open All Channels
seplocked Assembly Hall
blankseplocked [Proposal] Account Security
 
This thread is older than 90 days and has been locked due to inactivity.


 
Author Topic

Melantari
Posted - 2011.01.02 05:59:00 - [1]
 

Edited by: Melantari on 02/01/2011 06:43:07
Edited by: Melantari on 02/01/2011 06:04:55
Edited by: Melantari on 02/01/2011 06:00:22
How about before we get too far with expansions, someone works on improving account security!

A friend of mine was hacked less than a week ago and he recieved very little back after getting his account back.
I understand the EULA, but with many of us having long term characters ( over 3 Yrs+ ), Account security must be on the top of our lists.

It hurts when someone has been playing a long time and leaves becouse all the money they have invested is thrown away by a hacker taking control of an account. Its not just the ISK, but if you lostr a carrier, Dread or Mothership, how long does it take to rebuild or get enough ISK back to rebuy and Refit? People are leaving EvE becouse of this... not the hacker so much but the lack of understanding. Maybe we need insurance against hacking in game.. you pay for insurance, you get hacked, insurance pays back what you had prior to the DT before the hack.

There must be a way of improving our security as this seems to be the worst game I have been part of lately when it comes to account security.

I am no PC expert, I am a player. But what about...
1. Authenticator system
2. Max Password trys (3?)
3. Email notification of fraudulant activity?
4. etc

Rip Minner
Gallente
ARMITAGE Logistics Salvage and Industries
Posted - 2011.01.02 06:56:00 - [2]
 

I would think now would be the time for them to come out with a Authenticator system. Why? Becouse there sending us to facebook to get are pc's infested with spy ware and virus just so we can vote on a ship lolzTwisted Evil

Nye Jaran
Posted - 2011.01.02 13:46:00 - [3]
 

Edited by: Nye Jaran on 04/01/2011 01:59:49
Given the amount of work that can be erased by a hacker in a handful of minutes, I agree Eve needs to step it up on security. Even WoW has better security than Eve, for crying out loud. Given the volatile nature of the game and it's cut-throat attitude toward gameplay, an authenticator token really is needed.

I'd be willing to up to $50 USD upfront for one, if one token can be linked to multiple accounts.

Come on, CCP, get with the last decade and introduce authenticator tokens already.

Melantari - How bad was the loss?

Melantari
Posted - 2011.01.02 13:55:00 - [4]
 

10's of Billions I believe, and has probably caused the closure of a corp seing it was the CEO

Zynnis AtManath
Caldari
Posted - 2011.01.02 14:48:00 - [5]
 

I'd be mad if I got hacked and not reimbursed.

I play WoW as well, I was recently hacked on my account there, it ended in my entire Guild being closed down, and EVERYTHING sold and lost. At least they reimbursed me EVERYTHING, with no cost to me. That includes my gold, my items, and my gear.

If Blizzard can do that, CCP can too.

TimMc
Brutal Deliverance
Gypsy Band
Posted - 2011.01.02 15:02:00 - [6]
 

Account 'hacking' in eve is rarely anything of the sort. It is done through phishing.

You will have received an email to a website asking for you to login. This may appear very authentic. Once logged in, it may forward you to the real eve site or just say thanks. Then they login with your details and have their way with you.


Problem is between screen and chair I'm afraid. Stupid users.

De'Veldrin
Minmatar
Norse'Storm Battle Group
Intrepid Crossing
Posted - 2011.01.02 15:15:00 - [7]
 

Originally by: TimMc

Problem is between screen and chair I'm afraid. Stupid users.


While I agree with this part of your post, that's not a reason not to add in additional (optional) security measures.

+1 for an authenticator type system.

Zynnis AtManath
Caldari
Posted - 2011.01.02 15:23:00 - [8]
 

Edited by: Zynnis AtManath on 02/01/2011 15:27:12
Originally by: TimMc
Account 'hacking' in eve is rarely anything of the sort. It is done through phishing.

You will have received an email to a website asking for you to login. This may appear very authentic. Once logged in, it may forward you to the real eve site or just say thanks. Then they login with your details and have their way with you.


Problem is between screen and chair I'm afraid. Stupid users.


I do agree with this, it is a problem b/t screen and chair, but the fact of the matter is, if it does happen, ant it is a legit case, there should be better ways to reimburse and fix the problem. I don't foresee myself being hacked on eve any time in the near or distant future, but ***t does happen, and CCP should be prepared to make amends in the event that it does.

It all comes down to customer service, long term players are targets, they've put much time and money into this product, and when they quit playing because CCP doesn't have a way to make them want to come back is ridiculous to say the least.

I mean, I understand yes, it is my fault, I clicked the site, I logged in, I'm an idiot, but the first time it happens, slap me on the wrist and tell me not to do it again, don't say, oh, here's a little bit back, enjoy, and leave it at that.

GeoffWICE
Posted - 2011.01.03 11:37:00 - [9]
 

Edited by: GeoffWICE on 03/01/2011 11:38:07
you would think something like this CCP would give it a priority

Mara Rinn
Posted - 2011.01.03 11:46:00 - [10]
 

Adding an authenticator is a great way to stop people sharing accounts.

