Author

Topic: Why so secure on a forum? (Read 767 times)

legendary
Activity: 896
Merit: 1000
Louis Vuitton
July 22, 2015, 09:42:58 AM
#14
It's there for a reason, it isn't that much of a hassle to wait 45 seconds. So just wait it out and have fun.
legendary
Activity: 896
Merit: 1000
July 19, 2015, 04:54:36 AM
#13
people are never satisfied. if this forum is trying to make sure everything is secure, people complain that it is over the top. if the forum gets hacked, people then complain about the forum lacking security. be happy that the forum is as it is.
legendary
Activity: 1778
Merit: 1043
#Free market
July 19, 2015, 04:42:21 AM
#12
It's bitcointalk forum and not any other forum . Accounts here have a value depends ont he Rank because they can enroll on signature compaigns and get paid and accounts can even have sensitive informations on them .
So for what comes to the 45 seconds if we are speaking about the Login form then it's most likely to prevent Cracking because cracking became easy those days and people become more and more familliar with it using Sentry MBA and other cracking programs and maybe also for not having so much load , for what comes to posting then this dissapear with time and with your Activity rising and it's for preventing spam from new accounts .

I do not think the 45 seconds of delay between the login it is not due the value of accounts, but only for a security reason. If someone will gain (easily) the access of a community trusted account then he can do a lot of damage.
staff
Activity: 3500
Merit: 6152
July 18, 2015, 04:21:44 PM
#11
It's bitcointalk forum and not any other forum . Accounts here have a value depends ont he Rank because they can enroll on signature compaigns and get paid and accounts can even have sensitive informations on them .
So for what comes to the 45 seconds if we are speaking about the Login form then it's most likely to prevent Cracking because cracking became easy those days and people become more and more familliar with it using Sentry MBA and other cracking programs and maybe also for not having so much load , for what comes to posting then this dissapear with time and with your Activity rising and it's for preventing spam from new accounts .
copper member
Activity: 924
Merit: 1007
hee-ho.
July 18, 2015, 04:15:38 PM
#10
So the question is still, why?


why not? 45 seconds are nothing as long as they're not up to anything bad. it may even discourage hackers from trying to brute-force an account.
hero member
Activity: 1064
Merit: 505
July 18, 2015, 02:49:17 PM
#9
What's with the 45 second delay after you insert your password or user name wrong more than 2 times?

It's a little over the top.  Angry It's just a forum. Why should anyone care about security so much? Maybe this extra security should be an option?


Blah..

Its so you can not bruteforce a password.  If there was no timer one "bad guy" might sit there and just go through ton's of attempts.

It's WELL worth the wait.  I would not mind if they make it longer and add 2 factor auth.   I like secure.

There's no need for human to do brute forcing nowadays. Someone could easily create a bot that can brute force Bitcointalk 24/7.

And thats why there is a 45 sec delay, even if you are going to use a bot you still wont be able to bypass the 45 second waiting time so you would only have 1 guess per 45 seconds, unless you can somehow manage to bypass it by using tor or something like that
legendary
Activity: 1120
Merit: 1038
July 18, 2015, 02:45:45 PM
#8
TBH, 45 seconds feels a bit much for stopping a bruteforce attack.
5 seconds maybe sounds more reasonable, and even lesser would work. Bruteforce attacks work only when the attacker has the hash.

Let's assume a 6 character lower case only password.
There are (26^6) combinations, and it will take (26^6)*45 seconds to check them all
That's 440 years. Changing it to 5 seconds will reduce it to around 49 years.
Something stronger, like 8 characters (still less), upper and lower case and numbers will take millions of years.

So the question is still, why?
legendary
Activity: 3556
Merit: 9709
#1 VIP Crypto Casino
July 18, 2015, 06:20:47 AM
#7
What's with the 45 second delay after you insert your password or user name wrong more than 2 times?

It's a little over the top.  Angry It's just a forum. Why should anyone care about security so much? Maybe this extra security should be an option?


Blah..

Bro this forum needs to be as secure as possible. There are some great guys here, some really trustworthy, helpful posters who will do anything for you but there an equal number of scum bags, hackers, thieves, low lives etc.

The problem is that bad people here can be very dangerous, there are some very tech savvy, intelligent people here.

Don't knock anything that helps provide security here, I fully agree with anything the mods do to make this place safer.
legendary
Activity: 1484
Merit: 1001
Personal Text Space Not For Sale
July 18, 2015, 01:11:51 AM
#6
What's with the 45 second delay after you insert your password or user name wrong more than 2 times?

It's a little over the top.  Angry It's just a forum. Why should anyone care about security so much? Maybe this extra security should be an option?


Blah..

Its so you can not bruteforce a password.  If there was no timer one "bad guy" might sit there and just go through ton's of attempts.

It's WELL worth the wait.  I would not mind if they make it longer and add 2 factor auth.   I like secure.

There's no need for human to do brute forcing nowadays. Someone could easily create a bot that can brute force Bitcointalk 24/7.
legendary
Activity: 1456
Merit: 1000
July 18, 2015, 01:01:09 AM
#5
What's with the 45 second delay after you insert your password or user name wrong more than 2 times?

It's a little over the top.  Angry It's just a forum. Why should anyone care about security so much? Maybe this extra security should be an option?


Blah..

Its so you can not bruteforce a password.  If there was no timer one "bad guy" might sit there and just go through ton's of attempts.

It's WELL worth the wait.  I would not mind if they make it longer and add 2 factor auth.   I like secure.
hero member
Activity: 728
Merit: 537
July 17, 2015, 11:22:34 PM
#4
Two points:

1- 45 seconds isn't that much to talk about

2- Security is loved always  Roll Eyes
hero member
Activity: 504
Merit: 500
July 17, 2015, 11:20:09 PM
#3
What's with the 45 second delay after you insert your password or user name wrong more than 2 times?

It's a little over the top.  Angry It's just a forum. Why should anyone care about security so much? Maybe this extra security should be an option?


Blah..

it could prevent users using bots to spam log in some accounts using different password to try hacking. 45seconds isn't much of a problem mate, just enter your log in credentials correctly
staff
Activity: 3458
Merit: 6793
Just writing some code
July 17, 2015, 11:00:35 PM
#2
That actually is to prevent spam and spammers.

They also care about security a lot because many financial transactions happen here. If a trusted account was to be compromised, then the attacker could use that account to scam people and steal a lot of money.
sr. member
Activity: 420
Merit: 250
July 17, 2015, 10:55:51 PM
#1
What's with the 45 second delay after you insert your password or user name wrong more than 2 times?

It's a little over the top.  Angry It's just a forum. Why should anyone care about security so much? Maybe this extra security should be an option?


Blah..
Jump to: