Pages: [1] :: one page |
|
Author |
Thread Statistics | Show CCP posts - 0 post(s) |
Nereni Valacon
Deep Core Mining Inc. Caldari State
0
|
Posted - 2011.10.28 10:05:00 -
[1] - Quote
Seriously CCP, the restrictions you are arbitrarily placing on account passwords (such as not being able to reuse old passwords) is more restrictive than the corporate password restrictions at my job! Is there any chance of you guys easing up on the ridiculous restrictions that are currently in place for account passwords? I don't appreciate being forced to live under rules devised to save idiots from themselves.
PS. I've already filed a petition about this, but I've had absolutely no luck in getting my point across. |
Cannibal Kane
Umkhonto we Sizwe
46
|
Posted - 2011.10.28 10:18:00 -
[2] - Quote
You need to have your Companies IT staff fired for bad security practices.
Re-using old password is the number 1 nono in any environment. The Crazy South African.
|
Tedril Goveko
Harakoni Coalition
7
|
Posted - 2011.10.28 10:20:00 -
[3] - Quote
Hacker Alt detected, passwords too hard to crack, must make them easier.
|
Mr Kidd
Center for Advanced Studies Gallente Federation
108
|
Posted - 2011.10.28 10:23:00 -
[4] - Quote
Nereni Valacon wrote:Seriously CCP, the restrictions you are arbitrarily placing on account passwords (such as not being able to reuse old passwords) is more restrictive than the corporate password restrictions at my job! Is there any chance of you guys easing up on the ridiculous restrictions that are currently in place for account passwords? I don't appreciate being forced to live under rules devised to save idiots from themselves.
PS. I've already filed a petition about this, but I've had absolutely no luck in getting my point across.
If you're reusing passwords then don't bother changing it. Your problem solves it self. We want breast augmentations and sluttier clothing in the NeX! |
Nereni Valacon
Deep Core Mining Inc. Caldari State
0
|
Posted - 2011.10.28 10:25:00 -
[5] - Quote
Cannibal Kane wrote:You need to have your Companies IT staff fired.
Re-using old password is the number 1 nono in any environment.
Perhaps you'd care to explain why? Nobody knows my passwords, I don't share them with anyone. I don't re-use passwords at work anyway, FYI. My point is that if a policy is good enough to protect access to commercially sensitive company data, it's certainly good enough to safeguard virtual spaceships. I'd put money on CCP's IT environment not having a similarly restrictive policy. |
Florestan Bronstein
The Waterworks
135
|
Posted - 2011.10.28 10:26:00 -
[6] - Quote
Cannibal Kane wrote:You need to have your Companies IT staff fired for bad security practices.
Re-using old password is the number 1 nono in any environment. during my military service passwords on our PCs expired after one month and reusing the last 3 passwords was blocked.
so the password was always the same word with the month's number attached to it, e.g. pass01, pass02. pass03, ..., pass12
really helped to increase security. |
Nereni Valacon
Deep Core Mining Inc. Caldari State
0
|
Posted - 2011.10.28 10:27:00 -
[7] - Quote
Mr Kidd wrote:Nereni Valacon wrote:Seriously CCP, the restrictions you are arbitrarily placing on account passwords (such as not being able to reuse old passwords) is more restrictive than the corporate password restrictions at my job! Is there any chance of you guys easing up on the ridiculous restrictions that are currently in place for account passwords? I don't appreciate being forced to live under rules devised to save idiots from themselves.
PS. I've already filed a petition about this, but I've had absolutely no luck in getting my point across. If you're reusing passwords then don't bother changing it. Your problem solves it self.
Good point, but I already changed the password again (I think I had it reset or something). Now I can't change it back to what I want it to be. |
Sable Moran
Moran Light Industries
5
|
Posted - 2011.10.28 10:35:00 -
[8] - Quote
Nereni Valacon wrote:more restrictive than the corporate password restrictions at my job
Could you tell us what company you're working for so I'll have the option of not doing any kind of business with them.
Nereni Valacon wrote:Is there any chance of you guys easing up on the ridiculous restrictions that are currently in place for account passwords?
Knowing screegs I know it won't happen.
Nereni Valacon wrote:save idiots from themselves
Idiot like yourself?
Nereni Valacon wrote:PS. I've already filed a petition about this, but I've had absolutely no luck in getting my point across.
So form that we can deduce that CCP has in fact at least one GM that has a set of working brains, splendid.
