EVE Search - IF log in need to input verified code

Check My IP Information

All Channels

EVE General Discussion

IF log in need to input verified code

» Click here to find additional results for this topic using Google

Monitor this thread via RSS [?]

Pages: 1 2 [3] :: one page

Author	Thread Statistics \| Show CCP posts - 0 post(s)
Marconus Orion Massive PVPness 221	Posted - 2012.07.18 15:02:00 - [61] - Quote A phone ap as an authenticator works like a charm. I am surprised this game still does not support one.
Sentamon Imperial Academy Amarr Empire 35	Posted - 2012.07.18 15:24:00 - [62] - Quote Torneach wrote: Is it really necessary? Yes.
MadMuppet Universal Freelance CONSORTIUM UNIVERSALIS 503	Posted - 2012.07.18 15:32:00 - [63] - Quote I wouldn't mind it if I didn't have to log in every time I change characters. If I tried to make a type of coffee that made all of you happy, and you rated it, the group score for it would be about 60 out of 100. Break into 3 or 4 coffee clusters, and made coffee just for each cluster, the scores would go from 60 to 78. The difference between coffee at 60 and coffee at 78 is a difference between coffee that makes you wince or makes you happy.
Linda Shadowborn Dark Steel Industries 188	Posted - 2012.07.18 16:21:00 - [64] - Quote Just Lilly wrote: How about an mobile authenticator instead, like the one Blizzard use. It's a free app for your smartphone. Everyone use smartphones... I dont :)
Haffsol Froody Guys Spaceships Business 7	Posted - 2012.07.18 16:28:00 - [65] - Quote Quote: Quote: is https too easy to implement or what? It's two different thing, https is applying a application layer cryptographic protocol to the http protocol, http + ssl. This is used to avoid eavesdropping and tampering of the data send between two computers. so if you consider your pc secure from a physical point of view, and you don't store your passwords in a file called EVE-PASSWORDS-OF-ALL-MY-ACCOUNTS.DOC on your desktop than https should be just the way to go. I mean, it's a sort of tunneling between my pc and the CCP servers on a cryptographic layer. And has been proven to be quite solid in years since its introduction. What can go wrong? I like logging into something using name & pwd and not loosing time trying to convince a computer that I'm human
Tarsus Zateki GoonWaffe Goonswarm Federation 753	Posted - 2012.07.18 17:40:00 - [66] - Quote The recent hilarity involving the huge number of people having their Diablo 3 accounts stolen shows our PCs are not secure and no amount of self-assurance will change that. Using two part authentication moves one factor out of the hands of account thieves and puts it somewhere they can't get it without outright mugging or robbing you. Both of which are real crimes in most nations. Edit: Captcha is a ****** solution, physical authenticators you carry on you are a good solution. Heck CCP could use the same VASCO Digi-Pass authenticators that Blizzard uses and save a bunch of money. You asked me once, what was in Room 101. I told you that you knew the answer already. Everyone knows it. The thing that is in Room 101 is the worst thing in the world.
Finde learth Republic Military School Minmatar Republic 16	Posted - 2012.07.31 09:34:00 - [67] - Quote Finally CCP won't add the stupid captcha on Tranquility. When you input fail on Serenity, the stupid captcha will still appear. http://i.imgur.com/VkUrw.png
dexington 102	Posted - 2012.07.31 09:47:00 - [68] - Quote Haffsol wrote: Quote: Quote: is https too easy to implement or what? It's two different thing, https is applying a application layer cryptographic protocol to the http protocol, http + ssl. This is used to avoid eavesdropping and tampering of the data send between two computers. so if you consider your pc secure from a physical point of view, and you don't store your passwords in a file called EVE-PASSWORDS-OF-ALL-MY-ACCOUNTS.DOC on your desktop than https should be just the way to go. SSL/HTTPS does not protect you against automated attacks that are trying to guess you password, which is what CAPTCHA tries to do. Besides i think user authentication is already done over a secure connection. GÇ£The best way to keep something bad from happening is to see it ahead of time, and you can't see it if you refuse to face the possibility.GÇ¥-á
Vera Algaert Republic University Minmatar Republic 274	Posted - 2012.07.31 10:29:00 - [69] - Quote Mr M wrote: I hate it when I get a captcha like this. that's because you don't understand how recaptcha works google uses recaptcha to outsource OCR work to you, so each captcha consists of one word that is known and one word that is unknown to google. The second word has no influence on whether you pas the captcha or not, it's just a word that google's OCR systems have trouble identifying (they digitize newspapers, books or more recently street numbers for google maps) and that they want your help with. So they take all submissions for the second word from users who had the first (known) word right and see if there is a consensus between users on what it is supposed to read - if there is they know what to digitize it as (and yes, this is of course exploitable and /b/tards are trying to exploit it hoping to insert racial slurs into the digitized texts as they go). The font gives away that turntu is the "known" word in your example and that you have to get this one right to pass the captcha while apolole is unknown to Google and as such doesn't matter.
HyperZerg Free-Space-Ranger Ev0ke 11	Posted - 2012.07.31 11:14:00 - [70] - Quote As long as the hashs aren't stored in the local computer no need for capchas ... Just add: per IP and per account 5 trys then wait 10 sec till another login is allowed. Then, even if you try to "guess" the password "1234" you need up to 10k trys => ~27h If you have to use non-numeric password with at least 7 characters, special characters and stuff you can forget to use a brute-force attack. Captchas ONLY use is to block bots in automated request. IF they are already blocked after too many failed logins no need for them. Okay you could stop bots from automated login to you char but there are easy ways to avoid captchas.. You got 1 person online who get the captchas copyed as picture, solves it and send it back to the bot who needs it. The real botters won't cry and all the normal players will be pissed of badly.

Abel Merkabah TIMELINE Industries 87	Posted - 2012.07.31 13:36:00 - [71] - Quote This is all silly. The obvious solution is biometrics. Every time you sign in, you need to submit a small blood sample (EvE is thirsty). EvE will verify your genetic code; problem solved. Edit - I'd like to see a bot do that. Seriously, authenticators rock though. I support key fab or smart phone authenticators. "The human body can be drained of blood in 8.6 seconds, given adequate vacuuming systems."


Pages: 1 2 [3] :: one page
First page \| Previous page \| Next page \| Last page

COPYRIGHT NOTICE
EVE Online, the EVE logo, EVE and all associated logos and designs are the intellectual property of CCP hf. All artwork, screenshots, characters, vehicles, storylines, world facts or other recognizable features of the intellectual property relating to these trademarks are likewise the intellectual property of CCP hf. EVE Online and the EVE logo are the registered trademarks of CCP hf. All rights are reserved worldwide. All other trademarks are the property of their respective owners. CCP hf. has granted permission to EVE-Search.com to use EVE Online and all associated logos and designs for promotional and information purposes on its website but does not endorse, and is not in any way affiliated with, EVE-Search.com. CCP is in no way responsible for the content on or functioning of this website, nor can it be liable for any damage arising from the use of this website.