Post
Topic
Board Pools (Altcoins)
Re: [ANN][POOL] Mining Pool Hub - Multipool. Multialgo, Auto Exchange to any coin.
by
Jaerin
on 03/07/2017, 14:30:42 UTC

I'd like to add 2FA too but the main problem happens when the user lost his OTP key.

Pool should reset his OTP key when user asks but how can pool distinguish him that he is the owner or just hacker.
Even I can't distinguish him even talking via Skype. No one can distinguish hacker and owner perfectly.

So, OTP reset will be just same as PIN reset process which means that email account security will be the key at last.
That's why I encourage everyone to secure their email account with OTP and ARS verification.


I believe no one would be happy to provide passport and selfy picture for mining. This is the main concern that I don't provide OTP. OTP will have same vulnerability if it's not solved.


NO You should never reset OTP key.  You tell them to save it in a safe place and you make them type it in to verify that they know what the OTP key is.  You are off the hook for making them save it.  If they lose it at that point they lose access to their coins the same way an encrypted wallet is lost if you lose it.  F2A is to prevent all hacking access and is to free you from your liability.