On a more constructive note; Algorithms are your friends. They are really handy to generate a whole slew of easy to remember but difficult to crack passwords. Sable's Ammo Shop at Alentene V - Moon 4 - Duvolle Laboratories Factory. Hybrid charges, Projectile ammo, Missiles, Drones, Ships, Need'em? We have'em, at affordable prices. Pop in at our Ammo Shop in sunny Alentene. |
Sturmwolke
31
|
Posted - 2011.10.28 10:43:00 -
[9] - Quote
Nereni Valacon wrote:My point is that if a policy is good enough to protect access to commercially sensitive company data, it's certainly good enough to safeguard virtual spaceships.
That's a very lax company IT policy, which won't pass the rigors for many med-large entities nowadays. What CCP has implemented regarding the password re-use is fairly standard practice across the industry. Infact, they're fairly loose in certain aspects like quarterly or periodic mandatory password change, given the circumstance. |
Nereni Valacon
Deep Core Mining Inc. Caldari State
0
|
Posted - 2011.10.28 11:27:00 -
[10] - Quote
Sturmwolke wrote:Nereni Valacon wrote:My point is that if a policy is good enough to protect access to commercially sensitive company data, it's certainly good enough to safeguard virtual spaceships. That's a very lax company IT policy, which won't pass the rigors for many med-large entities nowadays. What CCP has implemented regarding the password re-use is fairly standard practice across the industry. Infact, they're fairly loose in certain aspects like quarterly or periodic mandatory password change, given the circumstance.
My employer does implement mandatory password changes as well as blocking the re-use of the last 6 passwords used, but this thread is not about my employer or their IT practices. The point that I'm trying to make here is that I'm against CCP prohibiting the re-use of ALL previous passwords. It's not standard practice at all in any organisation I've ever worked for (not that that even matters, see above) and it's a ridiculous overextension of security as far as a computer game is concerned. EVE is not a place of employment, nor is it critical that players' accounts are locked down to such a degree. Why should I have to endure policies implemented for the sole benefit of some moron who can't keep his own account/password secure? |
|
Jokerface666
Ever Flow Northern Coalition.
72
|
Posted - 2011.10.28 11:36:00 -
[11] - Quote
Nereni Valacon wrote:Seriously CCP, the restrictions you are arbitrarily placing on account passwords (such as not being able to reuse old passwords) is more restrictive than the corporate password restrictions at my job! Is there any chance of you guys easing up on the ridiculous restrictions that are currently in place for account passwords? I don't appreciate being forced to live under rules devised to save idiots from themselves.
PS. I've already filed a petition about this, but I've had absolutely no luck in getting my point across. Get rid of yor it staff dude, i'm not kidding!!! ------------------------------w00t w00t rapetrain------------------------------ |
Nereni Valacon
Deep Core Mining Inc. Caldari State
0
|
Posted - 2011.10.28 11:37:00 -
[12] - Quote
Sable Moran wrote:Nereni Valacon wrote:more restrictive than the corporate password restrictions at my job Could you tell us what company you're working for so I'll have the option of not doing any kind of business with them. Nereni Valacon wrote:Is there any chance of you guys easing up on the ridiculous restrictions that are currently in place for account passwords? Knowing screegs I know it won't happen. Nereni Valacon wrote:save idiots from themselves Idiot like yourself? Nereni Valacon wrote:PS. I've already filed a petition about this, but I've had absolutely no luck in getting my point across. So form that we can deduce that CCP has in fact at least one GM that has a set of working brains, splendid. On a more constructive note; Algorithms are your friends. They are really handy to generate a whole slew of easy to remember but difficult to crack passwords.
I don't appreciate your insults or your poor attitude. Please don't post in this thread if you have nothing useful to contribute. |
Sturmwolke
31
|
Posted - 2011.10.28 11:41:00 -
[13] - Quote
Nereni Valacon wrote:The point that I'm trying to make here is that I'm against CCP prohibiting the re-use of ALL previous passwords. It's not standard practice at all in any organisation I've ever worked for (not that that even matters, see above) and it's a ridiculous overextension of security as far as a computer game is concerned.
That's a fairly narcissistic way of thinking. Why do you consider it ridiculous - in the face of account hacks and clamour by the community for two-factor authentication?
P.S Incidentally, two-factor authentication's also another industry standard practice. |
Tanya Fox
Imperial Academy Amarr Empire
19
|
Posted - 2011.10.28 11:43:00 -
[14] - Quote
I'm not toatally sure what you are refering to.
