open All Channels
seplocked Assembly Hall
blankseplocked [proposal] mandatory password changes for EVE accounts
 
This thread is older than 90 days and has been locked due to inactivity.


 
Pages: 1 2 [3] 4

Author Topic

Efrim Black
Gallente
Thanatos Industries
Posted - 2009.04.22 17:14:00 - [61]
 

Edited by: Efrim Black on 22/04/2009 17:14:29
Originally by: The Monkeysphere
It is obvious that those who are actually competent (such as members of Pandemic Legion) must take the matter in their own hands.


Pandemic Legion - Finally an appropriate name for an alliance. Rolling Eyes


You guys have the combined humor of a 5 year old.

mazzilliu
Caldari
Sniggerdly
Pandemic Legion
Posted - 2009.04.22 17:27:00 - [62]
 

Edited by: mazzilliu on 22/04/2009 17:32:02
Originally by: Efrim Black
Originally by: The Monkeysphere
Edited by: The Monkeysphere on 22/04/2009 16:45:12
Supporting this. It needs to be on the front page so that people would read Drake Draconis' posts.


Replying to this, to point out that out of the 26 current supports, about 17-18 of them are almost certainly alts and corp mates.

This is pathetic.


well to be honest I ran out of alts on the first page. i dont know if those other chars are alts or not or whos they are exactly, but thanks to ccp's forum system they still count the same! Very Happy

Originally by: Efrim Black

You guys have the combined humor of a 5 year old.

You should enlighten us on the proper way to have a sense of humor. go on, tell a joke or something. i promise ill laugh~


anyways so far the only real rebuttals ive seen so far are:

-people who dont know about password security deserve to get hacked
-me and everyone else is going to raise a huge fuss and petition everything if this goes through(because lost password forums are hard to fill out)
-the OP is dumb and wrong and i know because i work at geek squad.
-we in the past CSM already failed to solve the issue so dont bother wasting our time, havent you been paying attention mazz??!!
-i like to hack people


and alternatives offered:
-warning popup on login instead of mandatory password change
-minimum password security requirmeent instead of mandatory password change


was that all?

Efrim Black
Gallente
Thanatos Industries
Posted - 2009.04.22 17:31:00 - [63]
 

Originally by: mazzilliu

-the OP is dumb and wrong and i know because i work at geek squad.

was that all?


That about sums up this entire thread. Plenty of people who know what they are talking about and run servers have told you that your proposed idea is pointless and/or stupid. You just ignore them for some reason.

mazzilliu
Caldari
Sniggerdly
Pandemic Legion
Posted - 2009.04.22 17:34:00 - [64]
 

Originally by: Efrim Black
Originally by: mazzilliu

-the OP is dumb and wrong and i know because i work at geek squad.

was that all?


That about sums up this entire thread. Plenty of people who know what they are talking about and run servers have told you that your proposed idea is pointless and/or stupid. You just ignore them for some reason.


wait i run servers too

Efrim Black
Gallente
Thanatos Industries
Posted - 2009.04.22 17:36:00 - [65]
 

Originally by: mazzilliu
Originally by: Efrim Black
Originally by: mazzilliu

-the OP is dumb and wrong and i know because i work at geek squad.

was that all?


That about sums up this entire thread. Plenty of people who know what they are talking about and run servers have told you that your proposed idea is pointless and/or stupid. You just ignore them for some reason.


wait i run servers too


Well then I guess we have to go majority rule? Lets see how many more supports you can scrounge up for this sinking ship.

mazzilliu
Caldari
Sniggerdly
Pandemic Legion
Posted - 2009.04.22 17:46:00 - [66]
 

Edited by: mazzilliu on 22/04/2009 17:46:55
Originally by: Efrim Black

Well then I guess we have to go majority rule? Lets see how many more supports you can scrounge up for this sinking ship.


you know, on the whole i am actually pretty glad that the only people who seem to be supporting me are people that would do so anyways, and just about everyone else has this sort of carefree/hostile attitude about this sort of thing, especially when they "run servers".

