Silk Road forums
Discussion => Newbie discussion => Topic started by: Skkky on January 18, 2013, 09:58 am
-
So I've read every review I could get my hands on before adding my BC and trying to make a purchase and NON OF THEM mention this stupid PIN.. Why can't it just be your log in password or something simple like that? I don't even remember the site asking me to create or give me one. Well I used up my attempts to make a purchase and have to to wait about another week before I can spend MY BC!! Something so important should be in big red letters starting with IMPORTANT INFO, PINS. or something like that. If I new, I would have made a new account before dumping my BCs in. I new this site just seemed to perfect.. :(
-
whenever you start a new name or just joined ansd try and make a purchase your pin will not work. you will get message from SR administration saying your acctg iis froze for 3 days until they reset your pin happens all the time welcome to silk road
-
It's just like the pin you use at the ATM. It's not that hard to understand the security purpose of a PIN. Sheesh.
-
I guess they wanted to provide an extra layer of security. If I got money involved like bitcoins, I def like the idea of making it harder for someone to hack my shit and steal my coins..
-
SAME exact thing happened to me. I just made another account and I'm trying to contact SR Support to get my coins in that account transferred. Let me know what happens with your account!
-
Yep more security, I have my pin memorized in my head, it's-...Uh...Maybe I wrote it down somewhere? Whoops... :)
-
It's just like the pin you use at the ATM. It's not that hard to understand the security purpose of a PIN. Sheesh.
So whats the login name and passphrase for? When I go to a ATM, I don't have to log in with a password and then once I'm in , type another PIN to withdraw MY MONEY..... Thats what happens here. Isn't username and password enough?? Like online banking.. lol
-
The PIN is there for your protection - it adds an extra layer of security, so if someone got into your account, they couldn't spend your bitcoin without the PIN. When you are signing up, it states clearly in italics not to forget your PIN. Maybe you should have been more observant when you were signing up. Everyone is responsible for their own actions...just saying ;)
-
If they're that smart to get my user name and pass phrase, on Tor browser, they deserve to have the coins. I don't see how somebody would be able to hack the user name and the password, but then have trouble getting the PIN..lol If such a scenario exists please share. Banks don't even do this.
-
So I've read every review I could get my hands on before adding my BC and trying to make a purchase and NON OF THEM mention this stupid PIN.. Why can't it just be your log in password or something simple like that? I don't even remember the site asking me to create or give me one. Well I used up my attempts to make a purchase and have to to wait about another week before I can spend MY BC!! Something so important should be in big red letters starting with IMPORTANT INFO, PINS. or something like that. If I new, I would have made a new account before dumping my BCs in. I new this site just seemed to perfect.. :(
Be careful what you wish for.
-
I'm with skkky, I was a little pissed being caught so off guard like that. I have all my passwords and important account information written down and I know I wouldn't have forgotten something as important as that. But hey at least I have this week to make 50 useless rambling posts about some shit I don't like.
-
Just thought i'd pop in and do a quick bit of spamming to get to 50
Sorry
-
It really isn't that hard
-
god Damn op be a retard or 12 years old
-
Just thought i'd pop in and do a quick bit of spamming to get to 50
Sorry
me, too!
-
and me..... having said that the pin is a good idea
-
It really isn't that hard
Never said it was hard, said its stupid..
If you're new and use to registering online for a number of different services including online banking and stock trading, then sign up on SR the first time, the PIN request throws you off. I don't EVER remember being given one or asked to make one. Also, if you're new like me, you joined out of curiosity and not to purchase anything, but once you get to browse a little the light bulb comes on. Then you have to read and read and read, how to get bitcoins, setup, etc.... Then finally when you think you want to make a little tester purchase BAM... no PIN to complete your order and on top of that we're going to hold on to your BCs so you can't use them anywhere else.. lol
-
Its a great idea. SR is about security. If you can not understand that and find a method to remember important information, then learn how.
-
It's just like the pin you use at the ATM. It's not that hard to understand the security purpose of a PIN. Sheesh.
