Topic: MtGox claim site online - page 2. (Read 4955 times)
Mt gox websites are not loading.......
Is mtgox under dos attacks or are there simply too many of us trying to connect? Probably the latter because it doesn't actually work and many people try again and again (like me, in the morning). Last time I was able to try I was still getting
"The password for this account is invalid, or this account is not currently under claim process."
And I had a fairly long and good password, I doubt somebody had the time to crack it, and it was "salted" (not an idle account)
so what does or this account is not currently under claim process. mean, anyway??
"The password for this account is invalid, or this account is not currently under claim process."
And I had a fairly long and good password, I doubt somebody had the time to crack it, and it was "salted" (not an idle account)
so what does or this account is not currently under claim process. mean, anyway??
so because all the hashed passwords and emails were leaked. mtgox is going to authenticate accounts through emails...by entering the old password. and a new password...
soooo fucking stupid.
you realized that this was only step one, did you? soooo fucking stupid.
There is a second step where you have to provide further prove that you are the legit owner of the account you claim.
even lulzier is bitcoin is a community of people who mine by decoding hashes.
nobody is decoding hashes.someone with a killer mining set up could rainbow table the shit out of any encryption. md5 encryptions can be easily cracked by morons via sites like md5decrypter.co.uk and the freebsdmd5 hashes by process's like this http://hansatan.com/?d=jtrguide
good luck. the unsalted simple md5() from the leaked list are dead accounts, where nobody logged in for months.also good luck for trying to crack the ~60000 unix_md5() hashes, with ~60000 different salts. that requires you to generate 60000 different rainbowtables...very effective, lol.
Hmm, I had no problems going trough the claim procedure...
Submitted my bank account #, name, IP and the balance of my account in BTC.
Should be enough info to reclaim my account.
Submitted my bank account #, name, IP and the balance of my account in BTC.
Should be enough info to reclaim my account.
Yes, it looks like that: "Your account recovery request is pending review by our staff."
Interesting. I didn't get that, or any error—I was redirected to the same step 2/2 again. Actually submitted the form twice just in case...
And now it says "The password for this account is invalid, or this account is not currently under claim process."
With no further instruction.
Are they forcing us to file case in small claims courts?
I really smell a huge lawsuit going their way.
Also, I've submitted a few support requests PRIOR to the attack, and NONE ever got a reply back.
So I guess I might be forced to file a suit
With no further instruction.
Are they forcing us to file case in small claims courts?
I really smell a huge lawsuit going their way.
Also, I've submitted a few support requests PRIOR to the attack, and NONE ever got a reply back.
So I guess I might be forced to file a suit
what's even worse, i put in a new password, and it says it is not secure enough.
It contains number, lower case letter, upper case letter, symbol, special character.
Are they asking for arabic characters combined with korean and russian characters??
It contains number, lower case letter, upper case letter, symbol, special character.
Are they asking for arabic characters combined with korean and russian characters??
Same issue here.
what's even worse, i put in a new password, and it says it is not secure enough.
It contains number, lower case letter, upper case letter, symbol, special character.
Are they asking for arabic characters combined with korean and russian characters??
It contains number, lower case letter, upper case letter, symbol, special character.
Are they asking for arabic characters combined with korean and russian characters??
It rejected what I would consider a very strong password ... I hope they understand that making passwords harder just encourages people to write them down, which is actually less secure in the long run. You figure since they took so long to fix it; they would at least do it right instead of going nuts. FAIL.
Someone can't look at a written password over the internet.
I actually encourage people to use strong passwords and write them down. I just make sure that they understand that the proper place to store the paper with the password is with their other small, valuable pieces of paper, in their wallet.
This doesn't change the relative security of written vs. unwritten passwords.
All the informations needed to claim the account are publicly available. This will be fun.
What?? The username, email and old hashed password has been posted on the forum and not deleted even if i contacted 3 times the admin.
EDIT: The second step is allowing you to submit a proof of the ownership.
All the informations needed to claim the account are publicly available. This will be fun.
What?? It's in the accounts list.
If someone was dumb enough to use a simple password on both their Mt. Gox and email account, then all the attacker needs is that info.
Add to that the fact gmail shows the last visible IP's, the attacker can just gain a local proxy in your country after a quick WHOIS search and obtain a higher probability of recovering your account.
so because all the hashed passwords and emails were leaked. mtgox is going to authenticate accounts through emails...by entering the old password. and a new password...
soooo fucking stupid.
