Author

Topic: Tips on how to keep your Bitcointalk forum account safe. (Read 595 times)

full member
Activity: 102
Merit: 21
Security of forum accounts is something we must take very seriously.
If these tips and guidelines are followed completely, they will at least reduce account hacking, and many senior colleagues have provided additional account safety advice.

I agree with you not everyone knows the risk involved in exposing their account and so they don’t take it security very seriously. Lot of people have complained about hacks and account breach but they are not aware that they are the cause of it making silly mistakes that could’ve been avoided if they had followed the tips provided by Op and some other members.

I consider this forum to be my home, and anything that could hinder my account is always opposed; this thread has given me more hints to help me secure my account even more. Despite the fact that I avoid using random devices to access my account and use strong passwords.

I see you are hero member already and i can tell how painful it will be if you lose control of your account because you have already become one with the forum so leaving the forum will be the last thing on your mind. This is a very useful topic and many newbies will ignore this thread and the useful tips it has shared with us. Topics like this is what newbies need but they will be busy with their aimless activities and their never ending merit hunt and ignore useful information such as this one.
member
Activity: 322
Merit: 70
The tips you listed on how to keep our Bitcointalk forum account safe are valid and correct.Firstly security should be the first thing to consider with our accounts,the password you choose determines how vulnerable your account is,I came across a thread in my local board that made more emphasis on how to choose stronger password.There are lot to do to keep your account safe, avoiding clicking links online that related to crypto because hackers have been using that format to gain access of most user's account who aren't security conscious.Logging your account on someone's device isn't safe no matter how much you trust the person,you ought to trust yourself alone and keep your account on a safe part.
legendary
Activity: 2604
Merit: 2353
It's also a good practice to use alias email address, so hackers can't know which is your actual mail account and which email provider you are using actually. It's also important to not allow to bypass 2FA in any way for the hackers. It means you need to be careful about your email box set up and the recovery option you have activated. If you want 2FA to not be able to be circumvent, your email box access shouldn't be possible without 2FA, even if you lose your password. Hence if the hacker has no access to your 2FA device he will never be able to hack your accounts whatever informations he owns onto you.
hero member
Activity: 714
Merit: 1010
Crypto Swap Exchange
~~~

Authy had a breachin 2022 as far as I remember, is closed-source and doesn't allow you easily to export your secrets. I'm moving away from Authy...

For Android I recommend FreeOTP, Aegis or 2FAS. I'm no iOS user, but Raivo seems a good choice for this platform (no personal experience, DYOR).

I don't think it's a good idea to make your mobile phone the main root of all your data. It's easy to loose and likely prone to be stolen for the more valuable devices. Avoid receiving OTP via SMS or similar.

My internet connection at home isn't related in any way with my cellphone number. Mobile data in cellphone network is related to it, but I don't quite get your point with it.
hero member
Activity: 1470
Merit: 555
dont be greedy
Sorry... this is an old topic, but i found it very useful... and maybe there are still people reading it... so I wanted to add some point to make it safer (by my view)

1. Activate 2FA to log in. @Cricktor has explained it before, but I want to add my version of the best authenticator application, namely Authy.. we can use our cellphone number and email to keep the login password to Authy confidential.

2. Create a Bitcoin address to stake here: https://bitcointalksearch.org/topic/stake-your-bitcoin-address-here-996318 .. we don't know how hackers got our Bitcointalk account, but we can recover via staking BTC Addy in that thread .

3. The cellphone number is the main root of all your data, so if you feel that you have lost it or been hacked, immediately report it to the relevant cellular company to block the receipt of the OTP code or perhaps prevent it as soon as possible by other means, the goal is to prevent hackers from hacking every login credential in your account. Your internet connection is related to your cellphone number.
full member
Activity: 448
Merit: 130
Although a very old post, there are times when the posts come up to give yourself a little warning. As we use different websites, different types of messages may come from the website, it is possible that you have opened this forum account that may message you by email, write something that you will believe and you will enter there, which is hacker circles a strategy. Nowadays hacker cycle has increased so account needs to be protected carefully. To keep your forum account safe you should enable 2FA security system and if this process is running  then chances of hacking your account from forum will be reduced.
sr. member
Activity: 476
Merit: 299
Learning never stops!

Unless you plan on using a website for a long time, just use a temporary email address, and then this eliminates any issues that could come from that. Ideally, you wouldn't be using the same password anyway, and therefore that wouldn't be compromised. Obviously, data that you give that website could potentially be compromised, and therefore associated with your email address, which an attacker could leverage or potentially gain more information to carry out a more sophisticated attack. So, there's definitely could reason to use different emails if you do use multiple websites.

Personally, I hardly sign up to anything these days. Kind of sick of every website requiring you to give your data over by signing up.
Most website requires authentication to give authorisation to dome specific infos.
If it just to get a particular info but signing is required, I think giving a temporary email just to access it at that particular time is good idea not bad if the details could be remembered  too..
Some sites Newhaven demo to shows limited information which could be what someone is in search for actually
member
Activity: 210
Merit: 36
First and foremost I want to say a very big thanks to op for sharing this information, this information is very helpful I most say, because I have been mean to ask this exact question on how to keep our bitcoin forum account safe. because the knowledge of scammers keep increasing day by day, so therefore we need to secure our account to the extent that scammers will find it very difficult to access it. However I so much appreciate op for those tips.
hero member
Activity: 714
Merit: 1010
Crypto Swap Exchange
~~~

