Nxt Forum

Please login or register.

Login with username, password and session length
Advanced search  

News:

Latest Nxt Client: Nxt 1.11.14 - Latest Ardor Client: Ardor 2.0.14

Pages: [1]

Author Topic: NRS v1.11.13  (Read 5124 times)

Jelurida

  • Core Dev
  • Jr. Member
  • **
  • Offline Offline
  • Posts: 37
    • View Profile
  • Karma: +20/-0
NRS v1.11.13
February 12, 2018, 07:14:04 pm

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Release 1.11.13

https://www.jelurida.com/

sha256 checksums:

c828d8a4bc011378183c1e5c97a065c103f1773b768859836b77e3169809b7e8  nxt-client-1.11.13.zip

cad848a9fd2ba878a506389cdea134f3152f804fdea67be21bad7a0bda4d1305  nxt-client-1.11.13.sh

The exe and dmg packages must have a digital signature by "Stichting NXT".


Change log:

Desktop wallet performance optimizations to reduce excessive load.

Do not allow login using passphrase to a non-existing account to prevent users
from losing their funds due to a typo. Use the "choose your own passphrase"
link under "create new account" if you really need to login to a non-existing
account using passphrase.

Client UI enhancements and bugfixes.


-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJagaLlAAoJEAz5x0ctgLi50ysQAJhJ38Jq7fzeOFS7dsjLlFBJ
PaZmo/Bz9GkmWjMzjualbw66YbcVZ3RuFFGeiikASyMHBNrJlr0D5SLF/9eUA3WS
nCEpCYWpMFSfnaHB2QGooZOoWTEZJXNSFvthSE74li7/KxahEGPuT2aePvVT9nx0
BgHUWhGyZtw3mR+Rrvt/TgHl11hghaz/tRILYXJ+KUjT8S5ue/UtNW0l3Ap83bVF
zTbO9LOd6s+8Q1qJpjcx0z1l1XPSn3UVW5BW6Wtp0d5MLhkjX/Kq6jaYKU1sVRHp
SnT13e9+SWwYk3Zt2vto1l5BwuGYCv2uETBidoF9RsuTOWSKFdo2Zry/pCwHxQ6n
0JGUrC2ggjrUCfVXRfDh5YXe/eL0ApU+2m/BxMcuB1UaLwy4nqoXWegoz1y+VjxQ
BuC1Od0m+C4dsyW8HJbKoQspUS83UWJJge1Hm4BR/f6riXI7NqnIZUsbtoA0srSt
8OsjgNtQyPNlxuRxP+oTLHHCQ6DN/MFuPFGahzqpi2eapl6spzMfwxKOPvjVKkd5
SmO7OEtcJWgFLVhHr6L5OrKHw9D0Ckmn4kyyO04ESqU3ihw7t7TUG3TvYk+pZ742
1I8BvTFIX7DaHf330mre/TUjx6KHVf1NcTRBzNhZKaTBuaI2khSrF/xO2Ur8yqpB
hXHsvp0wLatAhhXaBHFp
=l0Hh
-----END PGP SIGNATURE-----

Riker

  • Core Dev
  • Hero Member
  • *****
  • Offline Offline
  • Posts: 1772
    • View Profile
  • Karma: +436/-42
Re: NRS v1.11.13
February 12, 2018, 07:53:27 pm

Mobile app https://bitbucket.org/Jelurida/nxt/downloads/nxt-client-1.11.13.apk
SHA256 0cb8f0a62fd1ba9890cfda4410d25b21fa79256f06759f7c6396269c04ddcf97
NXT Core Dev
Account: NXT-HBFW-X8TE-WXPW-DZFAG
Public Key: D8311651 Key fingerprint: 0560 443B 035C EE08 0EC0  D2DD 275E 94A7 D831 1651

starik69

  • Sr. Member
  • ****
  • Offline Offline
  • Posts: 302
    • View Profile
  • Karma: +11/-17
Re: NRS v1.11.13
February 13, 2018, 01:30:11 pm

Use the "choose your own passphrase"
link under "create new account" if you really need to login to a non-existing
account using passphrase.
But now it blocks accessing empty accounts with passphrase less than 35 symbols  :'(
I think it is too strict restriction >:(
NXT-R2U6-22MC-LQL2-22222 (648774468) - NXT | All versions of NXT client and more - https://mega.co.nz/#F!J1xmgAyC!cnaqdxHALLMGiS0hTPrhAg

hob

  • Full Member
  • ***
  • Offline Offline
  • Posts: 118
    • View Profile
  • Karma: +3/-0
Re: NRS v1.11.13
April 26, 2018, 08:05:04 pm

