Suggestion: bitcoin address as added security feature for accounts

greyhawk

hero member

Activity: 952

Merit: 1009

Quote from: TheButterZone on September 11, 2013, 04:25:43 AM

https://bitcointalksearch.org/topic/pre-releaseforum-software-olympus-discussion-bounty-entree-276512
https://bitcointalksearch.org/topic/looking-for-someone-to-createmodify-software-for-this-forum-5500-btc-50617

I'm aware of that.

This was the last anyone ever heard of "Syphor Software"

Quote

Due to all the feedback we have received, we are sad to say that the beta release will be pushed back to Monday August 26 in order to give our team members more time to redesign our UI to reflect the feedback we received from our previous mockup screenshots. We hope you partake in our beta and help us make software that is optimized to what the community would like to use.

TheButterZone

legendary

Activity: 3038

Merit: 1032

RIP Mommy

https://bitcointalksearch.org/topic/pre-releaseforum-software-olympus-discussion-bounty-entree-276512
https://bitcointalksearch.org/topic/looking-for-someone-to-createmodify-software-for-this-forum-5500-btc-50617

greyhawk

hero member

Activity: 952

Merit: 1009

Quote from: ?? on ??

theymos basically says in the new forum software this will be an option.

I wonder if BFL is developing this mythical new forum software.

TheButterZone

legendary

Activity: 3038

Merit: 1032

RIP Mommy

Concur.

Kouye

sr. member

Activity: 336

Merit: 250

Cuddling, censored, unicorn-shaped troll.

Looks like a good option to me.
Make it impossible to change password or email address unlesss we send a captcha result signed with a "id" address, mandatory to register.
No, it does not jeopardize your privacy, it is just a single-shot-sign-up address. No transaction to be expected on that one.

qwk

donator

Activity: 3542

Merit: 3413

Shitcoin Minimalist

Quote from: DeathAndTaxes on September 10, 2013, 06:07:02 PM

Could just use a bitcoin address or PGP public key. This provides the site with "proof" of the request and authentication as well. Essentially if your PGP key or wallet is compromised it is your fault and the site can prove so.

That's actually what I meant, should have written address instead of private key.
Going to revise the title.

Boxman90

hero member

Activity: 518

Merit: 500

An extra layer of security by means of proving ownership of a BTC address controlled by the user, for any security-related action (password change, email addrss change), seems like a very elegant solution. Especially for this forum.

Probably should make it optional (but urgently recommended upon registering) because true noobs usually don't have a BTC address yet. It's a very good improvement on the initial idea of verification-by-email, I guess.

DeathAndTaxes

donator

Activity: 1218

Merit: 1079

Gerald Davis

Could just use a bitcoin address or PGP public key. This provides the site with "proof" of the request and authentication as well. Essentially if your PGP key or wallet is compromised it is your fault and the site can prove so.

qwk

donator

Activity: 3542

Merit: 3413

Shitcoin Minimalist

Someone suggested on an other thread that email address changes be subject to confirmation by the original email address:
https://bitcointalksearch.org/topic/proposal-e-mail-change-should-require-e-mail-confirmation-for-added-security-291552

While this may be a good idea for most use cases, in case of a "lost" email address that might lock somebody out of his own bitcointalk.org account.

I thought about it and asked myself:
Wouldn't it be nice (™ The Beach Boys) if we could add a private key as a security feature?

I.e. changing your email address or password could require a message signed with your private key or something similar. Maybe as an opt-in security feature for experts, since not everybody may be able to handle that.

Edit: changed private key to address in title. I obviously want to keep my private ~~parts~~ keys to myself Grin

Topic: Suggestion: bitcoin address as added security feature for accounts (Read 838 times)