If you mean you are being requested to change your password on a regular basis, I've not come across that as yet.
If you mean you are just trying to use an old password, then I'd ask why would you want to? Because it's good practice not to use old ones.
Because people tend to have so many passwords for different accounts these days, we tend to wrtie them down anyway. So a new password you're unlikely to forget.
Your employer is doing it wrong, unless the part of the system you have access to is non-sensitive.
It's good to see that CCP does take security seriously. |
Nereni Valacon
Deep Core Mining Inc. Caldari State
0
|
Posted - 2011.10.28 11:46:00 -
[15] - Quote
Sturmwolke wrote:Nereni Valacon wrote:The point that I'm trying to make here is that I'm against CCP prohibiting the re-use of ALL previous passwords. It's not standard practice at all in any organisation I've ever worked for (not that that even matters, see above) and it's a ridiculous overextension of security as far as a computer game is concerned. That's a fairly narcissistic way of thinking. Why do you consider it ridiculous - in the face of account hacks and clamour by the community for two-factor authentication? P.S Incidentally, two-factor authentication's also another industry standard practice.
Indeed, two-factor authentication is an industry-standard practice... one that CCP does not engage in as far as I'm aware. If anything, that's what the focus should be on, not on making it as difficult as possible to manage passwords under the pretext of making something more secure. |
Nereni Valacon
Deep Core Mining Inc. Caldari State
0
|
Posted - 2011.10.28 11:49:00 -
[16] - Quote
Tanya Fox wrote:If you mean you are just trying to use an old password, then I'd ask why would you want to? Because it's good practice not to use old ones.
Yes, this is what I'm referring to. To answer your question, I guess I just have my way of doing things. I'd rather have the freedom to do such a thing than to be forced into a fa+šade of security.
Quote:Your employer is doing it wrong, unless the part of the system you have access to is non-sensitive.
I've already said that this thread is not about my employer. I was merely using them as a point of comparison, not a point of debate.
On a good note, thank you for at least being constructive in your post. |
Sturmwolke
31
|
Posted - 2011.10.28 11:52:00 -
[17] - Quote
You forgot to answer the question. |
Nereni Valacon
Deep Core Mining Inc. Caldari State
0
|
Posted - 2011.10.28 11:54:00 -
[18] - Quote
Sturmwolke wrote:You forgot to answer the question.
Apologies, I was trying to work it into an edit of my reply.
The whole idea of convincing people that something is secure when it really isn't is what I find ridiculous. There is at least one scenario that I can think of where a previous password hasn't been compromised, yet still cannot be used: if a player resets their account password (through forgetting it or whatever) then tries to re-apply that password later on to the account, they can't do it under the current system. That's my main concern here, the current password policy isn't a properly thought-out one, and it's not the sort of thing I expect from a computer game. |
Tanya Fox
Imperial Academy Amarr Empire
19
|
Posted - 2011.10.28 12:17:00 -
[19] - Quote
Nereni Valacon wrote:Sturmwolke wrote:You forgot to answer the question. Apologies, I was trying to work it into an edit of my reply. The whole idea of convincing people that something is secure when it really isn't is what I find ridiculous. There is at least one scenario that I can think of where a previous password hasn't been compromised, yet still cannot be used: if a player resets their account password (through forgetting it or whatever) then tries to re-apply that password later on to the account, they can't do it under the current system. That's my main concern here, the current password policy isn't a properly thought-out one, and it's not the sort of thing I expect from a computer game. .
Again why use the old one? There's no reason not to use a new one.
Already said people tend to write them down, you soon get used to the new one (in most cases) even if it's 16 characters or longer as long as you use it on a regular basis. |
Sturmwolke
31
|
Posted - 2011.10.28 12:20:00 -
[20] - Quote
Nereni Valacon wrote:The whole idea of convincing people that something is secure when it really isn't is what I find ridiculous. There is at least one scenario that I can think of where a previous password hasn't been compromised, yet still cannot be used: if a player resets their account password (through forgetting it or whatever) then tries to re-apply that password later on to the account, they can't do it under the current system. That's my main concern here, the current password policy isn't a properly thought-out one, and it's not the sort of thing I expect from a computer game.
None of this is to say I'm against better security in EVE: I'm all for real improvements to account security, ones that provide tangible benefits such as two-factor authentication (not difficult to do either, CCP, hint hint). I just don't like this whole 'illusion of security' nonsense that's going on at the moment.
Nothing is secure. Those policies are not there to "convince" people that everything's secure, nor give an illusion that everything's secure. They're there to mitigate the occurences of unauthorized use, form a multi-barrier blocks and as a general deterrent (to easy hacks). Being a computer game has nothing to do with what you're implying when personal credit details are at risk.
You need to correct your perception.
Should CCP make an exception to your case, your majesty?
|
|
Nereni Valacon
Deep Core Mining Inc. Caldari State
0
|
Posted - 2011.10.28 13:41:00 -
[21] - Quote
Sturmwolke wrote:Nereni Valacon wrote:The whole idea of convincing people that something is secure when it really isn't is what I find ridiculous. There is at least one scenario that I can think of where a previous password hasn't been compromised, yet still cannot be used: if a player resets their account password (through forgetting it or whatever) then tries to re-apply that password later on to the account, they can't do it under the current system. That's my main concern here, the current password policy isn't a properly thought-out one, and it's not the sort of thing I expect from a computer game.
None of this is to say I'm against better security in EVE: I'm all for real improvements to account security, ones that provide tangible benefits such as two-factor authentication (not difficult to do either, CCP, hint hint). I just don't like this whole 'illusion of security' nonsense that's going on at the moment. Nothing is secure. Those policies are not there to "convince" people that everything's secure, nor give an illusion that everything's secure. They're there to mitigate the occurences of unauthorized use, form a multi-barrier blocks and as a general deterrent (to easy hacks). Being a computer game has nothing to do with what you're implying when personal credit details are at risk. You need to correct your perception. Should CCP make an exception to your case, your majesty?
I refuse to debate a point with someone who has to resort to childish name-calling in their responses. Get a real understanding of the issue at hand before spouting mindless garbage, please. |
Nereni Valacon
Deep Core Mining Inc. Caldari State
0
|
Posted - 2011.10.28 13:46:00 -
[22] - Quote
Tanya Fox wrote:Nereni Valacon wrote:Sturmwolke wrote:You forgot to answer the question. Apologies, I was trying to work it into an edit of my reply. The whole idea of convincing people that something is secure when it really isn't is what I find ridiculous. There is at least one scenario that I can think of where a previous password hasn't been compromised, yet still cannot be used: if a player resets their account password (through forgetting it or whatever) then tries to re-apply that password later on to the account, they can't do it under the current system. That's my main concern here, the current password policy isn't a properly thought-out one, and it's not the sort of thing I expect from a computer game. . Again why use the old one? There's no reason not to use a new one. Already said people tend to write them down, you soon get used to the new one (in most cases) even if it's 16 characters or longer as long as you use it on a regular basis.
People do write down passwords, but it's certainly not a habit I engage in. I'm more concerned with the fact that preventing the re-use of old passwords is not in any sense a decent security measure, but is really just an inconvenience for the user that provides no benefit whatsoever. I'm resigned to the fact that this is a policy that isn't likely to change, but I still feel it necessary to make my voice heard on the issue. It's just a shame that you can't seem to do that in the EVE community without being personally insulted from multiple angles. |
Sturmwolke
32
|
Posted - 2011.10.28 20:10:00 -
[23] - Quote
Nereni Valacon wrote:Sturmwolke wrote: Should CCP make an exception to your case, your majesty?
I refuse to debate a point with someone who has to resort to childish name-calling in their responses. Get a real understanding of the issue at hand before spouting mindless garbage, please.
There is little to debate in the first place. Those things are implemented for a reason, regardless of your personal arguments on the benefits. The fact that CCP hadn't implemented a mandatory periodic password expiry policy suggests prior deliberation on the user convenience/ease of use side.
Now, didn't you write (earlier in this thread) "I don't appreciate being forced to live under rules devised to save idiots from themselves".
That your majesty, exposes your thinking to nothing more than a personal rant from someone who wants even more candies, despite having eaten a dozen. It also means you have an almost Asperger like tendencies or attachment towards re-using passwords, or else you wouldn't have bothered posting, much less pettioning such a case - being acutely aware that it's going to fall onto deaf ears. Anyone who had broken into your passwords (whether now or in the future) can rest easily with that fact.
As for the name calling accusation, doesn't that name title actually reflect your core standpoint on this? (I like cutting all the fluff out of the way to get straight to the point.) |
|
|
|
Pages: [1] :: one page |
First page | Previous page | Next page | Last page |