which servers exactly do youall run and whats their addresses~

Carin K
Minmatar
Pandemic Legion
Posted - 2009.04.22 18:05:00 - [67]
 

I "run servers", therefore am immediately superior to anybody who doesn't and thus my opinion or vote counts for more

Hello
I am Efrin Black

~
In other :nesw: I wholly support this however I believe the prescribed notion of passwords only being accepted with a mandatory secure level should also be added into this proposal

Oh and CCP should also do hell-purges of passwords forcing you to change at irregular intervals as long as they have a working and user-friendly password recovery system ~ which automatically resets their password to a scrambled 12 character one (which they have the option to keep)

Another *final* thing, perhaps a function to allow one to save their password so they don't have to enter it each time (as long as this doesn't produce any security issues other than somebody actually *taking* your computer - which is pretty unavoidable itself anyway)

PS: I love mazz and she has promised me nudes If i post here backing her up
^^so this is what I am doing, y0
x



Shuckstar
Gallente
Hauling hogs
Swine Aviation Labs
Posted - 2009.04.22 20:37:00 - [68]
 


Tobruk
ElitistOps
Pandemic Legion
Posted - 2009.04.23 04:09:00 - [69]
 

confirming that i am an alt and that i too run servers and never have mandatory passowrdchanges ever.

Passero mus
Gallente
Intaki Liberation Front
Posted - 2009.04.23 05:30:00 - [70]
 

To be honest, i don't think this is a good idea. I don't know the numbers, but perhaps CCP can tell us, if they want... How many accounts get hacked on a montly base? How many of those account have been doing bad stuff? Buying ISK, using macros they get from a site that uses the account info to hack and things like that. I believe most of the those people who get hacked is because of their own stupid fault.

I don't think you have to bother over 90% of the userbase with a problem caused by 10% players who don't follow the EULA.
Offcourse the 90/10 range is a guess...

Jalair Mukhali
North Eastern Swat
Pandemic Legion
Posted - 2009.04.30 23:54:00 - [71]
 

Edited by: Jalair Mukhali on 30/04/2009 23:54:35
What's the big deal? So you have to change your password every so often - cry more.

Supported.

There's some epic PL hate going on here, it's pretty obvious, and it's a lot more pathetic than a bunch of alt support. Account security is a serious issue, above and beyond whatever is going on in 0.0. Grow up, haters.

Edit: forgot the thumbs up.

Joakim Ansgar
Posted - 2009.04.30 23:55:00 - [72]
 

Sounds like a good idea.

Louanne Barros
North Eastern Swat
Pandemic Legion
Posted - 2009.04.30 23:57:00 - [73]
 

Good idea. I need to change my password more.

Nahal Ebadi
Posted - 2009.04.30 23:57:00 - [74]
 

I, too, support account security.

Sovereign533
Caldari
The Collective
Against ALL Authorities
Posted - 2009.05.01 03:18:00 - [75]
 

oh HELL no,
i always get ****ing ****ed about unimportant and useless websites/games/whatever forcing password changes.
if it doesn't directly involve my rl money and or income, then i don't really give a **** about passwords.

i hate password templates just as much. if i want a simple password, it means i don't give a **** if it gets guessed.

just like lavista thingie earlier, i change my passwords regulary. but damnit, don't force it...

LaVista Vista
Conservative Shenanigans Party
Posted - 2009.05.01 05:33:00 - [76]
 

Originally by: Sovereign533

i always get ****ing ****ed about unimportant and useless websites/games/whatever forcing password changes.
if it doesn't directly involve my rl money and or income, then i don't really give a **** about passwords.

But didn't you hear?

