| Pages: [1] 2 3 4 :: one page |
|
|
| Author |
Thread Statistics | Show CCP posts - 0 post(s) |
mazzilliu
Caldari
Sniggerdly
Pandemic Legion
   |
Posted - 2009.04.21 04:36:00 -
[1]
Edited by: mazzilliu on 21/04/2009 04:44:48
Account hacking has been a big issue for some people, and this thread:
http://www.eveonline.com/ingameboard.asp?a=topic&threadID=1051836
suggests the method of the attack is re-used passwords from mass lists gathered of user accounts(where, presumably, a site that gathers account information is compromised or was not legit to begin with). the best and really the only way to stem the tide is to enforce mandatory password minimum requirements(lowercase, uppercase, number, symbol, 8+chars required), and to force users to change them every period of time- while also not allowing them to re-use old passwords.
a thread in general discussion isn't going to help even 1% of potential victims. preventing people from picking whatever horrible password they want will help them. the sort of people who use their "letmein" password for their crappy game forums and also for their EVE account aren't the sort of people who will pay attention to password strength bars or account access logs.
pros:
-save CCP money with GM time sorting out hacked accounts at the cost of initial investment of programmer time sorting out the new password security
-fewer incidents of hacked accounts. doesn't make it easy for them anymore.
con: people getting ****ed off because they forget their password because it isn't "123456" or something equally awful. but they can change it back if they supply an e-mail address or credit card they used with the account.
(i bet a lot of people reading this thread have 123456 as their password. see i know your password i will hack you now)
http://www.eveonline.com/ingameboard.asp?a=topic&threadID=1045803
VOTE FOR ME FOR CSM |
mazzilliu
Sniggerdly
Pandemic Legion
|
Posted - 2009.04.21 04:45:00 -
[2]
Edited by: mazzilliu on 21/04/2009 04:45:31
supportin myself itt
http://www.eveonline.com/ingameboard.asp?a=topic&threadID=1045803
VOTE FOR ME FOR CSM |
SOH'CAH'TOA
Pandemic Execs
Pandemic Legion
|
Posted - 2009.04.21 04:46:00 -
[3]
mazzilliu is god and i am not her alt
|
Alt Troll
SniggWaffe
|
Posted - 2009.04.21 04:47:00 -
[4]
im a main character i promise. best idea ever mazzilliu should be elected queen of the world or at least CSM.
____________
FEED me!
You know you want to 
-all posts made on this character represent the views of my main's corp, alliance, as well as the views of everyone else in EVE and in the universe.- |
ROF''''''''''''''''''''L
Sniggerdly
Pandemic Legion
|
Posted - 2009.04.21 04:48:00 -
[5]
also not mazziliu's alt voicing support for everything mazzilliu says
*snip*. Signature removed as it is excessively distracting. Mail us at [email protected] if you have any further queries - Valorem |
YAR''''''''''''''''''''R
GoonFleet
GoonSwarm
|
Posted - 2009.04.21 04:49:00 -
[6]
comment about subscribing to your newsletter etc etc
|
Beastoria
Sniggerdly
Pandemic Legion
|
Posted - 2009.04.21 04:50:00 -
[7]
this is totally the original beastoria voicing his support for mazzilliu.
--------------------------------------------------
Please resize image to a maximum of 400 x 120, not exceeding 24000 bytes, ty. If you would like further details please mail [email protected] - Cortes |
Criegor
Sniggerdly
|
Posted - 2009.04.21 04:52:00 -
[8]
why are the login/logout pages so slow i do not like this
however i like this idea a lot
|
Insane Cat'Lady
|
Posted - 2009.04.21 04:53:00 -
[9]
 Originally by: Criegor
why are the login/logout pages so slow i do not like this
however i like this idea a lot
yeah me too
|
Emo''''''''''''''''''Kid
|
Posted - 2009.04.21 04:53:00 -
[10]
I like pineapples.
|
|
|
Kirann
|
Posted - 2009.04.21 04:55:00 -
[11]
i'm voting for this thread and also voting for mazzilliu for the CSM because she is awesome and hot and stuff and i am not biased.
|
Amarr'Scum
|
Posted - 2009.04.21 04:56:00 -
[12]
mazzilliu is possibly the best human being to ever be born on the face of this earth.
|
DERE'''''''''''''''''''K
|
Posted - 2009.04.21 04:57:00 -
[13]
little known fact mazzilliu has 12 alts and does not abuse them in any way, for mazzilliu would never abuse a single broken feature on these forums.
no, not ever.
|
Romale
Sniggerdly
Pandemic Legion
|
Posted - 2009.04.21 05:18:00 -
[14]
i blindly follow whatever mazzilliu says
|
Ander
Gallente
Sniggerdly
Pandemic Legion
|
Posted - 2009.04.21 05:23:00 -
[15]
I do not support this motion. Clearly Mazz is an evil mistress and must be stopped!