You necro-bumped this thread from Oct. 2022 to just say "thank you"?!?  Roll Eyes

I disagree with your cited point 3:
if you have a strong and complex enough password (do not re-use passwords for different accounts!), you don't need to change it regularly. I use a password manager anyway and generate complex random passwords that are unique for every login I need. Humans are not good at creating random and complex enough stuff. New complex passwords are a pain to remember and forced frequent changes only leads to weak passwords that are "easy" for humans or the password change is ridiculous like bumping up a number which doesn't really add any security.

An important step is to enable 2FA to further secure your Bitcointalk account login.
full member
Activity: 588
Merit: 119
Epsiloan Protocol
All through your advice and suggestions on email address usage, avoiding phishing sites, use of strong password and all that. The one I find no one here should joke with is signing a message from a wallet one uses. That has proved to be a sure way of recovering one's account when hacked. However, many users here are still reluctant on signing messages as proof of their ownership. Nonetheless, your suggestion of using a unique username while registering on the forum as a way of preventing account hacks can't be true. Every username is unique to the owner to start with. Besides, most times you don't even get to know anyone else has a similar username until after you're done registering.

All what was writing was a perfect guide to prevent ones account from being hack. Thanks to OP @Issa56 for the job done. But I will need a guide on how to sign a message with ones wallet on the forum.
hero member
Activity: 994
Merit: 744
Security of forum accounts is something we must take very seriously.
If these tips and guidelines are followed completely, they will at least reduce account hacking, and many senior colleagues have provided additional account safety advice.
I consider this forum to be my home, and anything that could hinder my account is always opposed; this thread has given me more hints to help me secure my account even more. Despite the fact that I avoid using random devices to access my account and use strong passwords.
I need to sign a message with my current wallet address now, as explained, to ensure that my account is returned if it is compromised.
sr. member
Activity: 1610
Merit: 264
~
That's really a comforting statement, Welsh. I was worried on how many people know me already, but have not known them yet. Knowing that I was really just that brain dead teen back in the days registering in all of the game sites online. Good thing verification weren't such a drag for me during those days like almost many of the sites these days would require you an ID to fully "verify" yourself.

Passwords I used back in the day were kind of......okay anyway. It's not those typical "qwerty123" level anyway. Cheesy

I appreciate your input by the way! Smiley
legendary
Activity: 2688
Merit: 3983
One of the ways to lose accounts is to download the Forum application on Google or any random applications where you give your data to a third party.
Also adding a secret question to your account is another reason for losing your data.
The last and most important reason is to use a reusable email or a temporary email that more than one party can access.

