| Pages: 1 [2] 3 4 :: one page |
|
|
| Author |
Thread Statistics | Show CCP posts - 0 post(s) |
mazzilliu
Caldari
Sniggerdly
Pandemic Legion
   |
Posted - 2009.04.21 17:05:00 -
[31]
 Originally by: LaVista Vista
Quote:
do you even know what re-using passwords means? \=
Originally by: mazzilliu
while also not allowing them to re-use old passwords.
Try and go in and change your password to something then. Then go back in and try to change it back to your OLD password again.
You will find that you can't. Conclusion: You can't re-use old passwords.
aha, now there's a detail i hadn't known before :)
But there's still no provision for the users that set their password to something stupid and never change it, more specifically re-using it from OTHER websites. a forced password change at least once in a player's lifetime should clear up the majority of re-used-on-other-sites passwords.
most people have no clue that re-using their sGRs3%3rt43wV%E2 password on somesketchygamesforum.com and eve-online.com with same username is a security risk.
Originally by: Herschel Yamamoto
In my experience, the more often you make people change their passwords, the less secure those passwords get. It's not quite as bad with a computer game as it is in a workplace scenario, since you can write it down without it being a security breach, but it'd still be a bad idea. Also, I dislike a game that I pay for being obnoxious about security - it's goal should be to let me play easy, not to annoy me with security measures to protect fools. If my bank doesn't make me change passwords regularly, neither should my computer games.
it doesnt have to be as obnoxious as, sayyyy, Pandemic Legion forums. but if there are restrictions on the number of login attempts, a weak password is far superior to a password that is re-used on another website. it's the difference between handing it over and making them guess at it.
Originally by: Herschel Yamamoto
Also, spamming alt support is childish.
you're right, i just wasn't subtle enough and ended up getting caught! 
http://www.eveonline.com/ingameboard.asp?a=topic&threadID=1045803
VOTE FOR ME FOR CSM |
Mistress Frome
SniggWaffe
|
Posted - 2009.04.21 17:13:00 -
[32]
Edited by: Mistress Frome on 21/04/2009 17:14:03
Hey I heard that
pressing enter every few
words is a good
way to get people
to read what you're
trying to say
---
|
mazzilliu
Caldari
Sniggerdly
Pandemic Legion
|
Posted - 2009.04.21 17:35:00 -
[33]
Originally by: Drake Draconis
I manage PHPBB3 boards myself... and If there was a concern for security as far as SQL Injection and password hacking... there's only 3 factors.
1: The User
2: The Admin
3: The Server (Forums)
Note I said user first.
are you talking about the
forums.shadowcadre.com
boards? if so, i can understand why you take that attitude, since you have about twelve users that an EVE account stealer would even take an interest in. small fishies
so the user is the biggest threat to security you even say so yourself, then you say we should not attempt to reduce the vulnerability?
Originally by: Drake Draconis
Most cases the server getting compromised along with the admin are few and far between.
Statistically speaking its the user whose been compromised... not the server.
Users... do stupid things after all.
this is very funny to me because Admins re-use their passwords as well. also incompetent/uneducated server admins for EVE corp forums are generally the rule rather then the exception.
Originally by: Drake Draconis
Yet you presume that every user is too stupid to be responsible to keep to a secure password.
I answer you... who the hell do you think you are to make such a presumption?
someone who knows a mere desktop computer can crack ~50% of the passwords from the average stolen phpbb2 forum database in a few minutes with a good dictionary, and a few % more in a few days using different methods.
putting targeted keyloggers on EVE player's computers takes some social engineering for every single target and is a serious crime of some sort, and only nets you one password.
Setting up an EVE related website that innocently asks users to log in to get access to something, is not a crime at all, nets you a zillion passwords, and a certain % of them WILL work on EVE accounts.
and ofc hacking a pre-existing eve related website is very much a crime, but less time investment and no problem if you live in certain foreign countries. nets same end result as above point
Originally by: Drake Draconis
We can speak for ourselves... IF I choose to use a massively complicated password I'll use it.