So whats the login name and passphrase for? When I go to a ATM, I don't have to log in with a password and then once I'm in , type another PIN to withdraw MY MONEY..... Thats what happens here. Isn't username and password enough?? Like online banking.. lol
Dude. When you go to the ATM, you insert a PHYSICAL card, and then enter a pin to get your cash. On SR, you insert a login/password combination, then enter a pin to get your cash. Where is the difference ? And you talk about online banking. Online banking now usually requires you to enter your customer code, type a pin on a virtual keypad, and confirm whatever transaction you want to do by typing a confirmation code sent on your email or on mobile phone. Some banks even give RSA keys now.
-
It's just like the pin you use at the ATM. It's not that hard to understand the security purpose of a PIN. Sheesh.
So whats the login name and passphrase for? When I go to a ATM, I don't have to log in with a password and then once I'm in , type another PIN to withdraw MY MONEY..... Thats what happens here. Isn't username and password enough?? Like online banking.. lol
Dude. When you go to the ATM, you insert a PHYSICAL card, and then enter a pin to get your cash. On SR, you insert a login/password combination, then enter a pin to get your cash. Where is the difference ? And you talk about online banking. Online banking now usually requires you to enter your customer code, type a pin on a virtual keypad, and confirm whatever transaction you want to do by typing a confirmation code sent on your email or on mobile phone. Some banks even give RSA keys now.
Yeah, my bank and Etrade don't do that. Virteex doesn't do that. I log in with my card number and I made my own password for online banking.. Thats not even the point... Please explain the scenario were this PIN is going to help us? Are saying, a hacker was smart enough to get your login and pass, but can't figure out the PIN, or is another scenario in play here?
-
Have to remember
-
come on dude you couldn't remember it? tsk tsk
-
In the past "fake" silk road login pages have set up with URL's that are similar to SR's URL but a little off. The hacker behind the phishing attack then posts their fake URl all over and logs all the username and password combos that are tried on his page. This happened not that long ago where the link on the wikipedia page was changed to a phishing site and everyone who was using the wikipedia link was sent to the phishing site that looked identical to the SR login page. The
Without a pin, the person behind the attack would be able to log into accounts and instantly drain them when he tricks someone into trying his page. The use of the pin protects everyone from these kinds of phishing attacks.
-
In the past "fake" silk road login pages have set up with URL's that are similar to SR's URL but a little off. The hacker behind the phishing attack then posts their fake URl all over and logs all the username and password combos that are tried on his page. This happened not that long ago where the link on the wikipedia page was changed to a phishing site and everyone who was using the wikipedia link was sent to the phishing site that looked identical to the SR login page. The
Without a pin, the person behind the attack would be able to log into accounts and instantly drain them when he tricks someone into trying his page. The use of the pin protects everyone from these kinds of phishing attacks.
WOW!! I didn't know that, and thats what I was asking for..
Thanks.. ok PIN stays :)
-
Just thought i'd pop in and do a quick bit of spamming to get to 50
Sorry
me, too!
Instead of trying to post something intelligent, i'll just go along and also admit what my real intention was :-[
.... lol im really getting a laugh of some of the spam posts
-
The site has always asked for a pin when registering... you probably were just too excited to get in to remember it :P That's why the pin reset exists :)
-
The security of a pin comes in handy when dealing with phishing websites. A phishing website would be set up to mimic the login page of SR so it would be very easy for them to collect unknowing user's username and password. The security comes in when they try to withdraw your bitcoins to their address they wont be able to without knowing your pin.
Phishers know this is the case which is why they ask for your pin on their fake login page.
If SR ever asks you to for a pin at login, check the URL to make sure you're on the real SR.
remember... silkroad
vb5
piz3r
.onion...if you can remember that you are in good shape to not get scammed.
-
Have to believe in your pin.
-
I think PIN should be a extra option for people that want it.
-
Lord praise the PIN
-
Dude. When you go to the ATM, you insert a PHYSICAL card, and then enter a pin to get your cash. On SR, you insert a login/password combination, then enter a pin to get your cash. Where is the difference ? And you talk about online banking. Online banking now usually requires you to enter your customer code, type a pin on a virtual keypad, and confirm whatever transaction you want to do by typing a confirmation code sent on your email or on mobile phone. Some banks even give RSA keys now.
A card is something you possess. A pin is something you know. It's called two-factor security. A password (something you know) and a PIN (something else you know) isn't two-factor security so that's where the difference lies.
