Pages: 1 2 :: [one page] |
|
Author |
Thread Statistics | Show CCP posts - 0 post(s) |
Jerid Verges
|
Posted - 2010.03.01 23:31:00 -
[1]
One thing I have noticed in Eve has been the recent large increase in account hacking on Eve. Security is a big concern with players and there are a number of ideas floating about on how to make accounts more secure.
This idea is not meant to really protect an account, but rather hanger assets and possibly Isk.
Now, a few years ago, back in my Runescape playing days. Jagex introduced a new feature into their MMORPG (In response to increasing security breaches). Their system was an optional ingame PIN code keypad.
Basically, in order to access your bank (Which in Runescape, meant all of your items and money world wide). A player would have to insert an X-number passcode to be allowed access to their bank. When accessing a bank, a keypad would display on the game and the players would click the appropriate code. (Too many failures I believe locked you out for a bit).
Due to this, the number accounts with their items stolen before the account could be properly repossessed decreased dramatically in Runescape.
Obviously there are a few fundamental differences between Runescape and Eve considering Banks/Hangers (In Eve items can only be accessed at the hanger you left them in. And unlike Runescape, Isk is a digital credit rather then an item).
However, implementing this sort of option could stop account hackers from being able to get to your hanger. (Since they would need the PIN). The program is also insusceptible to keyloggers. And possibly could be implemented to player donations/other wallet features.
-Can't be typed (Done with mouse only) -PIN doesn't appear in any account information if account is stolen -Optional
Thoughts? Support?
|
Soon Shin
|
Posted - 2010.03.02 10:05:00 -
[2]
While this will not completely stop the hackers. It should dramatically decrease the number of cases and the severity of the loss.
|
Jerid Verges
|
Posted - 2010.03.03 06:34:00 -
[3]
I thought Eve would support more security features due to the rise of account hacks.
-Shameless bumping/support for my own idea.
|
Liol Wongsta
The Arrow Project Morsus Mihi
|
Posted - 2010.03.05 22:06:00 -
[4]
Knowing someone that recently had their account hacked, all ships/mods melted and the mins sold (so CCP wont return anything) i totally approve of this kind of security measure.
|
Agent Unknown
|
Posted - 2010.03.06 04:11:00 -
[5]
Yes. A feature like that would keep so many people in the game too. By the way, this is my signature.
TeamSpeak For EVE - API-controlled TeamSpeak 3 Access!
|
Sturmwolke
|
Posted - 2010.03.07 06:51:00 -
[6]
If it's been proven to work, go for it. |
Jerid Verges
|
Posted - 2010.03.20 01:36:00 -
[7]
Bumped for more input. |
Perrigrene
|
Posted - 2010.03.20 04:47:00 -
[8]
Give me the tools to secure my account, help me help myself, help you help me from getting hacked and filing a petition through some greasy trial account only to have you tell me your logs show nothing or you can't get me back my stuff or even worse my character ccp, ffs.
|
Carniflex
StarHunt Systematic-Chaos
|
Posted - 2010.03.21 19:30:00 -
[9]
sounds good
|
FU22
Duty.
|
Posted - 2010.03.21 19:54:00 -
[10]
supported
Originally by: Millie Clode Dear santa, for christmas I would like an endless supply of noobs to march across my screen so I can pretend I'm playing duck hunt
|
|
Klyria
Minmatar Agent-Orange Nabaal Syndicate
|
Posted - 2010.03.21 21:40:00 -
[11]
Not supported, I like the idea but the functionality already exists. As it stands you can buy station containers which hold 1 million m3, and these containers can have a password put on them. The station containers costs are next to nothing as well. Now, if you wanted to lock down a station container after a preassigned number of failed attempts I could go for that.
|
Penny Pusher
|
Posted - 2010.03.21 22:43:00 -
[12]
Edited by: Penny Pusher on 21/03/2010 22:43:04
Originally by: Klyria Not supported, I like the idea but the functionality already exists. As it stands you can buy station containers which hold 1 million m3, and these containers can have a password put on them. The station containers costs are next to nothing as well. Now, if you wanted to lock down a station container after a preassigned number of failed attempts I could go for that.
