value will also be required everywhere you enter your password.
Looks like Chrome saved password works, but does not work in Safari. It did work prior to the 2Fa changes. Possible that the 3 entry box on the new page is messing it up. Would it be possible to have a register, login and login 2FA link? If the standard login is back on its own, that may work as it did before.
Another option is to put the login back where it was on the upper right of page, then just provide a 2FA login link that takes you to the new login page.
Thanks,
So that did not work, I see the stored user/pass in my keychain but each time I land on the login page, safari suggests a password after I enter username. I think its not detecting the page as the one I have already stored a user/pass for. Although the keychain shows kano.is https and saved user/pass
PS. What about forwarding HTTP to HTTPS for the landing page? Then you could use the original login/pass that was at the top right, just a suggestion.
August 10, 2015, 09:16:28 AM
...
Looks like Chrome saved password works, but does not work in Safari. It did work prior to the 2Fa changes. Possible that the 3 entry box on the new page is messing it up. Would it be possible to have a register, login and login 2FA link? If the standard login is back on its own, that may work as it did before.
Another option is to put the login back where it was on the upper right of page, then just provide a 2FA login link that takes you to the new login page.
Thanks,
Try again now - made a minor change of not having a blank the username/password fieldsLooks like Chrome saved password works, but does not work in Safari. It did work prior to the 2Fa changes. Possible that the 3 entry box on the new page is messing it up. Would it be possible to have a register, login and login 2FA link? If the standard login is back on its own, that may work as it did before.
Another option is to put the login back where it was on the upper right of page, then just provide a 2FA login link that takes you to the new login page.
Thanks,
(... meh safari ... )
The problem with the old login was that people would use it even on http
The Login/Register link goes to https.
So yeah I don't want to put the login back on the main page.
August 10, 2015, 09:07:53 AM
ckdb fixed - restarted and block now showing up properly.
Of course as per usual with a ckdb restart, no mining was affected at all.
As for the login page, can you clear all the remembered form data for the web site and see if that helps?
I do have it showing up on one of my browsers (I have 2fa on all the time now)
As for 2fa itself, if you don't enable 2fa, login is still just username+password as before.
You don't have to enable 2fa if you don't want to.
If you enable 2fa (later when it's ready - or if you want to try it now) then the 2fa value will also be required everywhere you enter your password.
Of course as per usual with a ckdb restart, no mining was affected at all.
As for the login page, can you clear all the remembered form data for the web site and see if that helps?
I do have it showing up on one of my browsers (I have 2fa on all the time now)
As for 2fa itself, if you don't enable 2fa, login is still just username+password as before.
You don't have to enable 2fa if you don't want to.
If you enable 2fa (later when it's ready - or if you want to try it now) then the 2fa value will also be required everywhere you enter your password.
Looks like Chrome saved password works, but does not work in Safari. It did work prior to the 2Fa changes. Possible that the 3 entry box on the new page is messing it up. Would it be possible to have a register, login and login 2FA link? If the standard login is back on its own, that may work as it did before.
Another option is to put the login back where it was on the upper right of page, then just provide a 2FA login link that takes you to the new login page.
Thanks,
August 10, 2015, 08:34:10 AM
ckdb fixed - restarted and block now showing up properly.
Of course as per usual with a ckdb restart, no mining was affected at all.
As for the login page, can you clear all the remembered form data for the web site and see if that helps?
I do have it showing up on one of my browsers (I have 2fa on all the time now)
As for 2fa itself, if you don't enable 2fa, login is still just username+password as before.
You don't have to enable 2fa if you don't want to.
If you enable 2fa (later when it's ready - or if you want to try it now) then the 2fa value will also be required everywhere you enter your password.
Of course as per usual with a ckdb restart, no mining was affected at all.
As for the login page, can you clear all the remembered form data for the web site and see if that helps?
I do have it showing up on one of my browsers (I have 2fa on all the time now)
As for 2fa itself, if you don't enable 2fa, login is still just username+password as before.
You don't have to enable 2fa if you don't want to.