I for one do not want to remember anything other than 12345 as my account password!
EVE PIRATE
|
mazzilliu
Caldari
Sniggerdly
Pandemic Legion
|
Posted - 2009.04.21 05:33:00 -
[16]
Originally by: Ander
I do not support this motion. Clearly Mazz is an evil mistress and must be stopped!
I for one do not want to remember anything other than 12345 as my account password!
regardless of what you said, you forgot to check "vote"
http://www.eveonline.com/ingameboard.asp?a=topic&threadID=1045803
VOTE FOR ME FOR CSM |
Ander
Gallente
Sniggerdly
Pandemic Legion
|
Posted - 2009.04.21 07:37:00 -
[17]
Originally by: mazzilliu
Originally by: Ander
I do not support this motion. Clearly Mazz is an evil mistress and must be stopped!
I for one do not want to remember anything other than 12345 as my account password!
regardless of what you said, you forgot to check "vote"
You cant make me!
EVE PIRATE
|
Santiago Fahahrri
Galactic Geographic
|
Posted - 2009.04.21 12:40:00 -
[18]
Supported
~ Santiago Fahahrri
Galactic Geographic |
LaVista Vista
Conservative Shenanigans Party
|
Posted - 2009.04.21 13:05:00 -
[19]
Edited by: LaVista Vista on 21/04/2009 13:06:48
First of all.
You can't re-use a password in the first place.
Second, while the intention is good, the solution put forward only serves to annoy more people than it helps.
I would be ****ed off if a *game* forces me to change my password on a regular basis. Granted that I do it, EVE shouldn't force me to do anything but pay my subscription.
EDIT:
On the other hand, but implementing a security warning that is shown on the character-selection screen could work.
Basically, if you haven't changed your password for x amount of time, it will say "WE RECOMMEND THAT YOU CHANGE YOUR PASSWORD." in big bold letters.
|
Drake Draconis
Minmatar
Shadow Cadre
Worlds End Consortium
|
Posted - 2009.04.21 14:17:00 -
[20]
First off... anyone who posts a stupid idea like this and has a crap ton of alts posting support is just begging for trouble.... which makes this idea completely stupid.
Secondly.... If you are running a computer with little to no security on it... and you go off and make a dumbass move in buying ISK... you deserve to be hacked.
Thirdly... It is YOUR responsibility to secure your account... if you don't got brains enough to figure that out.... then I sincerely hope you enjoy being hacked.
Don't blame CCP for the lack of intelligence YOU have.
Get a brain... and actually USE IT.
not supported.
=========================
CEO of Shadow Cadre
http://www.shadowcadre.com
=========================
|
|
|
mazzilliu
Caldari
Sniggerdly
Pandemic Legion
|
Posted - 2009.04.21 14:59:00 -
[21]
Originally by: LaVista Vista
You can't re-use a password in the first place.
Second, while the intention is good, the solution put forward only serves to annoy more people than it helps.
do you even know what re-using passwords means? \=
anyways, wrong and wrong. you would be really surprised the number of eve accounts you can log into if you capture the username + password + e-mail handed over to a ****ty forum with users that play EVE. not like ive ever done it personally, but you know, ive seen it done. a lot of people re-use their passwords.
in my experience users cant be trusted with their first and second choices of passwords. the periodic changes dont have to be often, and perhaps a minimum complexity requirement will do just fine. but if you let people do what they want you will always have a certain percentage of people that get "hacked" when in reality they input their same password somewhere else.
Quote:
EVE shouldn't force me to do anything but pay my subscription.
i find this quote funny
http://www.eveonline.com/ingameboard.asp?a=topic&threadID=1045803
VOTE FOR ME FOR CSM |
mazzilliu
Caldari
Sniggerdly
Pandemic Legion
|
Posted - 2009.04.21 15:07:00 -
[22]
Originally by: Drake Draconis
First off... anyone who posts a stupid idea like this and has a crap ton of alts posting support is just begging for trouble.... which makes this idea completely stupid.
Secondly.... If you are running a computer with little to no security on it... and you go off and make a dumbass move in buying ISK... you deserve to be hacked.
Thirdly... It is YOUR responsibility to secure your account... if you don't got brains enough to figure that out.... then I sincerely hope you enjoy being hacked.
Don't blame CCP for the lack of intelligence YOU have.