You do realize that all it takes to get the password for the station containers is hitting the "retrieve password" option right?
|
adriaans
Amarr Ankaa. Nair Al-Zaurak
|
Posted - 2010.03.21 22:43:00 -
[13]
Originally by: Klyria Not supported, I like the idea but the functionality already exists. As it stands you can buy station containers which hold 1 million m3, and these containers can have a password put on them. The station containers costs are next to nothing as well. Now, if you wanted to lock down a station container after a preassigned number of failed attempts I could go for that.
Just repack it and you get the contents... so nope, doesn't work.
As i didn't really understand the idea, I'll stay neutral for now. -sig- Support the introduction of Blaze crystals for Amarr!
Originally by: UMEE if ure another fotm re-roller, then dont pvp. you'll fail.
QFT! |
Klyria
Minmatar Agent-Orange Nabaal Syndicate
|
Posted - 2010.03.22 04:17:00 -
[14]
Originally by: Penny Pusher Edited by: Penny Pusher on 21/03/2010 22:43:04
Originally by: Klyria Not supported, I like the idea but the functionality already exists. As it stands you can buy station containers which hold 1 million m3, and these containers can have a password put on them. The station containers costs are next to nothing as well. Now, if you wanted to lock down a station container after a preassigned number of failed attempts I could go for that.
You do realize that all it takes to get the password for the station containers is hitting the "retrieve password" option right?
So get rid of that option, or make it so that there is a set of recovery questions for ingame passwords.
|
Omega Flames
Last Resort Inn SYSTEM SHOCK INITIATIVE
|
Posted - 2010.03.23 02:19:00 -
[15]
------------------------- "Forsys > WAR Forsys > HUH Forsys > WHAT IS IT GOOD FOR Harry Sunday > loot Forsys > touchT" |
Zlake
Caldari Naval Reserve
|
Posted - 2010.03.23 02:41:00 -
[16]
WoW has something like this. You would get something you would fit onto your key chain or keep somewhere safe at home. Every time you wanted to log into wow you would press a button and the password would only be valid for roughly 15mins I think. It would be a 8 digit long number. It looks something like this
http://wow.zuggaming.com/wp-content/uploads/protect_wow_account-290x211.jpg
For people worried about key loggers get a virtual keyboard. My kaspersky comes with one. A keyboard that goes over other programs and you must click to use and easy to close out.
You can google one very easy for free. I know of a few but not going to recommended them not trying them myself first.
|
Jin Nib
Resplendent Knives
|
Posted - 2010.03.23 03:06:00 -
[17]
It would be nice to have this at certain stations but not as a blanket thing every time I wanted something.
Also even if the container system were improved ( I had no idea the PW could be retrieved so easily lol, whats the point?) it doesn't protect rigged and fitted ships, which, for me at least, is where the vast majority of my wealth resides. -Jin Nib Trading on behalf of Opera Noir since: 2009.03.02 03:53:00
|
Scerolikk Teromni
|
Posted - 2010.03.23 19:43:00 -
[18]
Edited by: Scerolikk Teromni on 23/03/2010 19:43:55 Clickable PIN Pad! Yes please!
Allow everybody to set their PIN of 4-6 digits, and allow them to set what and where they want locked down (specific station hangars, all station hangars, corp window, wallet, market transactions, etc). 5 failed PIN entry attempts in a X-hour period will send an e-mail to the account owner and lock the PIN pad for Y hours. Corporation CEOs can see whether their directors, accountants, <other sensitive jobs> have a PIN set to their corp and wallet windows.
This is a very smart way to go about helping us help us keep our accounts and assets more secure, without babysitting us. Most unauthorized EVE account use is a result of phishing and keylogging. The clicking-only PIN pad makes keylogging completely ineffective, and the locking of the PIN pad and notification of the account owner upon multiple failed entries makes bruteforcing impossible.
(also, the point of container passwords is so that other people can't access the container when it's in space or what have you... I don't know why you can password-protect a station container..... maybe station owners can access visitor assets?)
|
Jerid Verges
|
Posted - 2010.03.24 01:36:00 -
[19]
Edited by: Jerid Verges on 24/03/2010 01:40:22 Edited by: Jerid Verges on 24/03/2010 01:37:59
Originally by: Klyria Not supported, I like the idea but the functionality already exists.
Apparently it doesn't. Since, as you said, require station containers. Which are not transportable in any average ship. Which means you need to buy the container at the location you want to store your stuff to be protected. Which is hardly possible.