Since Bobbeh told me that I'm a "nerf supercarriers" troll, I feel it is my duty to the denizens of nullsec to insist on authenticators being added to EVE online as a compulsory measure to prevent account sharing.

If you want supercarriers and titans available 24x7, sign up some Oceanic pilots :)

Nerf titans, buff Australia! Add compulsory authenticators to EVE accounts!

De'Veldrin
Minmatar
Norse'Storm Battle Group
Intrepid Crossing
Posted - 2011.01.03 13:17:00 - [11]
 

Originally by: Mara Rinn
Adding an authenticator is a great way to stop people sharing accounts.

Since Bobbeh told me that I'm a "nerf supercarriers" troll, I feel it is my duty to the denizens of nullsec to insist on authenticators being added to EVE online as a compulsory measure to prevent account sharing.

If you want supercarriers and titans available 24x7, sign up some Oceanic pilots :)

Nerf titans, buff Australia! Add compulsory authenticators to EVE accounts!



Mara Rinn for CSM. Vote NAO!

Supercon
Posted - 2011.01.04 00:59:00 - [12]
 

Edited by: Supercon on 04/01/2011 01:00:15
The problem doesn't step from hackers hacking into your account. The problem is the owner of the account. Do you have sufficient anti-malware software? Do you have a sufficient firewall setup? Do you make sure your passcode is complicated as hell? Do you make sure that you NEVER share your passcode nor use the same passcode on separate web-based services? Do you make sure to NEVER click on any links that CLAIM to be from CCP, even though they may genuinely be from CCP? Do you make sure to NEVER get involved with ISK farmers? Do you change your passcode every so often?

If you answer "no" to any of these, then you are the problem.

I got multiple anti-virus softwares, a good firewall (all updated and used regularly), and a passcode that's so complicated that not even Julian Assange could figure out (and they get longer every time I change them). So far, my account has not been hacked and I have been on EVE for more than 3 years.

Nye Jaran
Posted - 2011.01.04 02:05:00 - [13]
 

Edited by: Nye Jaran on 04/01/2011 02:05:18
Originally by: Supercon
Edited by: Supercon on 04/01/2011 01:00:15
The problem doesn't step from hackers hacking into your account.


I've used a 5 or 6 digit RNG authenticator before (don't remember which, it's been a while). It generated a new combination once every 30 seconds. It's good enough for large companies with secured data, it should be good enough for Eve.

Mara Rinn
Posted - 2011.01.04 03:00:00 - [14]
 

As for Melantari's comments about all the "stuff" being costly to replace, I'd suggest that players need to learn the difference between "rich" and "wealthy" - you can sell PLEX and be rich, or you can start a corporation and be wealthy.

Decus Daga
Black Thorne Alliance
Posted - 2011.01.04 03:24:00 - [15]
 

Damn right i want a token generator!

Supercon
Posted - 2011.01.04 18:54:00 - [16]
 

Well, if people still insist on a token generator, then let me at least recommend tying one's cellular phone to the account. Google's Gmail uses this method to ensure that the person requesting a password reset is the right person. I have a Gmail account setup in this fashion. Before, you had to tie in Gmail with another email account like Hotmail or setup a security question. Nowadays, my cell phone is the only key and I keep it on me all the time.

It would be nice if CCP allowed us to tie our cell phones into our accounts and send us a randomly-generated Token number through that.

AtheistOfFail
AoF Lottery Services
Posted - 2011.01.06 22:01:00 - [17]
 

There are even software token generators. I believe i saw a friend running one on his smartphone to get a Starcraft 2 code. Just link it to your account then require it as you're signing on. Tie it to 3 computers max requiring email authentication for each one and you're golden. They would have to compromise your email address, your account and then get the software token generator. Although this would probably take a little deployment time and a little bit of expense it would probably be worth it.

Laechyd Eldgorn
Caldari
draketrain

Posted - 2011.01.07 21:11:00 - [18]
 

If there is some reasonable ways to make accounts more secure it is nice.

Melantari
Posted - 2011.01.11 07:38:00 - [19]
 

This really needs to be moved up in there list of fixes.

Too many characters are leaving the game due to this type of incident where the victim is not looked after.

ViolenTUK
Gallente
Demolition Men

Posted - 2011.01.11 08:17:00 - [20]
 

It would help if CCP stopped treating isk if it was real money.

Aineko Macx
Posted - 2011.01.11 12:30:00 - [21]
 

GIEV AUTHENTICATOR NAO

Aphrodite Skripalle
Galactic Defence Consortium
Posted - 2011.01.11 13:36:00 - [22]
 

Edited by: Aphrodite Skripalle on 11/01/2011 13:44:59
I already mentioned this several times, there is a very easy, free but military secure way if you use a crypted 2 key (public and private key) version in the way how
pgp works.

http://www.gnupg.org/

Its not hackable, safe and free. Just do it, ccp !


 

This thread is older than 90 days and has been locked due to inactivity.


 


The new forums are live

Please adjust your bookmarks to https://forums.eveonline.com

These forums are archived and read-only