Get a brain... and actually USE IT.
not supported.
this is extremely constructive, since CCP suffers no negative consequences when an account is hijacked and the isk spread around to other accounts and real $ is exchanged because of it. maaaan **** those guys that arent more computer savvy then the average population.
http://www.eveonline.com/ingameboard.asp?a=topic&threadID=1045803
VOTE FOR ME FOR CSM |
Drake Draconis
Minmatar
Shadow Cadre
Worlds End Consortium
|
Posted - 2009.04.21 15:16:00 -
[23]
Originally by: mazzilliu
Originally by: Drake Draconis
First off... anyone who posts a stupid idea like this and has a crap ton of alts posting support is just begging for trouble.... which makes this idea completely stupid.
Secondly.... If you are running a computer with little to no security on it... and you go off and make a dumbass move in buying ISK... you deserve to be hacked.
Thirdly... It is YOUR responsibility to secure your account... if you don't got brains enough to figure that out.... then I sincerely hope you enjoy being hacked.
Don't blame CCP for the lack of intelligence YOU have.
Get a brain... and actually USE IT.
not supported.
this is extremely constructive, since CCP suffers no negative consequences when an account is hijacked and the isk spread around to other accounts and real $ is exchanged because of it. maaaan **** those guys that arent more computer savvy then the average population.
Oh yeah.... that's constructive alright.. what's next... CCP being blamed for blowing up your ship because you forgot to fit it properly?
CCP being blamed for you accepting a contract scam?
CCP being blamed because you forgot to change your diapers?
Would you like a bottle with that?
I can take care of myself... what the hell is your problem? |
Kearl
|
Posted - 2009.04.21 15:33:00 -
[24]
Confirming I want to have mazzilliu babies and support all her ideas.
how much for pics ? |
mazzilliu
Caldari
Sniggerdly
Pandemic Legion
|
Posted - 2009.04.21 15:41:00 -
[25]
Originally by: Drake Draconis
Oh yeah.... that's constructive alright.. what's next... CCP being blamed for blowing up your ship because you forgot to fit it properly?
CCP being blamed for you accepting a contract scam?
CCP being blamed because you forgot to change your diapers?
Would you like a bottle with that?
I can take care of myself... what the hell is your problem?
are you allowed to empty quote something just to let it stand alone and people can see its wrongness a second time?
account+personal information is on an entirely different level then space monies. i don't really see where you are getting at with your last line. clearly if i know enough to want these policies i probably know enough not to break my own rules?
http://www.eveonline.com/ingameboard.asp?a=topic&threadID=1045803
VOTE FOR ME FOR CSM |
Drake Draconis
Minmatar
Shadow Cadre
Worlds End Consortium
|
Posted - 2009.04.21 16:12:00 -
[26]
Let me break it down into small words so you can understand a little more easily.
Stop blaming CCP for your mistakes.
Even a 6 year old can figure this out.
Forcing people to change passwords for there stupid lack of security and common sense is a total waste of time.
All your going to do is make customers mad and it will not fix a single bloody thing.
There will stil be idiots who install limewire.
There will still be idiots who buy ISK and get scammed.
Keyloggers will always be there for downloading pleasure.
If you can't think beyond your delusional state than I'm done here because its like talking to a brickwall nevermind a child.
=========================
CEO of Shadow Cadre
http://www.shadowcadre.com
=========================
|
mazzilliu
Caldari
Sniggerdly
Pandemic Legion
|
Posted - 2009.04.21 16:18:00 -
[27]
Originally by: Drake Draconis
Let me break it down into small words so you can understand a little more easily.
Stop blaming CCP for your mistakes.
Even a 6 year old can figure this out.
Forcing people to change passwords for there stupid lack of security and common sense is a total waste of time.
All your going to do is make customers mad and it will not fix a single bloody thing.
There will stil be idiots who install limewire.
There will still be idiots who buy ISK and get scammed.
Keyloggers will always be there for downloading pleasure.
If you can't think beyond your delusional state than I'm done here because its like talking to a brickwall nevermind a child.
what mistakes have i done? you should elaborate more on that part since i have no idea what you are talking about.
the issue isnt individuals computers being infected with viruses- CCP cant do much to help that. the issue is easily obtained massive lists of passwords from hacked forums, malicious forums, etc gathering user info handed to them like candy. a matchup of those lists with EVE login info will produce a large number of results. enforcing password requirements will decrease that number of results.
for example everybody warns each other about re-using their login info on **********.com, but what if scrapheap challenge was hacked and their database backed up? it only takes a few days to get a ton of passwords from a stolen phpbb3 or vbullettin database. it is always the sites you trust that pose the greatest threat.
http://www.eveonline.com/ingameboard.asp?a=topic&threadID=1045803
VOTE FOR ME FOR CSM |
LaVista Vista
Conservative Shenanigans Party
|
Posted - 2009.04.21 16:35:00 -
[28]
Quote:
do you even know what re-using passwords means? \=
Originally by: mazzilliu
while also not allowing them to re-use old passwords.
