Viewing a response to: @furion/re-smi-important-vulnerability-in-password-protection-for-accounts-20170313t222508750z
A message/alert on Steemit itself, in addition to an email, would be a good measure. I think a lot of people use application-specific email addresses to register on Steemit and probably don't check them often or at all.
post_id | 2,143,619 |
---|---|
author | pfunk |
permlink | re-furion-re-smi-important-vulnerability-in-password-protection-for-accounts-20170314t042721713z |
category | vulnerability |
json_metadata | "{"app": "steemit/0.1", "tags": ["vulnerability"]}" |
created | 2017-03-14 04:27:24 |
last_update | 2017-03-14 04:27:24 |
depth | 2 |
children | 2 |
net_rshares | 161,484,243 |
last_payout | 2017-04-14 04:03:00 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 0.000 SBD |
curator_payout_value | 0.000 SBD |
pending_payout_value | 0.000 SBD |
promoted | 0.000 SBD |
body_length | 219 |
author_reputation | 208,395,764,935,287 |
root_title | "IMPORTANT !!! Vulnerability in password protection for accounts" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 SBD |
percent_steem_dollars | 10,000 |
author_curate_reward | "" |
voter | weight | wgt% | rshares | pct | time |
---|---|---|---|---|---|
smi | 0 | 161,484,243 | 100% |
Good point.
post_id | 2,144,528 |
---|---|
author | furion |
permlink | re-pfunk-re-furion-re-smi-important-vulnerability-in-password-protection-for-accounts-20170314t081718981z |
category | vulnerability |
json_metadata | "{"app": "steemit/0.1", "tags": ["vulnerability"]}" |
created | 2017-03-14 08:17:18 |
last_update | 2017-03-14 08:17:18 |
depth | 3 |
children | 0 |
net_rshares | 0 |
last_payout | 2017-04-14 04:03:00 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 0.000 SBD |
curator_payout_value | 0.000 SBD |
pending_payout_value | 0.000 SBD |
promoted | 0.000 SBD |
body_length | 11 |
author_reputation | 116,591,440,117,983 |
root_title | "IMPORTANT !!! Vulnerability in password protection for accounts" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 SBD |
percent_steem_dollars | 10,000 |
E-mail is an already archaic technology. What about people that used disposable e-mails? (It turns out that cryptoenthusiasts are also fanatics of never disclosing personal data to anyone). Perhaps using a signed message from another key could be used (a configurable bitcoin wallet, perhaps?) <blockquote>To change (whatever), please sign this message with (BTC address; that should also require a signed message to be changed):<br /> <blockquote>"Change the data of my account: TIMESTAMP"</blockquote></blockquote>
post_id | 2,151,770 |
---|---|
author | renzoarg |
permlink | re-pfunk-re-furion-re-smi-important-vulnerability-in-password-protection-for-accounts-20170315t071601388z |
category | vulnerability |
json_metadata | "{"app": "steemit/0.1", "tags": ["vulnerability"]}" |
created | 2017-03-15 07:16:03 |
last_update | 2017-03-15 07:16:03 |
depth | 3 |
children | 0 |
net_rshares | 0 |
last_payout | 2017-04-14 04:03:00 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 0.000 SBD |
curator_payout_value | 0.000 SBD |
pending_payout_value | 0.000 SBD |
promoted | 0.000 SBD |
body_length | 517 |
author_reputation | 62,934,514,884,081 |
root_title | "IMPORTANT !!! Vulnerability in password protection for accounts" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 SBD |
percent_steem_dollars | 10,000 |