Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Meta
Merits 1 from 1 user
Re: Why changing the email and the password is so easy !!!!
by
LoyceV
on 11/02/2018, 14:39:11 UTC
⭐ Merited by nullius (1)
I wouldn't like to see 2FA added, it's another layer that can fail and take away my access to the forum. Besides, there's another reason why phone or email verification is a bad thing: privacy! Theymos respects privacy, and privacy shouldn't be compromised for security.

Quote from: nullius on February 09, 2018, 12:10:24 AM
That means a randomly generated password of sufficient length, used only for this site and nowhere else.  May I suggest use of a good password manager (non-“cloud”-based).
I use KeePass (for Windows), KeePassX for Linux, or a different version for anything from iPad to Blackberry.
If you're not using one yet: get a decent password manager, spend a few hours setting it up for all your accounts (don't forget to backup the database!), and keep it updated for all new passwords you create in the future.
I'm pretty sure nobody will ever be able to brute-force my password, but I changed my password anyway after the forum got hacked (a few years back).

Quote from: nullius on February 10, 2018, 01:01:26 AM
One of my first thoughts on seeing anything Bitcoin-related is, “Why isn’t public-key crypto used for all authentication?”  Of all places, the Bitcoin Forum should lead with that!  If you use Bitcoin, you should also use PGP, at the bare minimum; and the attention brought by Bitcoin makes for an opportunity to introduce more people to what old cypherpunks call “crypto”, resulting in more security all-around.
I regret not being more private when I joined here, but it's too late to change that now.

Quote
Most passwords are laughably weak.
Several lists show the most common passwords, #1 is 123456. For PIN codes, #1 is 1234!

Quote from: longlivecapitalism on February 10, 2018, 04:09:58 PM
To be honest, I find the security measures in this forum ludicrous especially if you consider that many accounts here belong to members who are trying to start or promote a business, whether that is a cryptocurrency coin/token or trading or something else. There's no confirmation e-mail even. At first, when I signed up I thought I had made a mistake in typing my e-mail and it had gone to a wrong address. There's no 2FA, no SMS verification, nothing... It's basically a hacker's paradise.
I have never in my life had any forum account compromised. It's entirely up to you to keep your account secure.

Quote
Staking Bitcoin address? Well, sorry that I don't have a permanent one. All my Bitcoin addresses are given to me by exchange sites so there would be no point.
You can easily print a paper wallet, stake the address, and keep it secure in case you need it.