More reasons can be added that cannot be counted for this, the question, knowledge and caution are the weapons that will guarantee you victory.
legendary
Activity: 2716
Merit: 1225
Once a man, twice a child!
All through your advice and suggestions on email address usage, avoiding phishing sites, use of strong password and all that. The one I find no one here should joke with is signing a message from a wallet one uses. That has proved to be a sure way of recovering one's account when hacked. However, many users here are still reluctant on signing messages as proof of their ownership. Nonetheless, your suggestion of using a unique username while registering on the forum as a way of preventing account hacks can't be true. Every username is unique to the owner to start with. Besides, most times you don't even get to know anyone else has a similar username until after you're done registering.
hero member
Activity: 994
Merit: 1089
Isn't the option to recover your password by answering a secret question disabled on the forum? I'm not sure, but I think I read somewhere that if you try to recover your password that way, your account will be locked and you will have to request a manual review and recovery process. (I can't find any details about it now though.)
It is not disabled, but yes your account will be locked if you try to recover an account with the secret question feauture, i honestly think it should be completely disabled, and members should not be able to set it, because, 1)it is not recommended and a bad idea of a second password, 2)it can be of no help, since even if you forget your password, and you want to use it for recovery, the account will be locked, 3)members should stick to recovering their password only with their email address, that way they should remember to use a valid email, and keep it safe. Here is some details about it:
This is a Public Service Announcement:

If you lose your password, DO NOT USE THE SECRET QUESTION TO RECOVER THE ACCOUNT. It will result in your account being locked. Please use the email recovery option to recover the account.
The reason that the accounts are locked is because the May 2015 hack leaked Bitcointalk's database which did not securely secure the Secret Question and Answer. To prevent people from guessing the answers, theymos made it so that accounts that are recovered using the secret question are automatically locked when the option is attempted. This is to prevent hackers who may be able to guess the answers from the leaked database.
hero member
Activity: 994
Merit: 701
If your email address have been compromised it will be easy to hack your forum account, because the user can easily input your bitcointalk username on the forum and click on reset password, a code will be send to your mail which the user can easily use to access your forum account.

Hackers can compromise accounts by sending phishing emails, which is one of the lucrative and effective ways for them to lure their victims. They send you links via emails that appear genuine and cannot be distinguished from fraudulent ones, but which actually include harmful software and instruct you to act swiftly in response to the email delivered.

In order for you to have access to your services, they can ask you for any sensitive information regarding your accounts, such as updating your password or updating your account. All of these actions are taken to compile reliable information about your login information. If you see one posing, be on the alert for this red flag.
legendary
Activity: 1960
Merit: 2124
Speaking of Email address then you should not make it public because that will automatically summon hackers and scammers to your mail box and use additional one mail that you are not using as your main email address.

Most users should already be aware of these recommendations, but also ideally should already be following them. Since, this is what you should be doing for every account you own. I don't quite understand why security isn't taught in IT classes early on in life. I was never taught anything about security, but everything about Microsoft Office, which is kind of funny looking back.
Exactly they should be teaching some practical aspects in the school instead of going through all those silly activities they ask children to do.In the computer subjects also the higher students are also being familiar with the same old Microsoft word documents and Presentation to the class on some topic.I was interested in the subject but they tell us simple html tags to build up a website but that also not to some extent and everything gone in the air.Some serious changes should be made not burdening the child but giving them practical exposure to the IT world.
legendary
Activity: 2730
Merit: 7065
3. Always avoid downloading untested software or dangerous files.
I will take it one step further. Don't download anything you don't need just because you are curious to test it out or see what it does. "Curiosity killed the cat", remember that. Stick with the stuff you know and you need. When you determine that a file is dangerous based on what it did to your system, it might already be too late and something awful already happened. Keep it far away from you if you don't know what it is.

