Pages:
Author

Topic: Securing your Bitcoin talk account (Read 393 times)

legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
November 02, 2023, 06:23:16 AM
#27
You are right about them but some people prefer to use a VPN instead of TOR because there is some inconvenience for them when using TOR. The Tor browser doesn't store user login details so a user needs to log in every time he restarts the browser. Many avoid using TOR for this reason but there can be other issue but I don't use TOR for that. Also TOR seems slow which you already stated in your comments. 

That "problem" you're talking about is actually a big advantage because saving passwords inside the browser itself is a big risk and no one should use that way of saving passwords. Although it is true that Tor does not offer the best speed because the traffic is redirected through several levels, it is not as bad as some people think, if things get really slow you can always change the "tor circuit" in a very simple and fast way.

To be honest the level of hacking is happening in the industry these days I am also thinking about using TOR no matter how inconvenience it will be for me. Online security is more important than having too much comfort using the browser.

It's not just about hacking protection, but privacy protection in the sense that you protect your personal data from all those who misuse it. Considering that Tor is completely free, I see no reason why anyone should avoid trying it.
hero member
Activity: 658
Merit: 545
November 01, 2023, 11:41:13 AM
#26
Wow OP you have really done a good job putting all this together, it would really help a lot of newbies here who come to forum without learning how to ise the search button. Old members must have definitely come across similar posts in the past, I myself have come across similar post but anyways it is good to bring it up once more since most of the old threads would be difficult for newbies to find.

Security is one of the most important section of the crypto space and internet as a whole.Security in the internet simply refers to measures we take to prevent our device, assets or  privacy from cyber threats or attacks associated with the internet.Alot of persons spend much time on this forum while others spend little intervals of time on the forum however both categories of users require security measures to protect their accounts from hacks and other cyber threats.below is a series of things one can do to protect them from such threats.
A lot of people may think the term “security” may be over hyped and are careless in handling their online accounts  and it have seen a lot of of them lose their assets and accounts. In the internet and crypto space security is the most important thing one need to learn before any other thing else. It no news how scam is rampant on the internet and since we can’t locate ourselves physically a lot of people use this as an opportunity to scam others so we should always be careful how we interact with people on the internet and not give out personal informations.

2.limit your logining into your account via public cafes or computer centers as this can pose threats to your login details such as email and password.if possible avoid using public cyber cafes for logging in, instead stick to using a particular personal device this will make it even easier to monitor your IP logins using this function below.

This is a very important point because when you log in to your account with different devices it increases the chances of your account being compromised as your account is being exposed. Having a private device where only you can access your account is the best because when there is a new log in to your account from a different device you will be logged out from your main device so one can easily know when there is a log in attempt.

3.Avoid using similar or same passwords on majority of your accounts or logins on different platforms.(try to make your passwords distinct and different.)
A lot of people are used to this practice of having same password for all their social media accounts and platforms which is a risky practice because once one account password is compromised then every other accounts is compromised and can easily be accessed. Just as OP mentioned it’s best to have a different password for each accounts.

5. Use the forum hide email address button to conceal your email.This feature is usually turned on by default for added security. However here is a guide to setting it up.
This is a good point and newbies should take note of this, their accounts might not be useful for hackers now but in the near future when they have increased in rank losing their account will be painful after moving up the rank so it’s better to safeguard your accounts from the earliest days so you don’t regret being careless in the future.
 
full member
Activity: 504
Merit: 212
November 01, 2023, 10:34:27 AM
#25
Many forum users use the Tor browser to avoid IP detection. Some even use VPN to keep their location private.
~snip~

Doesn't using both tools really have the same goal? The difference is that Tor is free and it's a browser like any other with the difference that it provides the best level of privacy you can get at the moment. On the other hand, any VPN, regardless of whether it is paid or free, is a far worse option considering that it stores user data and shares it at the request of the authorities.

Of course, people use VPNs a lot more because that way their surfing speed is much higher than is the case with Tor, which is still much more sophisticated in terms of the privacy it provides, but because of that it is also a little more demanding to use.

But Tor cannot provide absolute anonymity, because if you have done something very bad, there are security services that can find your real location, regardless of how you tried to hide it.