Station containers do not provide the function suggestion.
And even then, two different people pointed out two different ways to bypass the security lock. So it actually provides ZERO functionality.
So present a VALID reason to not support.
Quote: For people worried about key loggers get a virtual keyboard. My kaspersky comes with one. A keyboard that goes over other programs and you must click to use and easy to close out.
The Security PIN would not accept keyboard functions, only input from the 9 keys. This entirely avoids keyloggers altogether.
|
Karandar Maxiimis
|
Posted - 2010.03.25 18:29:00 -
[20]
Eve's security blows.
This proposal would help if hacked, but why not implement a 5 times wrong password and you are locked out for x hours, or it at least generates a warning email to my account to let me know someone is screwing with the account?
I had an account hacked with an 8 digit alpha numeric PW and lost a lot of assets myself along with a couple weeks locked out while they investigated.... And no, I don't buy isk, don't click on unknown links, give out passwords, or reply to random emails and such. I'm not a child.
I now use a 64 digit alpha-numeric-symbol password administered by security software i purchased. I don't even do that for my online banking or stock trading accounts!
|
|
Dek Kato
Delusions of Mediocrity
|
Posted - 2010.03.25 19:40:00 -
[21]
Despite your mention of Runescape making me visibly shudder, I shall support this awesome idea.
|
Drake Draconis
Minmatar Shadow Cadre Looney Toons.
|
Posted - 2010.03.25 20:03:00 -
[22]
Edited by: Drake Draconis on 25/03/2010 20:03:18
Originally by: Jerid Verges
Quote: For people worried about key loggers get a virtual keyboard. My kaspersky comes with one. A keyboard that goes over other programs and you must click to use and easy to close out.
The Security PIN would not accept keyboard functions, only input from the 9 keys. This entirely avoids keyloggers altogether.
No it does not... Keyloggers are a program that records ALL keystrokes... stop making stupid assumptions and stick to facts.
On-screen keyboard would be best... as far as keyloggers go.
And please don't assume everyone has a 9 key... that's childish at best. ========================= CEO of Shadow Cadre http://www.shadowcadre.com ========================= |
Jerid Verges
|
Posted - 2010.03.26 00:51:00 -
[23]
Originally by: Drake Draconis Edited by: Drake Draconis on 25/03/2010 20:03:18
Originally by: Jerid Verges
Quote: For people worried about key loggers get a virtual keyboard. My kaspersky comes with one. A keyboard that goes over other programs and you must click to use and easy to close out.
The Security PIN would not accept keyboard functions, only input from the 9 keys. This entirely avoids keyloggers altogether.
No it does not... Keyloggers are a program that records ALL keystrokes... stop making stupid assumptions and stick to facts.
On-screen keyboard would be best... as far as keyloggers go.
And please don't assume everyone has a 9 key... that's childish at best.
Drake. Please stop going around making yourself look stupid. Keyloggers can't decipher mouse clicks, which aren't keystrokes. If you even looked at the OP, which you didn't. You would see what the REAL suggestion is.
|
Slave 775
Ministry of Punishment Privateer Alliance
|
Posted - 2010.03.26 21:49:00 -
[24]
Edited by: Slave 775 on 26/03/2010 21:53:17
Good idea
Remove the retrieve password from station containers and make them able to store fitted ships. They already cant be repackaged if there is a 3 week old log entry. This gives CCP and you enough time to act if your hacked.
Centuries ago, the Bible warned of dangers posed by evil men described as master[s] at evil ideas and scheming to do bad. (Proverbs 24:8) PRIVATEERS Officialy nerfed by CCP 05/07 |
Scerolikk Teromni
|
Posted - 2010.03.26 22:41:00 -
[25]
Edited by: Scerolikk Teromni on 26/03/2010 22:42:40
Originally by: Drake Draconis No it does not... Keyloggers are a program that records ALL keystrokes... stop making stupid assumptions and stick to facts.
On-screen keyboard would be best... as far as keyloggers go.
And please don't assume everyone has a 9 key... that's childish at best.
At discussion is a 9-digit keypad that is a part of the PIN window that you click on. This is the on-screen keyboard that you yourself said would be best. Please read before responding.