The Pandemic Legion guys are suggesting that internet spaceships is serious business. Wink


Furb Killer
Gallente
Posted - 2009.05.01 05:54:00 - [77]
 

Edited by: Furb Killer on 01/05/2009 05:54:36
'Hackers' get the passes from eve accounts either by key loggers or because the user is stupid and told them (or someone else somewhere) their pass. Against both a difficult pass with numbers wont help much. Difficult passes are usefull when someone can bruteforce the pass (or even more with dictionary attack), but i think ccp will notice when someone tries to bruteforce your pass.

LaVista Vista
Conservative Shenanigans Party
Posted - 2009.05.01 07:03:00 - [78]
 

Originally by: Furb Killer
Edited by: Furb Killer on 01/05/2009 05:54:36
'Hackers' get the passes from eve accounts either by key loggers or because the user is stupid and told them (or someone else somewhere) their pass. Against both a difficult pass with numbers wont help much. Difficult passes are usefull when someone can bruteforce the pass (or even more with dictionary attack), but i think ccp will notice when someone tries to bruteforce your pass.

Or from hacked third-party forums.

But that's why you should never use the same username on eve-o.

Nobody knows my username. Hence, they would have to figure out my username AND password.

Drake Draconis
Minmatar
Shadow Cadre
Shadow Confederation
Posted - 2009.05.01 07:18:00 - [79]
 

Originally by: LaVista Vista
Originally by: Furb Killer
Edited by: Furb Killer on 01/05/2009 05:54:36
'Hackers' get the passes from eve accounts either by key loggers or because the user is stupid and told them (or someone else somewhere) their pass. Against both a difficult pass with numbers wont help much. Difficult passes are usefull when someone can bruteforce the pass (or even more with dictionary attack), but i think ccp will notice when someone tries to bruteforce your pass.

Or from hacked third-party forums.

But that's why you should never use the same username on eve-o.

Nobody knows my username. Hence, they would have to figure out my username AND password.


That's because your exercising common sense.

This proposal is like telling CCP to outlaw scamming.

It's not there fault you gave your password away.
Which is why its pointless to force changes.... who gives a damn if you change your password.

You'd have to change it 50 some odd times a day to make it worth while..and that's insane.

If you really where that bloody worried... you would issue a smart card/key with a randomized decryption/encryption algorithm that would transmit your account information.

God help you if you lose the damn thing... and all that over a ####ing game?

And they call me crazy!

It IS a video game right?

Lauren DeVinnie
Posted - 2009.05.01 10:26:00 - [80]
 

Number of Passwords/PINS I need to remember in real life or for work (not for entertainment) - over 15

Number of those that make me change my password frequently - 6

Chances that I am going to start changing my entertainment passwords frequently and try to remember them because some internet company that I give money to decides that I am too stupid to protect my password to my internet spaceship - 0

/Not Supported/

And to save me time, count this post as 6 opposed and pretend my 5 alts logged on too

Jason Edwards
Internet Tough Guy
Spreadsheets Online
Posted - 2009.05.01 11:57:00 - [81]
 

1. Most of the time even if there's a password being changed etc. Keyloggers are going to bypass all that.

The issue is that people give away their account details and such. It's the most moronic thing ever.

People go away from the game for awhile... so they give their friends the account details. They come back to the game and get their account back in good condition. They dont bother changing the password. They do something moronic... **** everyone off. They log him in and basically lead them into being screwed up badly. etc etc.

That's what happens with all these "hacked accounts"

mazzilliu
Caldari
Sniggerdly
Pandemic Legion
Posted - 2009.05.01 13:15:00 - [82]
 

Originally by: Jason Edwards


That's what happens with all these "hacked accounts"


no, it's not. what happens is outlined in post #32 of this thread in about the middle. most of you don't even understand how the mass attack on accounts works, or just how many people this attack really works on.(hint: there are no mass trojans deployed just to steal eve accounts. it just doesn't make sense, they would not be bothering with game accounts if they had credit card details)


anyways, i'm probably going to re-word this idea to just be a popup warning when a password is a certain age, or an e-mailed warning to active accounts with an old enough password, because i dont think ccp would implement something that could potentially get people to lock themselves out of their accounts.

