Re: bitZino - Provably Fair Bitcoin Casino - Blackjack, Craps, Roulette, Video Poker
We have officially launched support for 2-Factor Auth for withdrawals! We utilize Google Authenticator, and allow you to set up your account to require an OTP before every withdrawal request.
I'm not sure, but I think you're accepting the same code twice. So if an attacker is logging my keystrokes and is quick enough (ie. within the same 30 second window), he can use the same OTP as I just used to log in to my account.
You should make sure an OTP can only be used One Time....