You are right about them but some people prefer to use a VPN instead of TOR because there is some inconvenience for them when using TOR. The Tor browser doesn't store user login details so a user needs to log in every time he restarts the browser. Many avoid using TOR for this reason but there can be other issue but I don't use TOR for that. Also TOR seems slow which you already stated in your comments. 

To be honest the level of hacking is happening in the industry these days I am also thinking about using TOR no matter how inconvenience it will be for me. Online security is more important than having too much comfort using the browser.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
November 01, 2023, 06:23:32 AM
#24
Many forum users use the Tor browser to avoid IP detection. Some even use VPN to keep their location private.
~snip~

Doesn't using both tools really have the same goal? The difference is that Tor is free and it's a browser like any other with the difference that it provides the best level of privacy you can get at the moment. On the other hand, any VPN, regardless of whether it is paid or free, is a far worse option considering that it stores user data and shares it at the request of the authorities.

Of course, people use VPNs a lot more because that way their surfing speed is much higher than is the case with Tor, which is still much more sophisticated in terms of the privacy it provides, but because of that it is also a little more demanding to use.

But Tor cannot provide absolute anonymity, because if you have done something very bad, there are security services that can find your real location, regardless of how you tried to hide it.
full member
Activity: 504
Merit: 212
October 31, 2023, 03:04:14 PM
#23
Signing with your bitcoin address will remove all this hassle at once. You don't have access to your email anymore; if you cannot remember your password don't worry. If you have a signed bitcoin address and still have access to it, you can recover your account with little effort.

1.Always be sure to use a secure internet connection before logging in to your account as using unsecure connections exposes you to cyber threats which in some cases may lead to account ban due to using an IP with record of some units of evil on the forum.

2.limit your logining into your account via public cafes or computer centers as this can pose threats to your login details such as email and password.if possible avoid using public cyber cafes for logging in, instead stick to using a particular personal device this will make it even easier to monitor your IP logins using this function below.

Many forum users use the Tor browser to avoid IP detection. Some even use VPN to keep their location private.

I agree with you about the public network part. Using a public network to long into any sort of account can be dangerous as sometimes hacker use this type of network to do social engineering to hack user accounts.
legendary
Activity: 966
Merit: 1042
#SWGT CERTIK Audited
October 31, 2023, 02:27:50 PM
#22
OP your post is good, you took some of the privacy tips for the users, even users can enhance this by using Tor, VPNs and they can sue strong passcodes etc, etc.

The important part is you can really recover if your account gets hacked, using a signed message from your wallet, Even I have done it yet, I'm waiting for the highest rank to achieve also I used to follow some of the safety tips as well, still I think those who care a lot about their account should sign a message.

From this topic you've reminded me as well, So I'll buy some time to sign a message as well for my account's safety, thanks, buddy. You should edit the topic and this method as well I can see most of the members recommended it.
full member
Activity: 462
Merit: 117
October 31, 2023, 11:46:25 AM
#21
This is a very important point you have made here OP. Many people ignore the security aspect of their account since it feels safe with them alone while they have forgotten that hackers are everywhere and here on this platform. The issue of password is one thing people neglect too much. Many people save their passwords on Google cloud and other available third parties which they install on their devices to allow for storage of passwords and other details which is very risky. I will advise that members should save their passwords elsewhere and away from cloud savings  to protect their login information so that hackers can not gain access to their accounts. This is still applicable to every other website activities one engage him or herself with.
legendary
Activity: 2310
Merit: 4085
Farewell o_e_l_e_o
October 31, 2023, 11:26:39 AM
#20
Signing a message or proving account ownership using PGP signatures is good if you want to access your account if it is hacked, but one of your suggestions is bad. If you restrict IP addresses for the last 30 days, this enhances privacy, but it may not be good in the process of recovering your account because the recovery team has less information about you, thus making it more difficult to verify that you are the owner of the account.
Details are explained at https://bitcointalk.org/privacy.php
BTW, email is a big privacy issue in general. It's too expensive (mainly time-wise) to create new email addresses, but if you use the same one, it creates tons of links. Ideally, you should use one email per service. I've had two ideas in this area:

First, you could create a simple email forwarding service like this:
 - Without registration (but maybe with a tiny fee via eg. Lightning), take a user's email address, generate a random key, and use the random key to encrypt the email address.
 - Also encrypt the email address with a server secret.
 - Give the user an email address of the form [email protected]
 - When the service receives email at a forwarding address, it decrypts the email first using its server secret, and then using the provided decryption key. Then it forwards the email to the email address
 - To destroy forwarding addresses, users could provide the service with both their forwarding address and target address, and the service could then send a confirmation email.

This would be convenient, and it'd fix the problem of services being able to connect users across multiple sites through email-address reuse. But it trusts the forwarder not to log the per-email decryption keys or give up the server secret key. Though if multiple services like this existed, you could chain emails through them to increase security.

My second idea is:
 - The user would be using his own software (like eg. Thunderbird or perhaps prontonmail). From this software, the user could instantly create low-capacity throwaway accounts on the server. Each throwaway account could be (or behave similar to) a POP3 account with low capacity (eg. 50MB) and quick message expiration (eg. 60 days).
 - The client software would use Tor and careful polling to download all of the messages on its throwaway accounts without leaking to the server info about which accounts are connected. To improve anonymity and efficiency, you could perhaps use PIR, or the server could publish hourly/daily bloom filters meant to match email addresses which received mail in the time period. The client software would collect all of the messages into a single inbox for the end-user. Since it polls frequently, the client wouldn't have to worry about the low limits on the individual throwaways.
 - The server could anonymously require a small one-time for each throwaway account by using blinded bearer certificates.

With this, the server shouldn't ever be able to connect any of the accounts together. You could also send mail from the throwaways.

The main thing necessary for this second idea is a really smart email client meant to juggle many throwaways. You also need a cooperative server allowing quick account creation (like cock.li), ideally via an API.
sr. member
Activity: 658
Merit: 387
October 31, 2023, 11:04:30 AM
#19
If you give your bitcoin forum id username and password very strong then there is no chance of your account being hacked. Also, if someone can't access your device then there shouldn't be any problem with your account. Moreover, you can recover your account with the original Gmail, so if it gets hacked, you can recover your account again.

I hope you are not forgetting the fact that when most hackers who want to get total control of your account want things to go off your control when accessing the account, the first thing that they will do is to change your email, and when this email is changed, you don't have any other way of accessing the account back because you can't reset the password. Unless you create a thread using another account and pass the required details over to the community, then you can have a chance of having your account recovered.
 
Another thing is that most people always attack e-mail first; it's through the email that they have access to your account, and they can revoke your own access from the email, and you, the owner, won't have access to it, so relaying on email for recovery is not really a good option. We should just protect our account in any way possible to avoid too much grammar in the future.
legendary
Activity: 1708
Merit: 1280
Top Crypto Casino
October 31, 2023, 10:37:02 AM
#18
Besides the listed of you OP above, ideal if you make sure to secure your device too even in the internet, if you can afford a good antivirus it a good because this can be a preventive measure for you for possible attacks, suspicious links, phishing, and etc. but of course having a license of this is different from free take time to read the perks. At the same time, I highly recommend checking your IP address every of end of the day. I recommend using this too. https://bitcointalk.org/myips.php
hero member
Activity: 2338
Merit: 757
October 31, 2023, 10:16:37 AM
#17
OP, I think you somehow forgot to mention the two most important measures to take in order to completely secure the ownership of your bitcointalk account; First, apply all security measures for the email used for registration. You should always have access to that email because in extreme cases that your account gets compromised then the only way to prove ownership is by having access to the original email used for registration as the account would be restored to that email. Second (most important) is to be able to sign a message from any public address staked before the account got hacked. It's not that much important to post a bitcoin address as long as you can use other protocols to sign a message through other blockchains.

I had my account stolen previously, and without these features, I would not have been able to recover it. Thank you to the forum administration, which provides many solutions to avoid multiple account thefts.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
October 31, 2023, 09:21:39 AM
#16
7. Make use of secure browsers to avoid phishing attacks or leaking of your info to third parties.also avoid changing your email address frequently as this puts a message on your trust page for a certain period of time.

Which browser can be considered safe in the sense that it can prevent phishing in the literal sense of the word? Every user can install some kind of adblocker and protect himself from the display of paid ads in the search results, but if someone wants to click on a phishing link that he received in an e-mail or that someone posted on a forum, the browser can only protect him if someone has reported a malicious location and then it will display a notification.

Changing the e-mail address and password is a completely legitimate procedure and I don't see why it would be a problem, except in case there is a suspicion that the BTT account has changed owners.