IF i choose to use 12345 as a password then that is my bloody right.
hahaha do itttt
so i can post all your top secret "Worlds End Consortium" director forums all over the internets
Originally by: Drake Draconis
If I get hit then that's my problem.. not yours... not CCP.
who has to clean up the mess afterwards? always CCP in the end
Originally by: Drake Draconis
You should be more concerned about the users who use the same passwords for hotmail.com and yahoo.com and EVE online... not about the ones who have groups of passwords based on how secure the servers are... or one for each and every little item.
sign me up for the yahoo.com and hotmail.com CSM council thingy please
Originally by: Drake Draconis
Stop blaming CCP for your shortcomings... and that goes for the rest of you who happen to support this little idea.
man, i really want to use this better password but i cant be arsed to change it from 123456. i really wish CCP could force me to do it...
http://www.eveonline.com/ingameboard.asp?a=topic&threadID=1045803
VOTE FOR ME FOR CSM |
Drake Draconis
Minmatar
Shadow Cadre
Worlds End Consortium
|
Posted - 2009.04.21 17:54:00 -
[34]
Your arrogance and ignorance is just baffling.
For someone who is so concerned about security... you know very little about it as a whole.
Regardless... you can keep alt spamming away... you will get nowhere.
=========================
CEO of Shadow Cadre
http://www.shadowcadre.com
=========================
|
JVR JVR
|
Posted - 2009.04.21 19:09:00 -
[35]
Im voting yes because
1) Mazz promised me a shaved Llama ( with a goatee beard)
2) Mazz said if I didnt vote yes i would learn a whole new use for Pineapples
3) its a damn fine idea |
SencneS
Amarr
Rebellion Against Big Irreversible Dinks
|
Posted - 2009.04.21 19:24:00 -
[36]
No... Because it doesn't help in real life, it's not going to help Game life.
Forced password changes is a concept for people write down their passwords on paper and leave the paper in a draw or on the table etc. This forced people to protect themselves from themselves. You can't protect the stupid from themselves, if they change their password on EVE they'll probably change their password on EVE related websites as well. So it's stupid to force them to change their EVE password.
To be blunt if CCP forced this, I'd petition my password changes every time my password expired. Here, I've been forced to change my password, here is a petition back to extend my password expiry, save CCP money? not likely. |
LaVista Vista
Conservative Shenanigans Party
|
Posted - 2009.04.21 19:31:00 -
[37]
Originally by: SencneS
No... Because it doesn't help in real life, it's not going to help Game life.
Forced password changes is a concept for people write down their passwords on paper and leave the paper in a draw or on the table etc. This forced people to protect themselves from themselves. You can't protect the stupid from themselves, if they change their password on EVE they'll probably change their password on EVE related websites as well. So it's stupid to force them to change their EVE password.
To be blunt if CCP forced this, I'd petition my password changes every time my password expired. Here, I've been forced to change my password, here is a petition back to extend my password expiry, save CCP money? not likely.
Exactly. |
Drake Draconis
Minmatar
Shadow Cadre
Worlds End Consortium
|
Posted - 2009.04.21 19:37:00 -
[38]
Originally by: SencneS
No... Because it doesn't help in real life, it's not going to help Game life.
Forced password changes is a concept for people write down their passwords on paper and leave the paper in a draw or on the table etc. This forced people to protect themselves from themselves. You can't protect the stupid from themselves, if they change their password on EVE they'll probably change their password on EVE related websites as well. So it's stupid to force them to change their EVE password.
To be blunt if CCP forced this, I'd petition my password changes every time my password expired. Here, I've been forced to change my password, here is a petition back to extend my password expiry, save CCP money? not likely.
spot on |
Larkonis TrassIer
Neo Spartans
Laconian Syndicate
|
Posted - 2009.04.21 22:08:00 -
[39]
Edited by: Larkonis TrassIer on 21/04/2009 22:08:31
Originally by: SencneS
No... Because it doesn't help in real life, it's not going to help Game life.
Forced password changes is a concept for people write down their passwords on paper and leave the paper in a draw or on the table etc. This forced people to protect themselves from themselves. You can't protect the stupid from themselves, if they change their password on EVE they'll probably change their password on EVE related websites as well. So it's stupid to force them to change their EVE password.
To be blunt if CCP forced this, I'd petition my password changes every time my password expired. Here, I've been forced to change my password, here is a petition back to extend my password expiry, save CCP money? not likely.
