My 2 cents.

[loggg]

Hey guys. I like the idea of this crypto a lot, but there are a few issues, I believe, that need to be ironed out before release.

The possibility of being hacked, or entering the same password as someone else is silly. It can't stay like this. To adhere to this problem, maybe something like implementing a hashing/salting passphrase generator on the client, x amount of characters in length (should be an option, i.e 10+ char) resulting in reducing the risk of sharing the same passphrase. There could be a copy to clipboard button next to it, with clear instructions to save the newly generator password in a .txt file somewhere for security, with extra instructions to make a paper copy. Or alternatively at least code some validation for the field, i.e making the min character length higher, upper and lower case, number and/or symbol, again with instructions to make a copy as it is the only one you'll have.

Also, as a lot of people have already commented on, the top x amount of shareholders need to distribute their stocks. There are a lot of reasons for this, but the main ones being to increase early adoption, promotion, and fairness. We know you put your own money into this, and are probably waiting out till it's traded on other exchanges, but in the meanwhile, share the love  , as the potential gains for you are ridiculous, and if you have faith in your investment you will distribute your huge quantities more equitably, to ensure growth and adaptation to this innovate currency.

Another thing: 'nextcoin.org'. Am I the only one here getting mixed messages? Nxt, NXT, Next, nextcoin. Which one? Leading on from this, logo/coin design. Need to come up with something that really catches the eye; there are a couple of nice ones in the that artwork topic that look nice.

The currency obviously has great potential as it is the first big differential from btc, and from how much support and signups it's seen in such a small time, considering it's essentially still in designmode. But the bottom-line is, if we don't see to these issues and start developing, the 'Descendant of Bitcoin' could be taken over and ripped by someone else who does it right.

What does anyone think?

[Mistafreeze]

Dealing with the pass phrase, I assume it hashes the passphrase to produce an account number. Something as simple as adding a pin number field and hashing it with the pass phrase to produce the account number would help immensely since the odds of someone guessing an identical pass phrase and 4 digit pin are next to none. Nothing changes in the way things are done, they simply need to concatenate the 2 fields before adding the account to the blockchain, and security is increased a ton.

[loggg]

Dealing with the pass phrase, I assume it hashes the passphrase to produce an account number. Something as simple as adding a pin number field and hashing it with the pass phrase to produce the account number would help immensely since the odds of someone guessing an identical pass phrase and 4 digit pin are next to none. Nothing changes in the way things are done, they simply need to concatenate the 2 fields before adding the account to the blockchain, and security is increased a ton.

Yes that would definitely help. Added security levels are a must, I think.

[MadeTran]

a 4 digit pin is worthless......you can brute force that easily. A second password field to log in with the ability to choose from 5 different encryption methods would be sweet. You'd have to know the passphrase, the password, AND what encryption method was used. That's fucking secure. This only passphrase stuff has to go, 100% agreement with you there.

[sisseck]

I agree that something needs to be done about the pass phrase. I when first started the client I didn't realize that the password I was entering was going to seed my address. I ended up using a very insecure password and posting my address in a few giveaways. I have since changed to a much more secure pass phrase but a lot of newbies are going to make the same mistake I did but some of them are not going to realize their mistake.

If this is going to take off there needs to be a better way to secure your wallet. If NXT gains in value there is going to be incentive for a bunch of people to start attacking the network with pass phrases and they are going to steal peoples funds.

[Come-from-Beyond]

There is not need for extra PIN field. Enter ur passphrase and then PIN in the same field right away.

[vkontakte]

Also, as a lot of people have already commented on, the top x amount of shareholders need to distribute their stocks. There are a lot of reasons for this, but the main ones being to increase early adoption, promotion, and fairness. We know you put your own money into this, and are probably waiting out till it's traded on other exchanges, but in the meanwhile, share the love  , as the potential gains for you are ridiculous, and if you have faith in your investment you will distribute your huge quantities more equitably, to ensure growth and adaptation to this innovate currency.

