Topic: Which of the two will you choose as a gambler? - page 5. (Read 645 times)

I think you can easily set up  a 2FA, I am using AUTHY, this app can be link from my PC to my Phone, so anytime, I want to gamble, I always feel confident that my account will not be hack, the same method I applied on my exchange, both local and international exchanges.

As a common gambler with low bankroll who bet just small amount, I prefer the option #1 as what I usually do so far. It is simple, but I always use different email address for different site. I also use different password for every site where I play. 2FA is a must nowadays for a better security purpose so I'll prefer site where there is 2FA.

For the sake of discussions and not going into complexity, I would go for Option 2: Key based authentication. My main reason is that it's going to be like protecting your private keys here. At least everything is in your control. And you need to be very careful, because if you don't educate yourself everything will be gone in at instant specially. And since everyone here doesn't want to get your account compromise then obviously as a gambler we need to do everything to protect it by having a good sound and security practices.

I think this one will fall under option 2 - Keys based authentication though. 2FA is another level of authentication process to verify your account. Option 1 is a weak one to secure your account though it is easy to log in because you don't need additional verification, however, if you are a high roller or just want to make your account more robust and safe from potential hacks, it is always better to add another security layer like 2FA.

I don't fully understand the option 2 which is the Keys Based Authentication.. As a gambler, I just follow the usual procedure when registering into a gambling site, normally, I make an account, put my email into it and then hit the verification link once I receive it..

Now, every time I access it, I like to secured it into 2FA as I feel it would be safer, not sure if there's a way to hack when you are in control of the 2FA code.

Account security and anonymity have major importance in crypto gambling industry. I will explain two authentication processes and their pros/cons that an under-development project is considering. Through this thread I want to take views/suggestions of the community on the better of the two processes. Here are the candidates:

Option 1: Email Based Authentication

Under this option, you will be asked by casino to fill username, password and email id on registration. To increase the security, you will be asked to set-up 2FA authentication. To make withdrawal, you have to confirm email id.

Pros:
Easy to use and remember system.
Easy to retrieve system if password gets compromised.

Cons:
Easy to hack and brute-force.
Identity may be linked if same email is used somewhere else on web.
Always need additional device (phone) to login (for 2FA code).


Option 2: Keys Based Authentication

Under this option, you will be asked to fill username and password on registration. Then a private code (long alphanumeric) will be generated for you and encoded with the help of password you entered in first step. Now you have to store private code somewhere safe. There onward, you have to paste private code and password to login into system.

Pros:
Complete anonymity
Highest degree of security. No one can hack or brute force your account even if database is compromised.

Cons:
Extra care needed to maintain the security of private code.
Since code is not saved anywhere on server side, losing code = losing account.
One mistake and your account is gone.
Impossible to change code. If you give away code to someone over phishing page, etc, then you cannot retrieve/secure the account again.


That's all. Which of the two systems would you prefer as a crypto gambler. Suggestions/views are welcome.