If you enable 2fa (later when it's ready - or if you want to try it now) then the 2fa value will also be required everywhere you enter your password.
August 10, 2015, 08:16:34 AM
I use the google 2fa for lots of websites I am a big fan although maybe I should not be ?
I don't understand how compatibility with a sha256 algorithm is relevant to 2fa
OTP uses a hash function to generate the code.I don't understand how compatibility with a sha256 algorithm is relevant to 2fa
"google 2fa" isn't "google", it's simply just the 2 IETF RFCs
https://tools.ietf.org/html/rfc6238
https://tools.ietf.org/html/rfc4226
I use sha2-256 since it's reasonably secure ... that's what we use in bitcoin mining
It would appear that the "Google Authenticator" app doesn't understand the code that says to use sha2-256 so it only uses sha1 - which of course wont give the correct 6 digit hash number.
The RFC specs say it should allow it but it doesn't work.
The 2 Apps I've listed work fine when told to use SHA2-256
You can run both apps on one phone/tablet if you need to.
However, you will find that the App I'm suggesting you use should work with gmail login also.
Kano, Since the update to the page with 2Fa, the login and register have been combined, but my browser will no longer profile the login user & pass. I now have to type in the credentials each time where before the update I was able to have browser profile the upper right green login box that existed. Also, not profiling on my mobile phone, both of these were very useful as I check on miner status many times a day. Anything that can be done about that? Maybe extend the mission cookie to 24 hrs? don't mind logging in once a day but the current timeout must be around 15 or 30 min.
Also, I am guessing that 2Fa will be optional and for things like changing payout address and not each time you login? again, just guessing.
August 10, 2015, 08:06:59 AM
Heh another bug to add to the list for the new code ...
We just got a block, but I'm working on ckdb to fix it so it shows up:
https://blockchain.info/block/00000000000000000eb1bbe04a9d8751989f18e22dba3a329dea40f112f7d145
Of course it's there and succeeded, just gotta fix it in ckdb now ...
We just got a block, but I'm working on ckdb to fix it so it shows up:
https://blockchain.info/block/00000000000000000eb1bbe04a9d8751989f18e22dba3a329dea40f112f7d145
Of course it's there and succeeded, just gotta fix it in ckdb now ...
August 09, 2015, 12:26:08 PM
It's 1FA, not 2FA, so doesn't really fit in with the change I've added.
Sure it can replace normal 1FA login (user+password), but it still has the security risk of any other 1FA of having only one place that needs to be compromised.
Sure it can replace normal 1FA login (user+password), but it still has the security risk of any other 1FA of having only one place that needs to be compromised.
Payout 369010 sent
3ea3989d34fea95ede3d6dfeba1912eff8639711a898b81b0c443d0efab01771
and confirmed
August 09, 2015, 09:43:52 AM
August 09, 2015, 09:05:51 AM
Payout 368982 sent
9bd21cbb5770bc9bcb0e80a18512c83ce134716def64791496ddbbf3985bcc12
and confirmed
9bd21cbb5770bc9bcb0e80a18512c83ce134716def64791496ddbbf3985bcc12
and confirmed
August 09, 2015, 08:18:34 AM
I use the google 2fa for lots of websites I am a big fan although maybe I should not be ?
I don't understand how compatibility with a sha256 algorithm is relevant to 2fa
OTP uses a hash function to generate the code.I don't understand how compatibility with a sha256 algorithm is relevant to 2fa
"google 2fa" isn't "google", it's simply just the 2 IETF RFCs
https://tools.ietf.org/html/rfc6238
https://tools.ietf.org/html/rfc4226
I use sha2-256 since it's reasonably secure ... that's what we use in bitcoin mining
It would appear that the "Google Authenticator" app doesn't understand the code that says to use sha2-256 so it only uses sha1 - which of course wont give the correct 6 digit hash number.
The RFC specs say it should allow it but it doesn't work.
The 2 Apps I've listed work fine when told to use SHA2-256
You can run both apps on one phone/tablet if you need to.
However, you will find that the App I'm suggesting you use should work with gmail login also.
Jump to: