Can it be possible to implement the OTP ?

[Crypto Library]

As we know OTP(one time password) boosts the security of level one step ahead and in the current date most of the platform's are implementing the OTP security for saving users from the hackers.
Day by day the advanced phishing attacks are increasing with new planning, So I think now it is also important to implement this OTP security system in this altcointalk forum as well.
What is your opinion on this?

[Faisal2202]

As we know OTP(one time password) boosts the security of level one step ahead and in the current date most of the platform's are implementing the OTP security for saving users from the hackers.
Day by day the advanced phishing attacks are increasing with new planning, So I think now it is also important to implement this OTP security system in this altcointalk forum as well.
What is your opinion on this?

It's a good thought as an extra layer of security is better than nothing. It will increase the security of our accounts. As some members talked with the admin about staking the address here and he said its a good idea maybe he will like this idea as well. I think it's kind of a suggestion so don't you think it falls under the suggestion section overall it also suits here best let's just admin or mods decide it.

Overall, I would love 2FA and OTP system, I was not so sure if it really doesn't have OTP as since I joined I rarely logout from the forum, but I just tested and we don't have any kind of OTP system or 2FA system but it would be great if Admin would consider it.

[bounceback]

Its good ideas how to make more security with our account, actually when altcoinstalk forum become more poplar in the future I believe any scammer will make fake link and make us loss access with our account in the future. Good decision in the future have feature of OTP or 2FA set up when login to altcoinstalk account.
But for teleport account seems get recovery easily when their account loss access by helping the bitcointalk account put the real link profile of their altcoinstalk account.
However set up account more security is good ideas from adopting OTP or set up 2FA when login account by using difference IP access address than usually.

[ABCbits]

I can see hacker trying to hack account in order to join signature campaign or spam using high-ranked account. So it'd be great if such feature exist, assuming you're talking about application-based OTP where you use application such as Google Authenticator or FreeOTP.

[Lucius]

I have nothing against additional security if it is something that is technically relatively easy to implement - and we recently got that feature on the BTT forum. For me personally, something like that is not necessary because I feel safe even without it - but for those who have poor operational security in the sense that they use only one e-mail, weak passwords (or even just one password for all services), and connect to public wireless networks, any additional protection is welcome.

As for phishing, it is very easy to protect yourself - simply save the forum link in your favorites and always access it from that link.

[dkbit98]

Having optional 2FA in forum would be very good for security, like we have it in bitcointalk, but if not done correctly it can only create problems and more complexity for members.
I recently saw member who forgot email address and password he used for registering in bitcointalk so he was stuck with his account.
I could only imagine what would happen with OTP codes and backup...

[bitterguy28]

in the other forum it is implemented though an optional added security so I cannot see anything that will hinder admin to put it here, because another layer of security will always give us(forum users)  to  support this initiative and to use at any cost as I am also willing to take part of this.
so  this is possible to in Altcoinstalk and need to be implemented sooner.

[UNIVERSE]

in the other forum it is implemented though an optional added security so I cannot see anything that will hinder admin to put it here, because another layer of security will always give us(forum users)  to  support this initiative and to use at any cost as I am also willing to take part of this.

It is true. In another forum, OTP is just additional option for account security. It is a good idea, I support the OTP implementation as long as it is for an optional. However, I don't it is an urgent matter in our forum but it can be good to be implemented. I'm sure Admin will consider this suggestion for the further security system in altcoinstalks.

so  this is possible to in Altcoinstalk and need to be implemented sooner.

Sooner or later, it will depend on the response of Admin. Let's Admin to consider everything first, we don't need to force Admin to implement OTP in hurry.

[Freemind]

I think we should remember all the work that the administrator has to do and keep in mind that everything takes time. and as @dkbit98 says, a lot of testing is necessary before making it work to avoid problems (chaos) on the part of users, especially those who are not familiar with this type of authentication systems. It's good to have as much security as possible, but let the administrator finish some things before starting others.

It is technically possible to implement TOTP in SMF forums: Add Two-Factor Authentication using TOTP protocol.

[hugeblack]

It is technically possible to implement TOTP in SMF forums: Add Two-Factor Authentication using TOTP protocol.

AFAIK, The forum uses a newer version of SMF 2.1, so the 2FA feature is included, but it appears that it has been deactivated.
In general, the additional security is good, but in any case, transactions must be carried out only after signing a message.

[bitterguy28]

in the other forum it is implemented though an optional added security so I cannot see anything that will hinder admin to put it here, because another layer of security will always give us(forum users)  to  support this initiative and to use at any cost as I am also willing to take part of this.

It is true. In another forum, OTP is just additional option for account security. It is a good idea, I support the OTP implementation as long as it is for an optional. However, I don't it is an urgent matter in our forum but it can be good to be implemented. I'm sure Admin will consider this suggestion for the further security system in altcoinstalks.

so  this is possible to in Altcoinstalk and need to be implemented sooner.

Sooner or later, it will depend on the response of Admin. Let's Admin to consider everything first, we don't need to force Admin to implement OTP in hurry.

I think this will never be denied by Admin as this is just an extra layer of security that most of us wanted to have in our account , specially here that there are many accounts that continuing to deliver links that might be a phishing links or hacking plans ,

[yhiaali3]

I personally support the additional protection and addition of two-factor authentication to enhance account protection in the forum.

I had a bad experience on the BTT forum before enabling 2FA for my account, where someone managed to hack my account without my knowledge and then placed a $500 loan request in the services section.

Fortunately, the member providing the service asked to sign a message from the Bitcoin address that I use in the forum. I received a notification on the Telegram bot and saw the loan request, so I immediately deleted the request and asked the member providing the service to stop any loans in my name.

After that, I changed the password and activated two-factor authentication.

[Freemind]

AFAIK, The forum uses a newer version of SMF 2.1, so the 2FA feature is included, but it appears that it has been deactivated.
In general, the additional security is good, but in any case, transactions must be carried out only after signing a message.

The administrator will have their reasons for keeping 2FA disabled, although I think it might be more for memory/server consumption reasons than anything else, but I'm not entirely sure. While I agree with you that security is generally good, any security is always "insufficient" when it comes to keeping our forum accounts safe. That is why it is good to participate in initiatives like this to have an extra point of security.

✅ Stake your Bitcoin address.

Fortunately, the member providing the service asked to sign a message from the Bitcoin address that I use in the forum. I received a notification on the Telegram bot and saw the loan request, so I immediately deleted the request and asked the member providing the service to stop any loans in my name.

In the thread I have provided you can also leave a signed message.

[hugeblack]

While I agree with you that security is generally good, any security is always "insufficient" when it comes to keeping our forum accounts safe. That is why it is good to participate in initiatives like this to have an extra point of security.

✅ Stake your Bitcoin address.

True, there was a promise that the section would be invisible to guests or below member rank. I do not know whether this idea was implemented or not.


it can also be integrated into the account so that you cannot change your Bitcoin profile address unless you sign a message from the old address or wait 7 days.

nice idea, also can be implement no problem. I will make a section that is not visible to guests or below member rank , where you can stak addresses

[dkbit98]

It is technically possible to implement TOTP in SMF forums: Add Two-Factor Authentication using TOTP protocol.

We know it's possible because we are using it in bitcointalk forum.
It was added as SMF patch by one community member and that was later inspected and implemented by forum admin.
I am not sure how different are this two forums, but maybe someone could fork that code and test it with altcoinstalks login.
Only pros please, we don't want things getting broken here