well 1000 bitcoins are a lot of money.

Moreover we need 2 levels of password:

1) An account password, sent via password-authenticated key agreement and not https

2) A Time-synchronized one-time passwords or a 2d key, to authorize movements, so that even if the password is stolen, it is impossible to authorize another transaction.


Users should not be allowed to choose passwords. A 25 characters long, strongly randomized password should be generated for the user, so he's forced to use something like keepassx.




I think we need an independent security committee to write a security standard and certify exchanges.