Reminder: enable two-factor authentication

[Steve Sokolowski]

For the first time in years, there have been a few incidents where people who did not have two-factor authentication enabled, and had their earnings for a day or two stolen.

Only 14% of accounts have two-factor authentication enabled, and many accounts do not prevent access from the Tor network. In the entire history of the pool, there have been zero thefts to customers who were using these two security features.

Prohashing does not consider refunds to customers whose accounts are compromised when these two features are not enabled under any circumstances. Furthermore, because there is no way to verify which person is the owner of the account in these circumstances, in most cases the only ethical action that can be taken is to disable the account and prevent the money from being paid to either person.

Please enable two-factor authentication as soon as possible, and disable Tor access if you don't use the Tor network.

In the future, we will be requiring that every new account password or password change must be unique across all time - that is, that it must never have been used before by anyone in any database that has ever been leaked by any site. We expect this feature to be available after our next web developer is hired.

[-MaVerick-]

In the future, we will be requiring that every new account password or password change must be unique across all time - that is, that it must never have been used before by anyone in any database that has ever been leaked by any site. We expect this feature to be available after our next web developer is hired.

That sounds great! Never heared of a website with a security feature like that and thinking of it, why has noone thought about that yet? Every site I can think of got this traffic light system or not even that.