Seems you miss with another important points for securing Bitcointalk account, you can set up question security with your account when some one accessing to your account and try to change password. I think that feature is still available in bitcointalk profile security and make more secure with your bitcointalk account.
~snip~

This is a bad option that should have been removed a long time ago, because people are very often predictable and set a very simple question and answer.

Another good reason not to use this feature -> PSA: ACCOUNTS WILL BE LOCKED IF THE SECRET QUESTION IS USED TO RECOVER IT
sr. member
Activity: 504
Merit: 266
October 31, 2023, 09:04:53 AM
#15
If you give your bitcoin forum id username and password very strong then there is no chance of your account being hacked. Also, if someone can't access your device then there shouldn't be any problem with your account. Moreover, you can recover your account with the original Gmail, so if it gets hacked, you can recover your account again.
hero member
Activity: 812
Merit: 560
October 31, 2023, 07:40:07 AM
#14
We are the first custodian to our security, we shouldn't handle our bitcointalk login device with carelessness that everyone have access to it, no matter how we secured it, if other people have access to it then nothing there is hundred percent safe, we should be mindful of what we download, the websites we visit and by not storing our login details on any device that could be accessible to anyone, when we don't make them have access to us, they cannot attack us.
hero member
Activity: 1190
Merit: 599
October 31, 2023, 07:22:17 AM
#13
Seems you miss with another important points for securing Bitcointalk account, you can set up question security with your account when some one accessing to your account and try to change password. I think that feature is still available in bitcointalk profile security and make more secure with your bitcointalk account. Looks all your points above are very important how to protect our account but don't forget always check right website of bitcointalk link when accessing to the forum.

Many hacked cases happening because they access with bitcointalk forum trough fake link and all account details have been record make the hacker easily account change hands.

Thanks for all important points about how to secure with bitcointalk account, not bad ideas if you can added some information from responder how to make more secure with our bitcointalk account.
hero member
Activity: 406
Merit: 443
October 31, 2023, 06:18:39 AM
#12
Signing a message or proving account ownership using PGP signatures is good if you want to access your account if it is hacked, but one of your suggestions is bad. If you restrict IP addresses for the last 30 days, this enhances privacy, but it may not be good in the process of recovering your account because the recovery team has less information about you, thus making it more difficult to verify that you are the owner of the account.



this one is bad

Using a clean email address and having it on a separate phone that you do not use on a daily basis will greatly enhance your security.
hero member
Activity: 1442
Merit: 775
October 31, 2023, 05:48:29 AM
#11
But about signing a bitcoin address, I don't understand how to do it. Looks like I have to learn to do it.
It's good to start learning.

Signing a message with your Bitcoin private key is a good practice and it can give a proof of account ownership that you might need to recover your account when it gets hacked.

The bottom line is, to sign a Bitcoin message, you need to have a private key. To have a private key, you must use a non custodial wallet that is good to keep your bitcoin safely too. If you use a custodial wallet like centralized exchange wallet (account), you don't have a Bitcoin private key. Don't have a private key means you don't own bitcoin.
sr. member
Activity: 518
Merit: 364
Rollbit.com
October 31, 2023, 05:44:53 AM
#10
As for the steps to hide emails, it seems that this is implemented by default on this forum. I have done the steps as said by the OP. but I missed about showing the email or hiding it. I'm afraid I've been showing my email all this time. But after I checked it, it turned out that it was automatically hidden. And I feel relieved knowing this.

But about signing a bitcoin address, I don't understand how to do it. Looks like I have to learn to do it.
legendary
Activity: 2072
Merit: 4265
✿♥‿♥✿
October 31, 2023, 03:05:34 AM
#9
Once on the Internet, you always need to understand that something that you consider valuable to yourself needs protection. OP, you forgot one small point that many newbies neglect: your privacy, which is also a guarantee of the security of your account. No matter how you protect your account, sometimes we see that someone, in order to receive merit, goes to extreme measures and posts evidence in the form of photos of themselves and their loved ones about their participation in a particular event. In addition to keeping your account secure, I would also advise being very careful about posting your personal information. There are archives on the forum; you need to remember about them. Having seen your identity, hackers can get information about you outside the forum, and then things can go in a different direction.
Pages:
Jump to: