There is only one way to have good security on epassporte

[Klen]

I examined other p2p systems and concluded each of these system can be comprimised if hacker got your username and password.
Some of them have additional protection like requiment of putting birthday info during each send but that info can be founded very easily in most cases and it doesnt help much.
So that means people who blame epass for bad security they blame it without valid reason.
So i conclude there is only way to prevent situation where your money gone:disable p2p send transfer.
In most cases webmasters uses epass so they can get faster withdraw and they dont need to send money to anyone.
Even if someone need to pay hosting and similar things,they can still use virtual visa electron which cannot be abused as p2p send transfer.
So epassporte need to allow their users to disable p2p send option if they want to do it and voila,no more problems with hacked accounts.

[scottybuzz]

Genius. I think you just sovled all the fraud problems in the world there Klentelaris. Complete genius.

[dready]

Not a bad idea. I could get along just fine without that option.

[FredIsMe]

Bump for epassporte folks

Why not have a digital password system that requires you to have a piece of hardware that changes passwords every 10 seconds on you at all times in order to login?

[xmas13]

Epassporte is a one-man show, this, is epassporte's main problem.

[dready]

Quote:

Originally Posted by bdjuf

Why not have a digital password system that requires you to have a piece of hardware that changes passwords every 10 seconds on you at all times in order to login?

Good idea also. Paypal will send you an RSA SecurID tag for only $5.

[QTbucks_Mark]

Quote:

Originally Posted by bdjuf

Why not have a digital password system that requires you to have a piece of hardware that changes passwords every 10 seconds on you at all times in order to login?

Or use plain old one-time transaction codes like almost every sane banking system.

Actually, why doesn't epassporte do this? Just send a letter with 50 or so one-time codes via mail, charge a dollar or two for the postage fee and advertise it as brand-new-foolproof-and-almost-unbreakable-security-feature or something like that...

Of course someone still could gain access, but getting your username, password, the new security question AND a piece of paper nobody but you has - that's pretty damn hard. Justy my

[Klen]

Quote:

Originally Posted by bdjuf

Why not have a digital password system that requires you to have a piece of hardware that changes passwords every 10 seconds on you at all times in order to login?

Or simply token which generates unique pin every time when you need to login(one bank has that and it works fine).Impossible to have unauthorized access.Unless someone have your token and knows pin of token

[nico-t]

well... then they have to secure the option to disable p2p transfers too, otherwise the hacker can simply enable it when he got the good old username and password... i think the best way is just not being a fool when it comes to your pass, and also change it once in a while.

[DamageX]

Disable P2P transfers for me and I drop epassporte faster than you can say drop.