5. Avoid logging in with a random user's mobile device...
That goes for desktop computers as well. Don't access Bitcointalk from internet cafés because you can't know what the owners have installed on those computers or what the person who used it before you did. Using a friend's PC/phone can also be dangerous. Don't use unsecure WIFI networks. The friend doesn't have to be malicious and want to hack you, but they could be infected with some malware themselves. 

7. You can carefully sign a message with your wallet address as well. This can help you prove ownership of your account in case you fall victim to account hacking, if you can sign a message with your wallet, then you can recover your forum account back.
That message needs to be stored safely as well. If you get your device hacked and someone steals your digital proof, the other person will also gain the ability to sign a message from the same address and ultimately prove they have access to the private key.
legendary
Activity: 2072
Merit: 4265
✿♥‿♥✿

Maybe users can also make use of the "Secret Question" feature which might help you recover the account if it's stolen, though it is mentioned that this is not recommended since it also kind of acts like a second password, I still think that it is fine as long as you create an answer which someone should not be able to guess easily. (was there any history here where a user successfully retrieved the account using this feature?). Probably, in relation to forum security, signed message really will help recovering the account.

There was a good story on the vulnerability of security questions. Whoever has the question is practically exposing himself to the possibility of being hacked. If a hacker is puzzled by such a problem, I think by the method of selection, he could do it.
Welsh explained everything well, but for better understanding, I think there will be a few topics of interest that should change their attitude towards setting a security question.

https://bitcointalksearch.org/topic/m.60529210

https://bitcointalksearch.org/topic/m.54280403
sr. member
Activity: 2506
Merit: 368
I'll add few more tips:
1. Hide your email address from public, go to Profile --> Account Related Settings
2. Never ever participate any bounties, someone might use your address or social media accounts on purpose, so when a scam buster find you've linked to other user and participate in a same campaign, you will get negative feedback.
3. You must use very strong password or update your password regularly e.g. once a month.


Isn't it common to protect your personal account or maybe don't try to login to any other site except the legit one which in most cases are the causes of getting hacked. Then avoid using your personal email to any other site or use the same email on every site you try to register and most of all be wary everything about your account security. That's the first thing someone should do and don't let your account be as common as most newbies here I'm sure that would add some extra security with your account.

Once you created an account explore the settings of your profile down to securing everything to avoid most common problem about hacked account.
staff
Activity: 3304
Merit: 4115
True. I try to keep my work mail away as much as possible from any website if it can be avoided. When I use a third-party app that I would do in my web dev job, I usually try to use a dummy account and would use random characters for the name since Gmail really requires them anyway. Kinda makes it hard though when you are required to connect your work email, lol.

I lost track of all my emails that I used back in 2015, but good thing it never involved any of my personal information.
We've all done it. I imagine most of us have multiple emails that have been lost with time. The good news is from a marketing stand point, most data that's a couple of months old isn't very useful for advertisers so they won't link you up that way. If your emails do have your personal information you've just got to hope that your password was unique, and wasn't used anywhere else. Since, even if you have the strongest password in the world in terms of it being random, if you use it multiple places, and one of those places gets compromised. You could potentially be compromised since that opens up a window of possibilities in terms of attack surface.

Although, you'd be surprised how many websites actually store your personal information, and credentials in plain text.
sr. member
Activity: 1610
Merit: 264
~
True. I try to keep my work mail away as much as possible from any website if it can be avoided. When I use a third-party app that I would do in my web dev job, I usually try to use a dummy account and would use random characters for the name since Gmail really requires them anyway. Kinda makes it hard though when you are required to connect your work email, lol.

I lost track of all my emails that I used back in 2015, but good thing it never involved any of my personal information.

Personally, I hardly sign up to anything these days. Kind of sick of every website requiring you to give your data over by signing up.
Kind of annoying as well when they're letting you use their web app but then they would require you to sign up to get your output.
"Hey! Want to get/download/export that whole business model you created for your business? Sign up first. You can use Google or FB to sign up. Roll Eyes"
staff
Activity: 3304
Merit: 4115
Maybe users can also make use of the "Secret Question" feature which might help you recover the account if it's stolen, though it is mentioned that this is not recommended since it also kind of acts like a second password, I still think that it is fine as long as you create an answer which someone should not be able to guess easily. (was there any history here where a user successfully retrieved the account using this feature?). Probably, in relation to forum security, signed message really will help recovering the account.
It's an additional attack surface that could be avoided by just remembering or writing down your password, and storing it in a safe place. That way, is almost entirely secure. Whereas, a secret question could potentially be guess or brute forced. For example, if the forum ever was compromised again (hopefully it won't be) then the hash could potentially be targetted, and if it's not secure enough it could potentially be compromised. If you make your secret question too complicated, then you're probably just as likely to forget it as your password you've set.
hero member
Activity: 1456
Merit: 940
🇺🇦 Glory to Ukraine!

Account security should be taken very seriously in order to avoid such incidents, because prevention is better than cure.
Maybe users can also make use of the "Secret Question" feature which might help you recover the account if it's stolen, though it is mentioned that this is not recommended since it also kind of acts like a second password, I still think that it is fine as long as you create an answer which someone should not be able to guess easily. (was there any history here where a user successfully retrieved the account using this feature?). Probably, in relation to forum security, signed message really will help recovering the account.

Isn't the option to recover your password by answering a secret question disabled on the forum? I'm not sure, but I think I read somewhere that if you try to recover your password that way, your account will be locked and you will have to request a manual review and recovery process. (I can't find any details about it now though.)
legendary
Activity: 1064
Merit: 1228
Playgram - The Telegram Casino
Some of the points in the OP are general suggestions that many forum users may have realized. But there's nothing wrong with reminding especially since there are a lot of new users who haven't noticed it yet.


7. You can carefully sign a message with your wallet address as well. This can help you prove ownership of your account in case you fall victim to account hacking, if you can sign a message with your wallet, then you can recover your forum account back.
I believe that sign message will help recover accounts in the event of a hack, but I don't know exactly how many bounty hunters are aware of it. Then, some old users may lose access to the wallet they used before so they will surely fail to sign message from that address. If this is the only way out there, then I'm sure any user who loses access to his wallet will also lose his account [if hacked] specifically if he can't sign message.

sr. member
Activity: 1764
Merit: 260
Binance #SWGT and CERTIK Audited

Account security should be taken very seriously in order to avoid such incidents, because prevention is better than cure.
Maybe users can also make use of the "Secret Question" feature which might help you recover the account if it's stolen, though it is mentioned that this is not recommended since it also kind of acts like a second password, I still think that it is fine as long as you create an answer which someone should not be able to guess easily. (was there any history here where a user successfully retrieved the account using this feature?). Probably, in relation to forum security, signed message really will help recovering the account.
hero member
Activity: 1666
Merit: 709
Playbet.io - Crypto Casino and Sportsbook
Good advice mate, many people has lost their Bitcointalk forum accounts as a result of very avoidable mistakes and errors, one of this things I would like to talk about is clicking on random links.
If you aren't backed by 2FA you can get caught in this trap.

This works in various ways and it mostly gets people who are desperately searching for earnings. You click the link it takes you off to another site where you are asked to create an account which you then do, and for those who uses same password all the time you make things easier for this scammers. They take record of the password you imputed and then try it on your account.
staff
Activity: 3304
Merit: 4115
Just want to add up that if people cannot keep track anymore on how many websites they registered their email, they can use the website "Have I Been Pwned" to tell if their email address were involved in a certain data breaches.
I had an old email address (not used in this forum of course) that became victim of data breach and now I realized why my Facebook back in 2009 was always being password changed.
I am pretty sure that many of us here are already aware and careful of how we use our email address to different websites, so I would just put this out to people that aren't aware yet.
Unless you plan on using a website for a long time, just use a temporary email address, and then this eliminates any issues that could come from that. Ideally, you wouldn't be using the same password anyway, and therefore that wouldn't be compromised. Obviously, data that you give that website could potentially be compromised, and therefore associated with your email address, which an attacker could leverage or potentially gain more information to carry out a more sophisticated attack. So, there's definitely could reason to use different emails if you do use multiple websites.