I'm inclined to go with this too, although if I disagree with Maz will she get Kugu to hack my computer and kill me with it?
The stupid people this will be targeted at probably won't take notice, yes their pw's might become slightly more secure but it won't stop them duplicating that pw.
I see no harm in implementing this feature, or at the very least a warning every 3 months or so on the log in screen. |
Finistri Nirum
75th Caldari Expeditionary Force
|
Posted - 2009.04.21 22:27:00 -
[40]
Originally by: SencneS
No... Because it doesn't help in real life, it's not going to help Game life.
Forced password changes is a concept for people write down their passwords on paper and leave the paper in a draw or on the table etc. This forced people to protect themselves from themselves. You can't protect the stupid from themselves, if they change their password on EVE they'll probably change their password on EVE related websites as well. So it's stupid to force them to change their EVE password.
To be blunt if CCP forced this, I'd petition my password changes every time my password expired. Here, I've been forced to change my password, here is a petition back to extend my password expiry, save CCP money? not likely.
Would you prefer that CCP introduce other optional security measures to protect your account? How about mandatory security measures?
Take a look at Final Fantasy XI Online and World of Warcraft. Both of them are offering key-fob random number generators, linked to their players' account(s), that allow them to use one randomly generated number to access their account and play. Both of them are optional purchases.
On the other hand, most websites that have had problems with spammers and bots have CAPTCHA authentication to thwart those sorts of security breaches. Rumor has it that these security measures are vulnerable to compromise by sufficiently advanced AI's (don't laugh, they're in development!)
Both of these examples are used all of the time by major corporations to enhance their security and make sure that something doesn't happen in IRL. These measures cost lots of money... but they save much more when used properly.
And you say that because something is a hindrance to your real life that it cannot possibly enhance your recreational pursuits?
Heaven forbid that someone take the initiative to protect you from yourself.
Supported. |
|
|
Drake Draconis
Minmatar
Shadow Cadre
Worlds End Consortium
|
Posted - 2009.04.21 22:36:00 -
[41]
Edited by: Drake Draconis on 21/04/2009 22:37:01
To quote my best friend...
"You can't fix stupid"
You want CCP to remind you to change the passwords on your POS Shields? Your Secure Cans?
You want CCP to hold your itty bitty little hand as you leave the station and fly off on some mission?
Please... grow a backbone people. |
darius mclever
|
Posted - 2009.04.21 23:23:00 -
[42]
|
Akira117
Sniggerdly
Pandemic Legion
|
Posted - 2009.04.22 01:22:00 -
[43]
999.times {print " The Cake is a lie."} |
Carebear Caring
|
Posted - 2009.04.22 01:23:00 -
[44]
Edited by: Carebear Caring on 22/04/2009 01:22:46
|
Ecid Q'Wulf
Blue Labs
|
Posted - 2009.04.22 01:54:00 -
[45]
Edited by: Ecid Q''Wulf on 22/04/2009 01:58:31
Edited by: Ecid Q''Wulf on 22/04/2009 01:54:34
Originally by: Drake Draconis
Edited by: Drake Draconis on 21/04/2009 22:37:01
To quote my best friend...
"You can't fix stupid"
You want CCP to remind you to change the passwords on your POS Shields? Your Secure Cans?
You want CCP to hold your itty bitty little hand as you leave the station and fly off on some mission?
Please... grow a backbone people.
Dear Drake Draconis. Your right. Hence i`m not trying that with you, since at least one of your advice options in awesome in itself. If your wondering right now - why the **** lil Ecid is beeing that blunt with you - take a look at how ALL your previous responses are worded.
Now to get to the Point. Cause its annoying as **** if you dont get a response for your valid bug petition for a week or 2, cause ccp is to busy dealing with RMT and hacked accounts:
The quote that most of you guys agreed on, is totally unrealistic. Why would one, if forced to change the pwd, change em on ALL other websites they visit too, when you consider that they have not changed their pwd`s before, cause it simply was "EFFORT". And to be honest its not the people that buy isk, or frequent hacking sides, or have a software like Limewire or Bittorrent running per se. that become victim of a cleared out account. Its people that are Careless with their information. Either because they dont know any better, or cause they dont care.
