open All Channels
seplocked Assembly Hall
blankseplocked [Proposal] RSA authentication (help us protect our accounts)
 
This thread is older than 90 days and has been locked due to inactivity.


 
Pages: 1 [2] 3 4

Author Topic

Miss Maersk
Posted - 2010.10.05 10:55:00 - [31]
 

Support??, U've got it m8, good ideas in here

TeaDaze
Agony Unleashed
Agony Empire
Posted - 2010.10.05 12:16:00 - [32]
 

This is part of the Account Security Enhancements proposal which is still in the CSM backlog.

We can discuss this again during the December summit and try to get it raised in priority.

Laxyr
Deep Core Mining Inc.
Posted - 2010.10.05 12:21:00 - [33]
 

As long as it stays optional...

wr3cks
Reliables Inc
BricK sQuAD.
Posted - 2010.10.05 13:28:00 - [34]
 

So, to clarify, how many times do we have to raise what is obviously a good idea before CCP will consider it? Three? Five?

De'Veldrin
Minmatar
Norse'Storm Battle Group
Intrepid Crossing
Posted - 2010.10.05 15:03:00 - [35]
 

Originally by: wr3cks
So, to clarify, how many times do we have to raise what is obviously a good idea before CCP will consider it? Three? Five?


Over 9000

SXYGeeK
Gallente
do you

Posted - 2010.10.05 15:08:00 - [36]
 

Originally by: TeaDaze
This is part of the Account Security Enhancements proposal which is still in the CSM backlog.

We can discuss this again during the December summit and try to get it raised in priority.


Thanks Tea,
however the security tokens seems to be a small footnote in the proposal you linked. It's mostly concerned with character transfer proceedings.

I might add that If account management was secured by RSA key it would be much much harder for anyone to initiate an unauthorized character transfer.

I want to stress that RSA keys are perhaps the single best security mechanism that could be added and we should be clear that it should be the first priority, not a "Long term security improvement to consider"

H3ndrix
Amarr
High Aces

Posted - 2010.10.05 16:35:00 - [37]
 

Edited by: H3ndrix on 05/10/2010 16:36:25
sounds good

Otaci
Posted - 2010.10.05 17:44:00 - [38]
 

Originally by: Nuts Nougat
Passwordless login a la SSH please.

Ooh yeah, this would be great. Maybe as an alternative to the RSA, a USB or smartcard thing maybe. Got the USB plugged in then don't need password.

Tharill daSai
Caldari
Serringer Arms Inc
Free United Spirits
Posted - 2010.10.05 17:44:00 - [39]
 

Support

Leveaux
Gallente
EVE University
Ivy League
Posted - 2010.10.05 18:21:00 - [40]
 

I suppose this!!! I have used RSA while I was in the U.S. Navy and we currently use it at my current job.

Troll Bridgington
Incompertus INC
Fatal Ascension
Posted - 2010.10.05 18:30:00 - [41]
 

A keyfob would be nice. It would give me an excuse to carry around more eve related stuff on my person. Very Happy

Klyria
Minmatar
Agent-Orange
Nabaal Syndicate
Posted - 2010.10.05 20:04:00 - [42]
 

Yeah, this is something I like.

David Carel
Caldari
Wildly Inappropriate
Goonswarm Federation
Posted - 2010.10.05 20:44:00 - [43]
 


Lina Aviari
Posted - 2010.10.06 15:25:00 - [44]
 

Supported. One caution regarding an optional system is the fact that non-users of the Blizzard tokens have had (probably software) tokens put on their stolen accounts to lock them out of their own accounts. This is not a deal-killer by any means, but thought needs to be put into a process for efficiently handling/preventing situations like this if tokens are implemented.

Hugh Hefner
Caldari
Paxton Industries
-Mostly Harmless-
Posted - 2010.10.06 15:43:00 - [45]
 

I support this suggestion.

Musashi Takanohana
Caldari
Posted - 2010.10.06 15:45:00 - [46]
 

+1

Magnus Lex
Posted - 2010.10.06 15:46:00 - [47]
 

+1

Magnus Compress
Posted - 2010.10.06 15:48:00 - [48]
 

+1

Intar Medris
Amarr
Viziam

Posted - 2010.10.06 21:44:00 - [49]
 

Originally by: Saithe
There's also this thing I recently discovered. It's called your brain. I laugh at these people who cry about being victims of Identity theft and account hacking. Very FEW accounts are actually 'hacked'. Instead, the account info is phished because someone isn't using their brain.

I personally run my entire PC with no antivirus, no firewall, and I run with DMZ on. Never once have I gotten any form of spyware, any virus, and only ONCE has my Eve account been compromised. And that was a lucky guess due to someones computer storing passwords in Firefox.

So, in short; to better protect your account, USE YOUR ****ING HEAD WHEN GOING TO WEBSITES. Seriously, why the **** do you need to enter your account information ANYWHERE but eveonline.com, eveonline gate, or the actual Eve client?


Your the one not using your head. No firewall, no anti-virus, or no anti-malware period. You sir are a hacker's wet dream. Even when surfing to a legitimate site you can be infected, or one of your friends get infected and the virus gets attached to an email they send you. Oh and how do you know you haven't been infected with nothing to scan to detect threats, you don't. And when you do get one hope it is only a nuisance virus and not one that could destroy your beloved computer from the inside out.

And yes better security is always better.

Mara Rinn
Posted - 2010.10.06 21:48:00 - [50]
 

Originally by: Saithe
There's also this thing I recently discovered. It's called your brain. my Eve account been compromised due to someones computer storing passwords in Firefox.

USE YOUR ****ING HEAD WHEN GOING TO WEBSITES


FYP.

I'd be interested to hear some statistics from CCP about the number of failed login attempts per account per day. i.e.: the number of brute-force attempts by people trying to guess bad passwords.

Cebraio
Posted - 2010.10.06 21:54:00 - [51]
 

Supporting more account security!

Insurgent540
Minmatar
Posted - 2010.10.07 02:16:00 - [52]
 

+1 Support this proposal

Melina Lin
Posted - 2010.10.07 05:30:00 - [53]
 

Griefing the phishers! It's a start.

Martosh Toma
Gallente
Fraction Investment
Posted - 2010.10.07 14:25:00 - [54]
 

Edited by: Martosh Toma on 07/10/2010 14:27:11
Add the folowing securities before enabling rsa key purchase:

- account details must be unmoddified for 30 days prior to request
- login notification of recent account detail modification
- login notificcation of failed logins
- login notification of previously unknown ip logins
(both on web and client login of course)

with some kind of email verification allow rsa purchase
(5 day cooldown + login notification of purchase request)

doing it this way you could even sell the rsa for a few plex at little extra security risks

Ervyn
Infinite Improbability Inc
-Mostly Harmless-
Posted - 2010.10.07 15:45:00 - [55]
 

Edited by: Ervyn on 07/10/2010 15:45:59
Excellent idea.

SXYGeeK
Gallente
do you
Posted - 2010.10.08 16:25:00 - [56]
 

Another announcement today to protect our accounts, and the only tool we are given is the antiquated password with the recommendation to change it often.

Please support this topic and let CCP know we need better tools to help us protect our accounts.

BurningWrath
Capital Systems INC
Shadow of xXDEATHXx
Posted - 2010.10.08 21:26:00 - [57]
 

Yes, I pay quite a bit for my two toons. I dont want to loose it just like that.
+1

Delagos Almondis
Posted - 2010.10.08 21:40:00 - [58]
 

Like.
But please, dont sell them via the eve store where you have to pay ~30 $ shipment costs for a 10x10 minmatar sticker. I especially like the smartphone app idea.

Gauss Gun
Posted - 2010.10.08 23:34:00 - [59]
 


Meisje
Minmatar
hirr
Morsus Mihi
Posted - 2010.10.09 13:39:00 - [60]
 

Eve has an account hacking problem because of all the 3rd party work that goes into the game. Extra security on accounts seems very appropriate in this case.


Pages: 1 [2] 3 4

This thread is older than 90 days and has been locked due to inactivity.


 


The new forums are live

Please adjust your bookmarks to https://forums.eveonline.com

These forums are archived and read-only