Even if they distribute half of billion with small portions and leave other part in their pockets, it will be rent, zero sum circulation, because all comissions (mining fees) will come inevitably to their pocket. So this gonna be new feudalism.

[Mistafreeze]

There is not need for extra PIN field. Enter ur passphrase and then PIN in the same field right away.

Essentially this is exactly what I meant, but separating the fields for ease of use. Behind the scenes they'd be concatenated together before the account number was generated, making brute forcing of the pin something that wouldn't need to be worried about.

[MadeTran]

Come from beyond, I understand you are much more knowledgeable and intelligent than the rest of us when it comes to security.......but this Passphrase stuff "feels" insecure......I'm confident in mine because it's longer than a bitcoin address hash but still......If you want a higher adoption rate, this shit has got to go. I know you got a direct line to the DEV. People are going to think NXT sucks shit just because of this, it's cause for concern. It will directly affect the marketability on launch day if it isn't changed or have an added security feature, just for the sake of investor emotions/psychology.

A lot of investors are not crypto savvy and they are going to make easily brute forcible accounts regardless of the warning you display on the passphrase login window......their nxt is gonna get stolen, they're gonna whine and bitch all over the internet.....and it's only going to plant the seeds of dislike for the whole thing even deeper and more tree's will grow and bear more bad fruit.

[Come-from-Beyond]

Come from beyond, I understand you are much more knowledgeable and intelligent than the rest of us when it comes to security.......but this Passphrase stuff "feels" insecure......I'm confident in mine because it's longer than a bitcoin address hash but still......If you want a higher adoption rate, this shit has got to go. I know you got a direct line to the DEV. People are going to think NXT sucks shit just because of this, it's cause for concern. It will directly affect the marketability on launch day if it isn't changed or have an added security feature, just for the sake of investor emotions/psychology.

A lot of investors are not crypto savvy and they are going to make easily brute forcible accounts regardless of the warning you display on the passphrase login window......their nxt is gonna get stolen, they're gonna whine and bitch all over the internet.....and it's only going to plant the seeds of dislike for the whole thing even deeper and more tree's will grow and bear more bad fruit.

BCNext decided to use brainwallet. After the source code released anyone will be able to implement "wallet.dat" on top of that.

[MadeTran]

That's good news......so you have to have the passphrase and access to the wallet.dat file? That's something that will ease everyone's mind. I thought this brain wallet crap was going to be the only feature in that area.

One other question for you, being as you and gravitron probably have the most knowledge based on what I know.......The forging system, I still don't understand it in it's entirety.......do people get returns at the same rate even though they have different amounts?

For example, obviously the guy with 1m next gets richer quicker because he has a higher stake.....BUT does the poor noob from nicaragua that managed to get 100 next in his account going to see returns in the same proportion? I'm just pulling a number out of my ass here but for the sake of example, lets say it's a 1% rate.......does the guy with 100 nxt get 1% and the guy with 1 million get 1% or is the percentage paid out to the guy with more higher?

I know it doesn't quite work that way but I'm just trying to figure out if the guy with 100 can forge 1 NXT in the same time frame as the guy with 1 million can generate 10,000. I would certainly hope so

[Come-from-Beyond]

One other question for you, being as you and gravitron probably have the most knowledge based on what I know.......The forging system, I still don't understand it in it's entirety.......do people get returns at the same rate even though they have different amounts?

For example, obviously the guy with 1m next gets richer quicker because he has a higher stake.....BUT does the poor noob from nicaragua that managed to get 100 next in his account going to see returns in the same proportion? I'm just pulling a number out of my ass here but for the sake of example, lets say it's a 1% rate.......does the guy with 100 nxt get 1% and the guy with 1 million get 1% or is the percentage paid out to the guy with more higher?

I know it doesn't quite work that way but I'm just trying to figure out if the guy with 100 can forge 1 NXT in the same time frame as the guy with 1 million can generate 10,000. I would certainly hope so

The rate is the same but only in the long run. Nicaragua guy will see much higher variation, successful forging will be like finding a diamond in coal for him. Having 100 NXT he may forge a block with 10,000 NXT fees.