Also, I would like to point out that it is possible to record clicks and mouse position, which would make it possible to determine what somebody's PIN -- no matter where the PIN window is -- based on the pattern of mouse positions. Probably the best way to avoid this would be to randomize the number positions every time the PIN pad is opened. It would still then be susceptible to taking a screenshot along with capturing the mouse data, but with this kind of complexity you all but eliminate would-be account thieves spending this much time trying to trick people en masse, and it would turn into a much more targeted attack... and as long as people who are worth anything in EVE are competent and know not to download and run suspicious-looking things, they will be safe.
|
Drake Draconis
Minmatar Shadow Cadre Looney Toons.
|
Posted - 2010.03.26 22:52:00 -
[26]
Originally by: Jerid Verges
Originally by: Drake Draconis Edited by: Drake Draconis on 25/03/2010 20:03:18
Originally by: Jerid Verges
Quote: For people worried about key loggers get a virtual keyboard. My kaspersky comes with one. A keyboard that goes over other programs and you must click to use and easy to close out.
The Security PIN would not accept keyboard functions, only input from the 9 keys. This entirely avoids keyloggers altogether.
No it does not... Keyloggers are a program that records ALL keystrokes... stop making stupid assumptions and stick to facts.
On-screen keyboard would be best... as far as keyloggers go.
And please don't assume everyone has a 9 key... that's childish at best.
Drake. Please stop going around making yourself look stupid. Keyloggers can't decipher mouse clicks, which aren't keystrokes. If you even looked at the OP, which you didn't. You would see what the REAL suggestion is.
Then say "on-screen" buttons moron... keys are keys on a keyboard.
And also you should be aware that screens can be recorded. ========================= CEO of Shadow Cadre http://www.shadowcadre.com ========================= |
Jerid Verges
|
Posted - 2010.03.27 00:07:00 -
[27]
Originally by: Drake Draconis
Then say "on-screen" buttons moron... keys are keys on a keyboard.
Thank you for your personal definition. Dually noted I will change my language when I expect to see you around.
Quote: And also you should be aware that screens can be recorded.
I'm sure whatever account thief out there would love to sit at their computer looking through thousands of pictures trying to find your PIN combination.
At this point your argument is rooted in paranoia, are your security systems really THAT bad?
I've still yet to see one reason anyone has put up why this isn't a legitimate good idea.
|
Sokratesz
Rionnag Alba Against ALL Authorities
|
Posted - 2010.03.27 01:24:00 -
[28]
This actually sounds pretty neat, I wasn't aware a system like this was in use by other games already.
CSM Iceland meeting minutes - READ THEM :D |
Alchemist Zemont
Hysteria Nexus
|
Posted - 2010.03.27 02:36:00 -
[29]
On one hand this is pretty good since it reduces (or stops) hacking but then on the other hand it also stops corp / alliance theft while I am not a thief in anyway it is fun to read about legit thefts , personally I prefer the WoW keychain mechanic I mean whats to stop a hacker from just self destructing your pod 50 times til you are 900k when he doesnt get your stuff?
Protect the account, eitherway supported ;) ______________________________________ ... |
Sokratesz
Rionnag Alba Against ALL Authorities
|
Posted - 2010.03.27 10:02:00 -
[30]
Originally by: Alchemist Zemont On one hand this is pretty good since it reduces (or stops) hacking but then on the other hand it also stops corp / alliance theft while I am not a thief in anyway it is fun to read about legit thefts , personally I prefer the WoW keychain mechanic I mean whats to stop a hacker from just self destructing your pod 50 times til you are 900k when he doesnt get your stuff?
Protect the account, eitherway supported ;)
Aww gee I hadn't even thought of that. That would be pretty lame :(
CSM Iceland meeting minutes - READ THEM :D |
|
Jerid Verges
Gallente The Society of Innovation The Last Stand
|
Posted - 2010.03.27 18:51:00 -
[31]
I never thought it would apply to corp hangers personally.
|
Jerid Verges
Gallente The Society of Innovation The Last Stand
|
Posted - 2010.04.07 23:37:00 -
[32]
Bumping for good cause.
|
Cassidy Solo
|
Posted - 2010.04.08 00:09:00 -
[33]
I support this idea, although I have never had an issue with accounts being stolen on any game I play, even insecure web games I used to play in public libraries and such.
However, I have to ask, why is everyone calling it a 9-key? It is a 10-key, as it has 10 keys (0-9).
|
|
|
|
Pages: 1 2 :: [one page] |