This goes far beyond, one account, a measly $1k, and a user database. this is means anyone who used the same password for their email could have the passwords to other accounts recovered to the email without knowing the original. so get access to the email. find where they have accounts. paypal, bitmarket, banks, this forum, their mining sites, dating sites, dwolla, liberty reserve, everything. they might of sent a an ecrypted zip of their wallet to themselves via their email. they might of had a very important conversation with someone. money pak numbers in emails. endless possibilities. amazon accounts, ebay, godaddy, ect ect ect. this spiderwebs out.
even lulzier is bitcoin is a community of people who mine by decoding hashes. someone with a killer mining set up could rainbow table the shit out of any encryption. md5 encryptions can be easily cracked by morons via sites like md5decrypter.co.uk and the freebsdmd5 hashes by process's like this http://hansatan.com/?d=jtrguide
So theyre going to dictate the price at 17.50 when the exchange comes back. who values this shit at $17 right now? someone bought a fuckload for penny each. and were supposed to buy at $17.50. i mean thats all fine and dandy for everyone getting out of bitcoins, but thats no good for the market in general.
mtgox is a buncha fuckups who lost lots of people alot of money, set back a revolution and wont take responsibility for handing out the database to an auditor for reasons unknown. i know what auditors do, no reason for him to have emails and logins. fucking morons down at mtgox have fucked up big time. They really need to pay for all damages and fuck off the internet.
soooo fucking stupid.
This goes far beyond, one account, a measly $1k, and a user database. this is means anyone who used the same password for their email could have the passwords to other accounts recovered to the email without knowing the original. so get access to the email. find where they have accounts. paypal, bitmarket, banks, this forum, their mining sites, dating sites, dwolla, liberty reserve, everything. they might of sent a an ecrypted zip of their wallet to themselves via their email. they might of had a very important conversation with someone. money pak numbers in emails. endless possibilities. amazon accounts, ebay, godaddy, ect ect ect. this spiderwebs out.
even lulzier is bitcoin is a community of people who mine by decoding hashes. someone with a killer mining set up could rainbow table the shit out of any encryption. md5 encryptions can be easily cracked by morons via sites like md5decrypter.co.uk and the freebsdmd5 hashes by process's like this http://hansatan.com/?d=jtrguide
So theyre going to dictate the price at 17.50 when the exchange comes back. who values this shit at $17 right now? someone bought a fuckload for penny each. and were supposed to buy at $17.50. i mean thats all fine and dandy for everyone getting out of bitcoins, but thats no good for the market in general.
mtgox is a buncha fuckups who lost lots of people alot of money, set back a revolution and wont take responsibility for handing out the database to an auditor for reasons unknown. i know what auditors do, no reason for him to have emails and logins. fucking morons down at mtgox have fucked up big time. They really need to pay for all damages and fuck off the internet.
All the informations needed to claim the account are publicly available. This will be fun.
What??
All the informations needed to claim the account are publicly available. This will be fun.
It rejected what I would consider a very strong password ... I hope they understand that making passwords harder just encourages people to write them down, which is actually less secure in the long run. You figure since they took so long to fix it; they would at least do it right instead of going nuts. FAIL.
Someone can't look at a written password over the internet.
I actually encourage people to use strong passwords and write them down. I just make sure that they understand that the proper place to store the paper with the password is with their other small, valuable pieces of paper, in their wallet.
It rejected what I would consider a very strong password ... I hope they understand that making passwords harder just encourages people to write them down, which is actually less secure in the long run. You figure since they took so long to fix it; they would at least do it right instead of going nuts. FAIL.
Someone can't look at a written password over the internet.
I actually encourage people to use strong passwords and write them down. I just make sure that they understand that the proper place to store the paper with the password is with their other small, valuable pieces of paper, in their wallet.
I claimed my account, but if MTGOX expects me to jump through any hoops, I'd request they close and delete my account (I never had a transaction anyway).
I am weary of them having access to ANY of my information (no offense to them, I just don't really want my day-to-day email spammed or worse).
I am weary of them having access to ANY of my information (no offense to them, I just don't really want my day-to-day email spammed or worse).
Seems that the MtGox staff will check every single account, oh boy.
Yes, it looks like that: "Your account recovery request is pending review by our staff."
With over 61,000 accounts that could take a while.
If they took only one minute to validate each account, that would be over 1000 man-hours, or over 42 days. Hopefully there is a team of workers or an automated system in development.
Mine also said that until I remembered the right old password.
mine also says "The password for this account is invalid, or this account is not currently under claim process."
I've been waiting since last night to log in, slept only 4 hours, WTF?
I've been waiting since last night to log in, slept only 4 hours, WTF?
Jump to: