Pages: 1 [2] :: one page |
|
Author |
Thread Statistics | Show CCP posts - 1 post(s) |
CherniyVolk
Federal Navy Academy
|
Posted - 2009.04.28 18:44:00 -
[31]
Edited by: CherniyVolk on 28/04/2009 18:46:27 What if CCP offered an advanced authentication system?
For 20 USD, they'll create a smart card (similar to a DoD CAC card), and mail it to you. Your fat-finger authentication will no longer be valid and only the smart card authentication system will be useful after activating it (much like a new credit card). This will require at least a Smart Card reader, which many Sony Laptops come with by default. You can pick up SC readers for 10 USD a pop.
Now, it's the advantages of physical dongle security, but enhanced with the strength of cryptographic shared keys! Plus, I'm sure an EVE authentication card would be uber sexy. Might even be bold enough to log into EVE from one of those myriad network gaming business found scattered in every mall in Southern California.
This system works pretty well with restricting access to Government and Military websites... maybe it's strong enough for a game?
|
Emperor Cheney
|
Posted - 2009.04.28 19:12:00 -
[32]
Originally by: CherniyVolk Edited by: CherniyVolk on 28/04/2009 18:46:27 What if CCP offered an advanced authentication system?
For 20 USD, they'll create a smart card (similar to a DoD CAC card), and mail it to you. Your fat-finger authentication will no longer be valid and only the smart card authentication system will be useful after activating it (much like a new credit card). This will require at least a Smart Card reader, which many Sony Laptops come with by default. You can pick up SC readers for 10 USD a pop.
Now, it's the advantages of physical dongle security, but enhanced with the strength of cryptographic shared keys! Plus, I'm sure an EVE authentication card would be uber sexy. Might even be bold enough to log into EVE from one of those myriad network gaming business found scattered in every mall in Southern California.
This system works pretty well with restricting access to Government and Military websites... maybe it's strong enough for a game?
The people who would pay 20$ for a better login system are not the same people who willingly send their credit card information to Chinese scammers or click through phishing email links. It might be a good way to make more money, but it is not a good way to stop this particular security issue.
|
Emperor Cheney
|
Posted - 2009.04.28 19:24:00 -
[33]
followup pointless troll: it is hilarious that the same userbase that often considers itself "elite" for navigating a counter intuitive UI and contradictory documentation so routinely falls prey to account security compromises my grandmother is sophisticated enough to avoid. Phishing emails: don't click the links.
|
James Lyrus
Lyrus Associates The Star Fraction
|
Posted - 2009.04.28 19:27:00 -
[34]
IP lockdown would be good too. I only really ever play EVE from one location...
|
Alora Venoda
GalTech Whiskey Creek Alliance
|
Posted - 2009.04.28 19:39:00 -
[35]
Originally by: James Lyrus IP lockdown would be good too. I only really ever play EVE from one location...
this. credit card and bank websites now "authorize" your computer when you login, usually by answering additional questions. once authorized, you can choose to stay authorized at that computer, or require it every time you login.
~~~~~ Remember, EVE is a sandbox and other MMOs are rock gardens. Pretty rocks can be collected, but collecting sand is pointless. Instead build a sandcastle and keep it from being knocked down. |
CherniyVolk
Federal Navy Academy
|
Posted - 2009.04.28 19:41:00 -
[36]
Edited by: CherniyVolk on 28/04/2009 19:42:49
Originally by: Emperor Cheney
The people who would pay 20$ for a better login system are not the same people who willingly send their credit card information to Chinese scammers or click through phishing email links. It might be a good way to make more money, but it is not a good way to stop this particular security issue.
Sadly I think you are right. Maybe my own suggestion was a bit selfish. My own vision of running around with a cool looking holographic etched Gallente authentication CAC card to access my account in EVE.... it is geeky cool though.
I do feel if everyone was on board it would give a significant challenge to anyone attempting to hi-jack an EVE account. But if given the choice, enough people might think a card would be a hassle and prefer to remember and type a three or four letter password each time. Square One.
|
Generic Person
|
Posted - 2009.04.28 19:53:00 -
[37]
Quote: this. credit card and bank websites now "authorize" your computer when you login, usually by answering additional questions. once authorized, you can choose to stay authorized at that computer, or require it every time you login.
That won't save you from a trojan, since banks only ask for couple of question/answer combos all a hacker has to do is wait for you to login a few times before they have every combination. Yes, once your computer is "authorized" you don't have to answer the security question anymore, but in that case all a hacker has to do is delete the cookie(once your computer is compromised its safe to assume a hacker can do anything you can do), and thus force a re-authorization that the average user will gladly do. The whole "authorization" is a misnomer, it doesn't really do anything for the non-paranoid average user.
|
|
|
|
Pages: 1 [2] :: one page |
First page | Previous page | Next page | Last page |