Drake Draconis
Minmatar
Shadow Cadre
Shadow Confederation
Posted - 2009.05.01 20:06:00 - [83]
 

So Jason Edwards is smarter than Miss Alt Posts Alot?

Wow.... who woulda thunk it.

Xipheas
Evolving Strategies
Posted - 2009.05.17 17:52:00 - [84]
 

Edited by: Xipheas on 17/05/2009 17:53:08
Not supported, because I don't want to have to remember yet another automatic/forced password change like the five at work (like someone else said). I would, however, support your updated idea of some form of notification to change it every few months, so I could do it on my own terms.

But seriously, Drake, less :words: and less :rage:. Thanks in advance.


Foxxy Lady
Dark-Rising
Executive Outcomes
Posted - 2009.05.17 19:48:00 - [85]
 

I cannot support this. I am in the military and and they have mandatory password changes and VERY complex password requirements. 9/10 people write their password down and the 10th uses a silly common scheme.

Zostera
Minmatar
Sniggerdly
Pandemic Legion
Posted - 2009.05.19 09:04:00 - [86]
 

Supported in general principle that password security is poor.

Perhaps add a reminder to the login screen once a month with a suggestion and tips on good password security. Perhaps even with a link to an advice page like we get with patch notes etc.

A reminder wouldn't hurt while leaving it open to player choice.


Sumnamna
Caldari
The 5th Freedom
Wildly Inappropriate.
Posted - 2009.05.30 10:00:00 - [87]
 

I disagree with the whole concept, If you can't remember to change your password then it's your fault if someone hacks your account and steals from you. Why do we need more people telling us what to do?

111010110
Posted - 2009.05.30 17:18:00 - [88]
 

Originally by: LaVista Vista
Originally by: Furb Killer
Edited by: Furb Killer on 01/05/2009 05:54:36
'Hackers' get the passes from eve accounts either by key loggers or because the user is stupid and told them (or someone else somewhere) their pass. Against both a difficult pass with numbers wont help much. Difficult passes are usefull when someone can bruteforce the pass (or even more with dictionary attack), but i think ccp will notice when someone tries to bruteforce your pass.

Or from hacked third-party forums.

But that's why you should never use the same username on eve-o.

Nobody knows my username. Hence, they would have to figure out my username AND password.


Now it makes sense why some of the character traders bug each other for account names passed on in character sales. Interesting, that's a can of worms.

Lumy
Minmatar
Sebiestor Tribe
Posted - 2009.05.30 17:59:00 - [89]
 

Hell No!

Mandatory password changes won't help anybody. If you get infected by key logger, even changing password every other day will not save you. Also having insanely difficult passwords usually lead people to have them stored in browser, written in text file or (in better case) on paper. So overall effect is none bar annoying people.

You cannot protect people from their own stupidity. Best you can do is to inform them as much as possible. So give new players in account creation screen:
1) password strength checker (but not force, just warn)
2) guideline how to create strong password
3) random password generator
4) huge red text with warning sign telling them to use unique user name and password

010110111001
Posted - 2009.05.31 00:43:00 - [90]
 

Edited by: 010110111001 on 31/05/2009 00:44:21
Not supported.

It's not CCPs responsability to hold people's hands or get them to grow up. Keep in mind EVE's development is one of trends, open this can of worm and it'll open the door for a range of confirmation tracks over time. No thanks.

A nice reminder paired with account subscription timer would do fine.
You have 9 days remaining on your addiction, and your password is 6 years old.

Still, maybe it is sometimes a little bit their job to help people grow up, going over a number of posts here makes me a tad fearful for this CSM round. If this is how cases will be tackled ... far from good.


Pages: 1 2 [3] 4

This thread is older than 90 days and has been locked due to inactivity.


 


The new forums are live

Please adjust your bookmarks to https://forums.eveonline.com

These forums are archived and read-only