Pages: [1] :: one page |
|
Author |
Thread Statistics | Show CCP posts - 0 post(s) |
Vas Vadum
Wormhole Physics
17
|
Posted - 2012.05.10 18:25:00 -
[1] - Quote
One of my friends has had his account compromised a few times. It gets bothersome when people can simply use key-loggers or brute force hacks to get into people's accounts. With Battlenet, I use something called an Authenticator. This is a small hand held device that generates a new 8 digit code every 30 seconds that synchronizes with the new code generated on the server. If I enter the code it gives me, 30 seconds later if i hit the button, it will have changed. Keyloggers won't be able to keep up with this, brute force hacks won't work either.
Login example: http://dl.dropbox.com/u/30270697/images/loginscreen.png Authentication: http://dl.dropbox.com/u/30270697/images/authenticationscreen.png Images have blurred areas for security reasons with explosion and total variation methods.
The device it's self: http://us.blizzard.com/store/details.xml?id=1100001430
Now what I suggest is, EVE create a small device like this and allow people to add them to their accounts. This way accounts are less hackable, anyone who buys an authenticator can add it to their account and eve will say "Authenticator detected, enter code now" and yea.
There's also mobile authenticators for phones that support it and there is a dial in authenticator, I dunno what that is. My point being there should be enhanced security for a game like this. Authenticators are very basic easy to manufacture pieces of equipment, cheap to build and ship. You can even sell them with nice little stickers for different things too like having a hulk on one or an Amarrian battleship on another or just the symbols of each race. Anyway. I'd like to hear feedback on this idea for enhanced security through Authenticators. |
Shandir
Indigo Archive
130
|
Posted - 2012.05.10 20:43:00 -
[2] - Quote
2 things, 1 less helpful:
1) They know and it's happening. Soon (tm).
2) Your 'friend' needs to learn proper account security. He/You should not be getting hacked twice (or once) unless he's/you're doing something pretty stupid. Pick from this list: * Reusing passwords * Really obvious passwords * Using a non-trustworthy tool * No virus scanner * Sharing account info * (The only not-stupid option) Hardware keylogger. |
Vas Vadum
Wormhole Physics
20
|
Posted - 2012.05.10 20:57:00 -
[3] - Quote
It does happen, keyloggers are a way a lot of people get hacked. That's what this was about as an Authenticator can't really be keylogged. If it is, it just becomes moot anyway cause the code already changed by the time they get it. |
Danika Princip
Freelance Economics Astrological resources Tactical Narcotics Team
498
|
Posted - 2012.05.10 20:57:00 -
[4] - Quote
Your friend needs a better password.
And these were discussed at fanfest last year. Expect them soon(tm). |
Lady Starfire
State War Academy Caldari State
25
|
Posted - 2012.05.11 02:38:00 -
[5] - Quote
The best thing they could do if they were to do them is a smart phone app. |
Danika Princip
Freelance Economics Astrological resources Tactical Narcotics Team
504
|
Posted - 2012.05.11 09:51:00 -
[6] - Quote
Lady Starfire wrote:The best thing they could do if they were to do them is a smart phone app.
No, it really isn't. What about the people who don't happen to have a smartphone? Or the ones who's phone doesn't get the app? Why shouldn't they get the same security? |
Serge Bastana
GWA Corp Unified Church of the Unobligated
465
|
Posted - 2012.05.11 11:04:00 -
[7] - Quote
Danika Princip wrote:Lady Starfire wrote:The best thing they could do if they were to do them is a smart phone app. No, it really isn't. What about the people who don't happen to have a smartphone? Or the ones who's phone doesn't get the app? Why shouldn't they get the same security?
I have to agree, if the made an app as well as other means for security that's fine but just making it an app means I wouldn't use it as I don't bother with smartphones. And then you lose your phone... WoW holds your hand until end game, and gives you a cookie whether you win or lose. EVE not only takes your cookie, but laughs at you for bringing one in the first place... |
Jint Hikaru
OffWorld Exploration Inc
171
|
Posted - 2012.05.11 11:19:00 -
[8] - Quote
Vas Vadum wrote:One of my friends has had his account compromised a few times.
While it sounds like these extra security key are a possibility, and would be a great extra layer of security... your friend really needs to step up and take responsibility for his own actions here.
"a few times"... really????
Jint Hikaru - Miner / Salvager / Explorer / SpaceBum In the beginning the Universe was created. This has made a lot of people very angry and been widely regarded as a bad move. |
Vas Vadum
Wormhole Physics
20
|
Posted - 2012.05.11 19:00:00 -
[9] - Quote
Jint Hikaru wrote:Vas Vadum wrote:One of my friends has had his account compromised a few times. While it sounds like these extra security key are a possibility, and would be a great extra layer of security... your friend really needs to step up and take responsibility for his own actions here. "a few times"... really????
When you run a powerful industry corporation, griefers will do anything they can to destroy you. This game has no rules, so people will hack as much as they can to destroy the enemy if they can do it. It's highly unlikely that I'll ever be hacked, as no key-logger or virus of any kind gets in my system and my account password is just a bunch of random letters and numbers that I have written down and taped to my snake cage. So even a brute force hack wouldn't work. Most hackers use key-loggers though, I know I've already removed a key-logger from his PC, nice little thing, barely detectable by any antivirus software but I sent it to most of the antivirus labs to have them update and kill it.
Point is, it can happen. It doesn't come from not using the right methods, it comes from intuitive hackers using methods that work 90% of the time. |
FloppieTheBanjoClown
The Skunkworks
1497
|
Posted - 2012.05.11 19:16:00 -
[10] - Quote
Vas Vadum wrote:When you run a powerful industry corporation ...they still don't have the ability to easily compromise your system with keyloggers and such, unless your security is rather bad.
Vas Vadum wrote:This game has no rules On the contrary, it has quite a few.
Vas Vadum wrote:so people will hack as much as they can to destroy the enemy if they can do it. Regardless of game rules, that can put them in prison. Even if it doesn't, being caught doing such a think in Eve will likely result in a permanent ban. No one takes this stuff lightly.
Vas Vadum wrote:I've already removed a key-logger from his PC, nice little thing, barely detectable by any antivirus software but I sent it to most of the antivirus labs to have them update and kill it. This is starting to get pretty thin. "Barely detectable"? Either it's detectable, or it isn't. Keyloggers are detected by signature or by their method of infection, so they are either identified or they aren't. Your "friend" has bad security, or bad judgment. It's time to put an end to CCP's war on piracy. Fight your own battles and stop asking CCP to do it for you. |
|
Vas Vadum
LankTech Zero Hour Alliance
28
|
Posted - 2012.06.09 11:17:00 -
[11] - Quote
FloppieTheBanjoClown wrote:Vas Vadum wrote:so people will hack as much as they can to destroy the enemy if they can do it. Regardless of game rules, that can put them in prison. Even if it doesn't, being caught doing such a think in Eve will likely result in a permanent ban. No one takes this stuff lightly. If caught. Perma ban doesn't scare most people, they can just make new accounts.
FloppieTheBanjoClown wrote:Vas Vadum wrote:I've already removed a key-logger from his PC, nice little thing, barely detectable by any antivirus software but I sent it to most of the antivirus labs to have them update and kill it. This is starting to get pretty thin. "Barely detectable"? Either it's detectable, or it isn't. Keyloggers are detected by signature or by their method of infection, so they are either identified or they aren't. Your "friend" has bad security, or bad judgment. 2 out of 40 antivirus programs would have detected the keylogger. That's what I meant by barely detectable. Some people arent' very tech savy either.
My point was, this added security method would still be nice, no matter how good your own security is. It can't hurt to add more security that is user choice to opt in on or not. |
|
|
|
Pages: [1] :: one page |
First page | Previous page | Next page | Last page |