• User-uploading of files is now fully enabled!! Check out our full announcement for details.

    All accounts with 0 posts on them have been purged. If you are coming back to us after a long time and you find you can't log in, then that would probably be why.

Official User Verification Code List

Arnox

Master
Staff member
Founder
Messages
6,144
Compare a code from this list from the appropriate user to verify a VirusTotal link. Codes are not case-sensitive and are always 64 characters in length. If you would like to add your own code to this list and you are a registered member, post it down below and I will add it.

See this thread for more details on what all this is about.

UserVerification Code
@Arnoxe3d9b5cda1f6f60faa7c54e55bf79088b9d7827c1a935d1814f120d3fa09e034

EDIT1: Ok, guys... We now have a problem. >_> Although it's ironically funny too.

VirusTotal has added an actually surprisingly generous feature of allowing anyone who uploads a file to now download it from their servers as well. There seems to be absolutely no way to tell them to delete the file. So, unfortunately, by actually being very prosumer, VirusTotal has unintentionally fucked with sharing User Verification Codes. lol Or at least, partly anyway. The Digital User Signature system was made so that even if VirusTotal were to go down, Sanctuary could still operate the system completely independently. But... This does mean it's gonna be much more of a hassle since we'll now need to fallback on the second method of verifying User Verification Codes, and that is directly uploading the Digital User Signature file in a post ALONG WITH A NEW SHA256 HASH OF A NEW FILE OF THE USER'S CHOOSING IN THE SAME POST.

I've contacted VirusTotal about this and hopefully they'll allow file deletion in the future, but until they do, for now, we're gonna have to rely on the second failsafe method of verification if we ever need it.
 

Attachments
(DO NOT TRUST ATTACHMENTS BY DEFAULT. Use VirusTotal at least to quickly scan the files.)

Last edited:
This is a reminder post that if you give even just one single fuck about me or this site, then make sure you have the verification codes saved. If you don't, then nobody can help you if the site or I suddenly get compromised and I gotta do a reset or even an entire restore on another domain. You will have no 100% way of verifying me if you don't have the codes.

That is all.
 
Ok, guys... We now have a problem. >_> Although it's ironically funny too.

VirusTotal has added an actually surprisingly generous feature of allowing anyone who uploads a file to now download it from their servers as well. There seems to be absolutely no way to tell them to delete the file. So, unfortunately, by actually being very prosumer, VirusTotal has unintentionally fucked with sharing User Verification Codes. lol Or at least, partly anyway. The Digital User Signature system was made so that even if VirusTotal were to go down, Sanctuary could still operate the system completely independently. But... This does mean it's gonna be much more of a hassle since we'll now need to fall back on the second method of verifying User Verification Codes, and that is directly uploading the Digital User Signature file in a post ALONG WITH A NEW SHA256 HASH OF A NEW FILE OF THE USER'S CHOOSING IN THE SAME POST.

I've contacted VirusTotal about this and hopefully they'll allow file deletion in the future, but until they do, for now, we're gonna have to rely on the second failsafe method of verification if we ever need it.
 
Bump for new people.

THIS THREAD IS INCREDIBLY IMPORTANT. SHOULD SANCTUARY SUDDENLY GO DOWN AND YOU NEED TO VERIFY ANYONE'S IDENTITY, USER VERIFICATION CODES ALLOW USER VERIFICATION WITH 100% ACCURACY AND NO PARTICULAR WEBSITE DEPENDENCE, ASSUMING WHATEVER YOU USED TO GET YOUR SHA-256 HASH ISN'T BRUTE-FORCEABLE.

Check the link thread in the OP if you have further questions. It will explain everything.
 
Bump.

THIS THREAD IS INCREDIBLY IMPORTANT. SHOULD SANCTUARY SUDDENLY GO DOWN AND YOU NEED TO VERIFY ANYONE'S IDENTITY, USER VERIFICATION CODES ALLOW USER VERIFICATION WITH 100% ACCURACY AND NO PARTICULAR WEBSITE DEPENDENCE, ASSUMING WHATEVER YOU USED TO GET YOUR SHA-256 HASH ISN'T BRUTE-FORCEABLE.

Check the link thread in the OP if you have further questions. It will explain everything.

By the way, I think VirusTotal actually removed being able to download files that were uploaded, so it may perhaps work again as an intermediary.
 
Bump.

THIS THREAD IS INCREDIBLY IMPORTANT. SHOULD SANCTUARY SUDDENLY GO DOWN AND YOU NEED TO VERIFY ANYONE'S IDENTITY, USER VERIFICATION CODES ALLOW USER VERIFICATION WITH 100% ACCURACY AND NO PARTICULAR WEBSITE OR SOFTWARE DEPENDENCE, ASSUMING WHATEVER YOU USED TO GET YOUR SHA-256 HASH ISN'T BRUTE-FORCEABLE.

Check the link thread in the OP if you have further questions. It will explain everything.
 
Wait, do you actually think this is stupid or are you just trolling?
A bit of both - don't see a scenario in which I'd need to verify anyone's identity much less with 100% accuracy

Anyone putting effort into impersonating me probably has good reason for it and can provide you that code
 
don't see a scenario in which I'd need to verify anyone's identity much less with 100% accuracy

For you: If you lose access to your account or email for any reason, you can easily reverify yourself by uploading your password file to VirusTotal and posting the link to the results page. This can also be used on other sites and communities as you like.

For me: If Sanctuary goes down and I start up the site elsewhere, or post anywhere else, you can easily verify that it's me 100% without a single doubt by comparing my verification code to the SHA256 hash in the VirusTotal results link I post.

Anyone putting effort into impersonating me probably has good reason for it and can provide you that code

Not if you don't make it able to be brute-forced. Assuming you pick a password file that is sufficiently long, barring perhaps quantum computers, it is downright practically impossible for anyone to guess what the password file would be.

So, in summary, this method of verification,
1. Is impossible to break without a brute-forceable password.
2. Doesn't require storing your passwords on any device as long as you can remember them.
3. Doesn't rely on any site or software whatsoever besides software that simply computes a SHA256 hash.
4. Is very easy to do.
5. Is fully portable across sites and communities in its entire implementation.
6. Proves someone's identity without any possible doubt, again, assuming the password is sufficiently secure.
 
Last edited:
Back
Top