I don't think it's too strict. New users should be forced to use a strong passphrase.
Dump your NXTs on me ;-P  NXT-3EK4-QWSA-3MVK-H22AY

Right.Here

  • Full Member
  • ***
  • Offline Offline
  • Posts: 222
    • View Profile
  • Karma: +21/-4
Re: NRS v1.11.13
April 26, 2018, 08:20:53 pm

Hi  :D

weak passphrases are vulnerable to brute forcing attacks via API, you must never use passwords less than 64 characters ...

the passphrases generated by the wallet are vulnerable because they use a dictionary which makes them predictable

in my NBCK i use a random string generator of 128 characters ... if you want a copy just ask . it work for NXT too  ;)
NXT-LJV5-YSF4-MXXX-438D5

blackyblack1

  • Hero Member
  • *****
  • Offline Offline
  • Posts: 1752
    • View Profile
  • Karma: +165/-82
Re: NRS v1.11.13
April 27, 2018, 08:12:17 am

weak passphrases are vulnerable to brute forcing attacks via API, you must never use passwords less than 64 characters ...
How did you calculate it?

the passphrases generated by the wallet are vulnerable because they use a dictionary which makes them predictable
You are wrong. Brainwallet passphrases are strong enough.

Right.Here

  • Full Member
  • ***
  • Offline Offline
  • Posts: 222
    • View Profile
  • Karma: +21/-4
Re: NRS v1.11.13
April 27, 2018, 08:34:53 am

Hi  :D
weak passphrases are vulnerable to brute forcing attacks via API, you must never use passwords less than 64 characters ...
How did you calculate it?

the passphrases generated by the wallet are vulnerable because they use a dictionary which makes them predictable
You are wrong. Brainwallet passphrases are strong enough.

https://nxtforum.org/introduce-yourself/warning!-please-read-before-making-your-nxt-account!-(please-sticky)/

just read the forum... there was many victims because of this brain wallet passphrases...
NXT-LJV5-YSF4-MXXX-438D5

VanBreuk

  • Administrator
  • Hero Member
  • *****
  • Offline Offline
  • Posts: 2767
    • View Profile
  • Karma: +357/-18
Re: NRS v1.11.13
April 27, 2018, 12:08:35 pm

Reducing the security level of a passphrase to the number of characters is misleading. String length is one important factor, but there's others: the set of characters you're using (lowercase letters, uppercase letters, numbers and/or symbols), the uniqueness of the string (whether it can be found elsewhere online or offline), the non-relation to any of your personal information, and the use of a random, or at least pseudo-random, creation algorithm. If you want to suggest an objective measuring rod for password strength, it would be better to use the bits of entropy in the string. That, together with safe storage of the string and its uniqueness, is what makes a passphrase secure.

the passphrases generated by the wallet are vulnerable because they use a dictionary which makes them predictable

This is not true. Many cryptocurrency platforms and tools use a random set of 12+ words randomly chosen from a large enough dictionary set as seed to derive private keys from. There's been several discussions about this, and presuming your personal security is solid, the passphrases generated by the official wallet are secure against brute force attacks. See for instance https://nxtforum.org/general-discussion/is-12-words-enough
GPG Fingerprint: B020 D1C1 F289 3B2C 3577  9EAD 455D D175 5913 C7F1

blackyblack1

  • Hero Member
  • *****
  • Offline Offline
  • Posts: 1752
    • View Profile
  • Karma: +165/-82
Re: NRS v1.11.13
April 29, 2018, 08:59:52 am

Hi  :D
weak passphrases are vulnerable to brute forcing attacks via API, you must never use passwords less than 64 characters ...
How did you calculate it?

the passphrases generated by the wallet are vulnerable because they use a dictionary which makes them predictable
You are wrong. Brainwallet passphrases are strong enough.

https://nxtforum.org/introduce-yourself/warning!-please-read-before-making-your-nxt-account!-(please-sticky)/

just read the forum... there was many victims because of this brain wallet passphrases...
I have read through your link and did not see any proof of your words. Nxt brainwallet generator is strong enough.
Pages: [1]