If you have been playing for a while now, you might remember the multiple News/Devblogs one of CCP¦s customer support "persons" posted about how hacked accounts have been straining their customer support. And how Buying ISK can also make you become a victim of getting hacked. In all those cases they gave advise, like having anti virus software, not visiting "shady sites" or not buying isk. But the most important part, they did not advice. Changing the pwd regulary.
I can see how for some fellas changing the pwd mandatory every 6 month is a pain in teh arse. Perhaps CCP should just display a big warning in size 72 letters saying after every 3 month " Your pwd has been used for 3 month now, time to change it. for more information on WHY to change it, please read < link to wiki here>" until the players actually change the pwd and the timer resets.
In any case, people that suggest that the User is the biggest problem, are right.
People that suggest that you cant fix that problem. are that wrong that its not even funny anymore.
|
La Cucaratscha
|
Posted - 2009.04.22 02:01:00 -
[46]
Also.: Confirming i am Chieldish too, while supporting this topic. |
StarryEyed Donut
Black Omega Security
Pandemic Legion
|
Posted - 2009.04.22 02:15:00 -
[47]
Drake, you are awesome.
First you call mazz stupid. Then, expertly masking the irony, you tell her to grow up. But not satisfied with just a 'good' effort, you then crank it to 11 and deadpan an admonishment of her arrogance 
You, sir, are the best troll on the eve-o forums. Never stop
And speaking of trolling; Mazz, if you promise to never stop tweaking pompous prigs like LaVista Vista, I'll vote for you early and often.
|
mazzilliu
Caldari
Sniggerdly
Pandemic Legion
|
Posted - 2009.04.22 02:23:00 -
[48]
Originally by: StarryEyed Donut
And speaking of trolling; Mazz, if you promise to never stop tweaking pompous prigs like LaVista Vista, I'll vote for you early and often.
i don't even need to promise its just going to happen because its the natural order of things. |
Drake Draconis
Minmatar
Shadow Cadre
Worlds End Consortium
|
Posted - 2009.04.22 06:59:00 -
[49]
Edited by: Drake Draconis on 22/04/2009 06:59:14
how the #### does forcing someone to change their damn password mount to a ####### hill of beans?
What the hell is the advantage in that if at all?
Seriously... do you people even know what the hell a keylogger is? Do you have any sense of intelligence about you when it comes to security?
Are you all just that damned stupid?
Hell... why stop there.... force everyone to not run windows! That should clear up about 80% of your trouble right there! Don't even connect to the internet! You'll get hacked! 
This is utterly insane and hilarious all at once.
guess I'll be expecting more business this year (I Fix computers for a living).
Better tell the boss... the gamers are getting stupid and lazy.... they can't breath without the game developers changing there diapers!
Seriously.... this is going from stupid to hilariousness.
Is this a comedy stop? where's the next punchline? Seriously!
Anyone see my tin foil hat? Sheesh... must be running out of tin foil. Not enough to go around in this thread!
|
Critta
Black Omega Security
Pandemic Legion
|
Posted - 2009.04.22 09:45:00 -
[50]
Mazz is proposing a change that will hopefully cut down on the number of people who get their accounts hacked due to them blindly using the same username/password for eve and an external forum/site. It doesn't effect me much either way as I don't, but I bet there's a whole ton of people out there who do.
It won't help against keyloggers, but as Mazz has already pointed out, these are by far and away the most pain for least gain method of stealing passwords compared to hacking a forum database, or starting a site designed to harvest usernames/passwords in the hope that one of them will be a vaild eve login.
I support this plan.
|
|
|
Drake Draconis
Minmatar
Shadow Cadre
Worlds End Consortium
|
Posted - 2009.04.22 14:31:00 -
[51]
Originally by: Critta
Mazz is proposing a change that will hopefully cut down on the number of people who get their accounts hacked due to them blindly using the same username/password for eve and an external forum/site. It doesn't effect me much either way as I don't, but I bet there's a whole ton of people out there who do.
It won't help against keyloggers, but as Mazz has already pointed out, these are by far and away the most pain for least gain method of stealing passwords compared to hacking a forum database, or starting a site designed to harvest usernames/passwords in the hope that one of them will be a vaild eve login.