Try and go in and change your password to something then. Then go back in and try to change it back to your OLD password again.
You will find that you can't. Conclusion: You can't re-use old passwords.
Quote:
anyways, wrong and wrong. you would be really surprised the number of eve accounts you can log into if you capture the username + password + e-mail handed over to a ****ty forum with users that play EVE. not like ive ever done it personally, but you know, ive seen it done. a lot of people re-use their passwords.
Nobody is it at all questioning that either.
Quote:
in my experience users cant be trusted with their first and second choices of passwords. the periodic changes dont have to be often, and perhaps a minimum complexity requirement will do just fine. but if you let people do what they want you will always have a certain percentage of people that get "hacked" when in reality they input their same password somewhere else.
The CSM already raised a big bunch of security-related things. However, when it comes to passwords, eventually the user has to be trusted. Not that I mind if it requires me to have a minimum complexity(Mine are about as complex as they get).
But we already discussed with CCP about that.
Basically CCP can't save it's users. There's still a lot of things that CCP can do to help, and that I support. But anything intrusive, like being forced to change passwords on a regular basis, is stupid.
|
Herschel Yamamoto
Bloodmoney Incorporated
|
Posted - 2009.04.21 16:38:00 -
[29]
In my experience, the more often you make people change their passwords, the less secure those passwords get. It's not quite as bad with a computer game as it is in a workplace scenario, since you can write it down without it being a security breach, but it'd still be a bad idea. Also, I dislike a game that I pay for being obnoxious about security - it's goal should be to let me play easy, not to annoy me with security measures to protect fools. If my bank doesn't make me change passwords regularly, neither should my computer games.
Also, spamming alt support is childish.
-----
Bloodmoney Incorporated is recruiting! |
Drake Draconis
Minmatar
Shadow Cadre
Worlds End Consortium
|
Posted - 2009.04.21 16:51:00 -
[30]
Which Mistakes you've done?
Alt Spamming?
Oh You meant the topic I'm sorry.
Your posting about password security... that imlpies you've been hit or know someone who is... that or your stupidly paranoid.
Now your arguing that CCP needs to step up security due to forum attacks.
Got news for yah pal... when someone starts getting worried about security they usually go to the source.
This whole proposal is bloody stupid as a result of your logic.
I manage PHPBB3 boards myself... and If there was a concern for security as far as SQL Injection and password hacking... there's only 3 factors.
1: The User
2: The Admin
3: The Server (Forums)
Note I said user first.
Most cases the server getting compromised along with the admin are few and far between.
Statistically speaking its the user whose been compromised... not the server.
Users... do stupid things after all.
As I said before you started flapping your gums... the User is responsible for his or her own security.
Yet you presume that every user is too stupid to be responsible to keep to a secure password.
I answer you... who the hell do you think you are to make such a presumption?
We can speak for ourselves... IF I choose to use a massively complicated password I'll use it.
IF i choose to use 12345 as a password then that is my bloody right.
If I get hit then that's my problem.. not yours... not CCP.
CCP has told us time and time again... use effective passwords...don't buy ISK... don't do this... don't do that.
Telling CCP to change our diapers will not fix the problem.
The only way people will learn is to get hit once or twice until it sinks in.
But most will blame CCP won't they... wah wah... cry me a river.
Which is why I don't support anti-scamming systems short of being able to mute them for those who are actually picky about the crap that's sprayed on local.
(Supports Darwin Awards)
If they can't read... then your wasting your breath with this idea.
This is nothing more than sheer paranoia.
You should be more concerned about the users who use the same passwords for hotmail.com and yahoo.com and EVE online... not about the ones who have groups of passwords based on how secure the servers are... or one for each and every little item.
Stop blaming CCP for your shortcomings... and that goes for the rest of you who happen to support this little idea.
Grow up... stop being lazy.... change your bloody password and use something unique for once.
Just keep in mind this whole system is easily defeated with a simple keylogger... all thanks to Windows.
Unless you use a Mac or Linux... then the odds of getting hit are dependent on your common sense.
You keep pushing for something that would anoy the users in the name of security.
When in fact you are not helping but making it worse.
This changes nothing as far as security.
Because all one would have to do is keylog your computer and thereby rendering this whole system useless.
Just like your proposal... completely useless.
=========================
CEO of Shadow Cadre
http://www.shadowcadre.com
=========================
|
|
|
|
|
| |
|
| Pages: [1] 2 3 4 :: one page |
| First page | Previous page | Next page | Last page |