Personally, I hardly sign up to anything these days. Kind of sick of every website requiring you to give your data over by signing up.
sr. member
Activity: 1610
Merit: 264
4. Always secure your  email address. You can use 2FA to secure your email address, so that hackers won’t easily have access to your email address. Also, avoid entering your email address on untrustworthy websites, It's always better to have a separate email address for the forum that you won't use on any other websites, so that nobody will be able to hack your email address.  If your email address have been compromised it will be easy to hack your forum account, because the user can easily input your bitcointalk username on the forum and click on reset password, a code will be send to your mail which the user can easily use to access your forum account.
Just want to add up that if people cannot keep track anymore on how many websites they registered their email, they can use the website "Have I Been Pwned" to tell if their email address were involved in a certain data breaches.
I had an old email address (not used in this forum of course) that became victim of data breach and now I realized why my Facebook back in 2009 was always being password changed.
I am pretty sure that many of us here are already aware and careful of how we use our email address to different websites, so I would just put this out to people that aren't aware yet.
sr. member
Activity: 280
Merit: 259
https://bitcoincleanup.com #EndTheFUD
It is strongly discouraged to secure your password on your email address.
Who does that these days? It's like you wrote your wallet details on paper and on your table.

Always make sure you keep your password safe offline, away from any internet access.
That's the mistake we make. I saved most of my passwords on my browser, and one of the Addons installed on the browser did something bullshit. After that, my several accounts were accessed from Russian IP. After that, I changed all my passwords. The hacker stole around $20 from one of my casino accounts which were not significant. But, The problem is; he was able to access my account. Since then, I don't save passwords on my browser anymore.
legendary
Activity: 2072
Merit: 4265
✿♥‿♥✿
When I saw this topic, I thought that one of the authors of the topic I had already seen had changed its name.
Wasn't everything the OP described written the day before?

https://bitcointalksearch.org/topic/can-ama-users-forum-account-be-hacked-5415324

Why repeat everything when it has been repeated three hundred times? I did not see any new advice, which would not be in this thread.
It's worth just reading, and everyone will understand that the OP's topic is just a repetition.

https://bitcointalksearch.org/topic/m.61029150

Although yes, both of these topics will soon go down in history. And we'll start all over again.
hero member
Activity: 798
Merit: 1045
Goodnight, ohh Leo!!! 🦅
What you suggested is absolutely true. Apparently, those precautions are the type that anyone should have known -- coupled with several cases that people have lost/ can't prove ownership of their accounts -- it's should have been an optimistic plan in everyone's mind.
Several users have stayed out lately, unaccounted for, and very little or nothing is done about it because no one can really acertain to some VIABLE informations about them. Sometimes, a user will wake from Hades just to claim am account that has been active for several years, with the mere fact that it was HACKED few years ago.

Now even if that's true (which I'm not sure) has is the case taken? So in cases like this, nothing is done.
I'll advise everyone out there, mostly newbies cus -- I have seen a bunch lately-- to adhere to whatever viable informations that can ensure the safety of their accounts in the future.
Cheers,

Sandra 👩‍🦱
hero member
Activity: 1148
Merit: 796
I'll add few more tips:
1. Hide your email address from public, go to Profile --> Account Related Settings
2. Never ever participate any bounties, someone might use your address or social media accounts on purpose, so when a scam buster find you've linked to other user and participate in a same campaign, you will get negative feedback.
3. You must use very strong password or update your password regularly e.g. once a month.

hero member
Activity: 1722
Merit: 801
Forum account: security, privacy, and recovery

No matter how carefully and safely you believe you already done for your forum account, you must have a reserved solution for worst situation. With a good reserved solution, you will be able to recover your account later. That is very helpful and means a lot for you.