I support this plan.
This won't happen because CCP is not staffed by a bunch of total idiots with a lack of forsight.
Guaranteed.
You people are so bloody backwards on security its hilarious.
You think by forcing people to change there passwords is so damn effective... its laughable.
You ASSUME the user isn't going to keep using the same password but only change a couple of characters... next thing you know you'll end up screaming to have us use Microshaft 2k3 standard passwords which are utterly insane and not to mention wholly stupid... and sorry to say... EVE online is not the end of the my world here... I happen to have a life unlike you tards.
But I give up... it's like talking to school children... who love to speak on behalf of us so called idiots who have no common sense.
It's disgusting.
I'm out of here.
=========================
CEO of Shadow Cadre
http://www.shadowcadre.com
=========================
|
mazzilliu
Caldari
Sniggerdly
Pandemic Legion
|
Posted - 2009.04.22 14:35:00 -
[52]
Edited by: mazzilliu on 22/04/2009 14:35:17
Originally by: Drake Draconis
Better tell the boss... the gamers are getting stupid and lazy.... they can't breath without the game developers changing there diapers!
this line has me in utter stitches. this is the best line ever. may i steal it?
also being an antivirus2009 remover for a living doesn't mean you know everything about security for a large number of users. please dont leave my thread.
http://www.eveonline.com/ingameboard.asp?a=topic&threadID=1045803
VOTE FOR ME FOR CSM |
Drake Draconis
Minmatar
Shadow Cadre
Worlds End Consortium
|
Posted - 2009.04.22 14:44:00 -
[53]
Originally by: mazzilliu
Edited by: mazzilliu on 22/04/2009 14:35:17
Originally by: Drake Draconis
Better tell the boss... the gamers are getting stupid and lazy.... they can't breath without the game developers changing there diapers!
this line has me in utter stitches. this is the best line ever. may i steal it?
also being an antivirus2009 remover for a living doesn't mean you know everything about security for a large number of users. please dont leave my thread.
I prefer to not waste my time with jackasses.
=========================
CEO of Shadow Cadre
http://www.shadowcadre.com
=========================
|
Apocalypto666
|
Posted - 2009.04.22 15:07:00 -
[54]
I'm againts
I like short password it's easier to hack then and without that I would have an empty wallet |
mazzilliu
Caldari
Sniggerdly
Pandemic Legion
|
Posted - 2009.04.22 15:19:00 -
[55]
Originally by: Drake Draconis
I prefer to not waste my time with jackasses.
tell me why password requirements offend you so much dear drake  |
Tobruk
Black Omega Security
Pandemic Legion
|
Posted - 2009.04.22 15:36:00 -
[56]
Worst Idea ever. If this is what we can expect from you on the CSM you can count me and everyone else with an ounce of common sense in your opposition.
jk |
Efrim Black
Gallente
Aliastra
|
Posted - 2009.04.22 16:29:00 -
[57]
Originally by: Tobruk
Worst Idea ever....
jk
I'm not. The idea is stupid. Also, Alt-bumping + a juvenile sense of humor will not win you votes.
Passwords can not be re-used, and anyone who makes their password easy deserves to have their account hacked.
Not worth forcing on the rest of the playerbase. IT's also not worth a top slot on the main page when more important game changes like lag fixes, ship balancing, UI tweaks, and Fresh ideas are all getting shoved to page 2.
Thumbs down. |
The Monkeysphere
The Illuminati.
Pandemic Legion
|
Posted - 2009.04.22 16:45:00 -
[58]
Edited by: The Monkeysphere on 22/04/2009 16:45:12
Supporting this. It needs to be on the front page so that people would read Drake Draconis' posts.
|
Captain Internet
Acquired Immunodeficiency Syndrome
|
Posted - 2009.04.22 16:46:00 -
[59]
I am Captain Internet of the AIDS. corporation and this idea is wholly relevant to my interests.
|
Minmatar Citizen 200710221430
BAD BOY Corp
|
Posted - 2009.04.22 16:46:00 -
[60]
And my axe
|
|
|
|
|
| |
|
| Pages: 1 [2] 3 4 :: one page |
| First page | Previous page | Next page | Last page |