If someone can hack the db to get your password, they can hack it to get your pin. Hell, with only 10000 possible combinations, a modern CPU could work out a PIN in a fraction of a second, if it's even been hashed in the first place.
If they can beat you until you tell them your password, they can beat you until you also tell them your PIN.
If they can sneak up on your machine once you're logged in and try to make an order, but not knowing your PIN would have stopped them, then requiring your password to make an order/transfer and them not knowing your password would also have stopped them.
On the other hand, if you re-used the same login and password on these forums as you did your SR account (you didn't, did you?) then it at least stops a malicious forum operator or forum security breach from stealing all your bitcoins. Unless you used 1234 for your pin (you didn't, did you?).
-
There is a plethora of threads like this in the rest of the forum. The pin was created FOR YOU so your btc aren't stolen and nobody else makes a purchase with your account. It kinda sucks when you don't remember it because it can be super inconvenient, but it's what we have and it actually works very well for it's purpose.
-
Bottom line is having the PIN has protected at least some users against having their funds stolen and this thread is not likely to change the policy.
When you set your PIN there was a message along the lines of "Do not forget this." If you can't manage to remember or securely store your PIN then you need a wait a few days.
The next challenge some users have after the PIN is getting their address right. It amazes me how often users get that wrong.
-
Yes so excited to make my first order with NorthwestDirect only to be stopped by a fuckin pin which I dont recall being asked for in the beginning. Now I miss out on the extras he was throwing in for his promo.sucks
-
There have been increasing reports of people NOT being prompted to make a pin when they create their account. Honestly, it doesn't surprise me. Yeah, it IS super inconvenient. Yes, I've forgotten my pin once.
Honestly though, you've gone your whole life without using the SR. Waiting another week for your pin isn't going to kill you.
-
There have been increasing reports of people NOT being prompted to make a pin when they create their account. Honestly, it doesn't surprise me. Yeah, it IS super inconvenient. Yes, I've forgotten my pin once.
Honestly though, you've gone your whole life without using the SR. Waiting another week for your pin isn't going to kill you.
Yes Im nit too ticked about waiting just that im going to miss out on the promotion he was having but im sure there will be others
-
dito... x
-
Suavee.. Just stumbled upon your thread here.
We feel for you bro.
Just remind us on your order, and we will honor the promotion. Maybe even throw a goodie in ur pack for ya bro.
We understand how frustrating that might be and to start a new account a lose your stats would be a pain in the ass.
They should come up with three questions and answers to comfirm for lost pin IMO (like many clearnet sites do) is there any problem with security issues on that?
There should be a fairly painless way to prove your (anonymous) identity on here AKA verifying that you are the rightful owner of that acct etc.
Also if an account such as our (knock on wood) got hacked we should be able to prove that it is ours (via forums etc.) via a few security questions to take back control and lock all BTC in acct and escrow.
Y'all following me?
NWD
-
pins are a great idea. i admit to nearly forgetting mine before my first buy but i understand how good they are for security
-
Hey all, In a very similar boat, Heres a link to a post i made earlier ,Not had any replies yet so im just posting here maybe someone can help, how do you actually get the pin reset link?
heres the link
Thanks to everyone who helps me i really appreciate it.
http://dkn255hz262ypmii.onion/index.php?topic=114140.msg775131#msg775131
-
Just a reminder when you create an account
It asks for a username
it asks for a pass phrase
it ask you to retype to confirm
it asks for a pin
It ask you to retype to confirm
it then says
DO NOT forget your PIN!
You then select locating
type captcha
and your done
For people forgetting the pin don't blame anyone but the person in the mirror.
I have read many posts in the past about getting hacked and losing access to there account for a period of time but not to there losing the BTC as the PIN stops hackers from accessing this part of your account.
-
First of all i dont think anyone is trying to blame someone for their pin not working, They just want a solution on how to fix it asap as they have btc's in the account and dont want to lose them obviously. Well that's my situation anyway.
I have emailed SR support but no reply yet, Will just have to wait till tomorrow i think.
Can anyone get me a password reset link or do they send you it?
What do i do now?
This is my situation. http://dkn255hz262ypmii.onion/index.php?topic=114140.msg775131#msg775131
Cheers all
-
can't believe ppl forgetting this all the time... EVEN SAYS WHATEVER YOU DO DONT FORGET YOUR PIN