Use a strong password for your account, for your email, turn on 2FA for your email and don't forget to stake a Bitcoin address with a signed message on the forum. That address will be one of ownership evidence if you want to recover your account.
staff
Activity: 3304
Merit: 4115
Most users should already be aware of these recommendations, but also ideally should already be following them. Since, this is what you should be doing for every account you own. I don't quite understand why security isn't taught in IT classes early on in life. I was never taught anything about security, but everything about Microsoft Office, which is kind of funny looking back.

Also, just saying avoid phishing isn't the best advice, since that's obvious. However, going through the steps of verifying a link is what it is would probably be the best approach. Although, I feel like that guide would be better if it was done visually.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
You are not wrong, using a strong password, enable email 2FA, avoid login in another person's device, and not using the same username and password on other sites would all help. But once someone is not active on this forum and suddenly become active, or even if the person is active, dealing with such person should be when you have confirmed that his account is not compromised, this can be done either by using PGP encrypted message or telling the person to sign bitcoin address that he had once used on this forum before.
hero member
Activity: 1484
Merit: 928
I discovered a thread recently that was created by BetGalaxyADM, accusing one of the reputable escrow service on the forum of collaborating with the scammer, Massively fraudulent Escrow Transaction!. This account BetGalaxyADM was involved in a deal with Burky155 on the forum, and his forum account was compromised. He used an escrow service, and when his account was compromised, the hacker was able to get access to his account and contact the escrow service, requesting the release of funds. The escrow service complied with the request and released the funds without realizing the account had been compromised.
I believe a similar thread about how to secure your forum account has already been started, but I hope this serves as a friendly reminder to forum newbies to protect their forum account from hacking.

I'll offer some advice on how to prevent hackers from accessing your forum account.

1. First of all, when creating a forum account, I recommend using a strong password. Letters, numbers, symbols, uppercase and lowercase should all be included in your password, your password should not be stored in any application or on the internet. For example, it is strongly discouraged to secure your password on your email address. Always make sure you keep your password safe offline, away from any internet access.

2. Avoid clicking on phishing links, do not click on random links you receive on emails or on social media, as these could be phishing attempts to attack your bitcointalk forum account. If you receive a link asking you to verify your forum account or asking you to change your forum password, always ignore messages like that, and you can decide to visit bitcointalk.org and change your password without clicking the link you were sent. Enter your forum details on no other forum than http://bitcointalk.org. Because there are so many phishing attempts going on right now, we must be extremely cautious about the links we click.

3. Always avoid downloading untested software or dangerous files. Always keep your computer safe from malware, dangerous files can easily compromise your device, which hacker can easily have control of your device.

4. Always secure your  email address. You can use 2FA to secure your email address, so that hackers won’t easily have access to your email address. Also, avoid entering your email address on untrustworthy websites, It's always better to have a separate email address for the forum that you won't use on any other websites, so that nobody will be able to hack your email address.  If your email address have been compromised it will be easy to hack your forum account, because the user can easily input your bitcointalk username on the forum and click on reset password, a code will be send to your mail which the user can easily use to access your forum account.

5. Avoid logging in with a random user's mobile device, Nobody can be trusted, incase of emergency and you want to use the forum and you don’t have choice than to use other users device, maybe you are not close to your laptop or due to other reasons, make sure you change your password when you are with your laptop or mobile phone. Some devices will save your username and password, allowing the device owner to easily access your bitcointalk account whenever he wants and increasing the risk of account getting hacked.

6. When creating your Bitcointalk forum account, make sure you don’t use the same username and password for other websites as you do for the forum. Always use a unique username and password so that no one can figure out your login information. Use different username and password from the once you have being using on other websites or forums.

7. You can carefully sign a message with your wallet address as well. This can help you prove ownership of your account in case you fall victim to account hacking, if you can sign a message with your wallet, then you can recover your forum account back.

In conclusion
Account security should be taken very seriously in order to avoid such incidents, because prevention is better than cure.
Jump to: