Lt. Commander
Join Date: Dec 2007
Posts: 120
# 11
02-01-2010, 12:27 PM
Yeah if they could prove the bank prolly would not give your money back.I was just joking around with that...Shame u could not answer the actual question i had tho
Lt. Commander
Join Date: Dec 2007
Posts: 120
# 12
02-01-2010, 12:27 PM
Quote:
Originally Posted by Versch View Post
I am no security guro but...our account name is displayed in our chat windows. A hacker only needs our password now. Your account would be doubly safer if our account name WASN'T known.

They are not account names. God, how many times are people going to say this. You were given the option on account creation to have an ingame handle. If you made that the same as your account name, then you were dumb. Plain and simple. Just contact accounts/billing and tell them you want it changed. give them 3 names in order of preference you want it changed to, and they will do it.



Quote:
As far as the WoW authenticator...the majority of hacks came AFTER they enforced creating a battlenet account...which made your account name what?...oh, your EMAIL address! Of course you can change your account name now, but unsure if it was always available.
here we go again. Listen.

You already had a keylogger on your computer when you made a battle.net account ok? When you had to re-enter your information into the new accoutn servers, the keylogger grabbed it all. Understand now?

Stop spreading rumours, and throwing around unwarranted accusations. If you did this outside of the game, you'd more than likely end up in legal trouble.
Lt. Commander
Join Date: Dec 2007
Posts: 120
# 13
02-01-2010, 12:28 PM
Quote:
Originally Posted by Versch View Post
I am no security guro but...our account name is displayed in our chat windows. A hacker only needs our password now. Your account would be doubly safer if our account name WASN'T known.
This is a very good point, and it is something I am concerned with as well. It would be safer to log in with an e-mail address as well as the account name and password. Your e-mail address can be hidden from others, but not your account name. Has anyone put this concern in the Feedback forum? This is not the right forum for this topic.

EDIT:
Quote:
Originally Posted by tedgp123 View Post
You were given the option on account creation to have an ingame handle. If you made that the same as your account name, then you were dumb. Plain and simple.
That is very simple, yes. I apparently was dumb. I will look into changing this. Thank you for pointing this out!
Lt. Commander
Join Date: Dec 2007
Posts: 120
# 14
02-01-2010, 12:37 PM
Funny enough i agree with all u all tho if u get hacked it is your own fault...I think my account got hacked as i logged into my account on website thru a friends computer otherwise i would not had been hacked.Mind u it was the ONLY and first time i ever been hacked and i had been playing since wow original came out. i know how to secure my comp that's for sure.Shame i was a tool and trusted my friends PC when i shouldnt had.
Lt. Commander
Join Date: Dec 2007
Posts: 120
# 15
02-01-2010, 12:38 PM
Quote:
Originally Posted by Avai View Post
This is a very good point, and it is something I am concerned with as well. It would be safer to log in with an e-mail address as well as the account name and password. Your e-mail address can be hidden from others, but not your account name. Has anyone put this concern in the Feedback forum? This is not the right forum for this topic.

EDIT:

That is very simple, yes. I apparently was dumb. I will look into changing this. Thank you for pointing this out!
Having your account name doesnt help much, as anyone trying to access your account would also need your password. Now, assuming you were smart and did not use a dictionary word, or 1337 variation there of, the only option would be to brute-force the login to get your password.

I would bet a considerable sum of money that Cryptic's account server will do something once it see's 30+ wrong passwords a second coming in to someone's account in order to stop a brute force attack, the easiest method being to IP-ban the source, or even lock the account.
Lt. Commander
Join Date: Dec 2007
Posts: 120
# 16
02-01-2010, 12:48 PM
Quote:
Originally Posted by Pandajuice View Post
Basically with any online venture, if you get hacked, it's pretty much your fault. You clicked on something you shouldn't have, gave your account name out in public, or are harboring a trojan/keylogger on your machine. Blizzard's authenticator is just money-grabbing BS and unnecessary to those with half a brain.

It's not really Cryptic's responsibility to ensure the security of your account, it's yours. Make it as secure as possible with an abstract account name, complex password, keep your machine clean of spyware and viruses, and don't click on spam emails. Simple as that really.
It may your fault, but that doesn't mean that Cryptic shouldn't implement a token-based authentication. Blizzard's authenticator is not just money-grabbing BS. It's called customer service. Blizzard provides account restoration service in the case that an account compromise is confirmed.

The authenticator is offered as a service to customers for additional security to their account and to help reduce the amount of time that Blizzard has to devote to investigating and working to restore compromised accounts. I can say with almost certainty that authenticator sales will never fully offset the cost of the additional hardware, software licenses, and engineers to develop and deploy it, as well as the technician time spent investigating accounts, identifying lost items or characters, and just generally restoring the account to its previous state.

The authenticator reduces the number of compromises, gives the customers additional security to not be compromised, and is just a generally good security practice that is used by thousands of companies world-wide. Multi-factor authentication adds an incredible amount of security to user accounts, regardless of how those accounts are used.

Furthermore, World of ******** is not even the only MMO to implement such an infrastructure. I know that FFXI also offered a token-based login and I'm sure that other online games have as well. It's simply a good practice to offer this service to the customers. If the users feel that it is unnecessary, like yourself, then they don't have to use it, but for others that have more concern for their account's security, it is a great addition to the account.

Here's one example of an authentication token: http://en.wikipedia.org/wiki/SecurID
Lt. Commander
Join Date: Dec 2007
Posts: 120
# 17
02-01-2010, 12:50 PM
Sorry if it was in the wrong thread i just saw Questions about Star Trek Online so i posted in here.Information and Discussion i decided to put here as i am trying to find the information out.As i said before if anyone could Direct me to any posts or Anything to do with the subject i will be in your debt..
Lt. Commander
Join Date: Dec 2007
Posts: 120
# 18
02-01-2010, 12:53 PM
Quote:
Originally Posted by tedgp123 View Post
Blizzard uses authenticators because there were thousands of very stupid players getting hacked. They were sick of restoring accounts that the players got hacked, so they issued authenticators to lessen the workload on their staff.

STO does not need it. If YOU can't keep YOUR computer secure, then you really shouldnt be using the internet. Tough words i know, but it's the truth.
Nothing is un-hackable.
Lt. Commander
Join Date: Dec 2007
Posts: 120
# 19
02-01-2010, 12:55 PM
Quote:
Originally Posted by tewnam View Post
It may your fault, but that doesn't mean that Cryptic shouldn't implement a token-based authentication. Blizzard's authenticator is not just money-grabbing BS. It's called customer service. Blizzard provides account restoration service in the case that an account compromise is confirmed.[/url]

Yeah this is what i was getting at Basically from the original post...
Lt. Commander
Join Date: Dec 2007
Posts: 120
# 20
02-01-2010, 01:30 PM
Quote:
Originally Posted by Pandajuice View Post
I doubt it. Cryptic is focused on actually launching the game at this point and having it be successful. Like I said before, it's your responsibility to ensure the security of your account, not theirs. You don't get hacked by simply logging into the game. You get hacked by doing something stupid and compromising your own security.

Blizzard is only offering the authenticators now because of their asinine requirement introduced a few months ago of forcing everyone to switch their accounts over to Battle.net accounts, which compromised many of them. It was a major SNAFU on their part that they had to fix.

Cryptic hasn't done that.
Epic fail for your lack of knowledge. Blizzard has been offering the Authenicator for well over a year. Long before they required that people move their accounts over to Battle.net. In fact is was first offered June 28-29 2008 at the Blizzard Inventational in Paris.

BTW, concerning you earlier post about just creating a stronger password....if someone wants the information, they will get it...period...end of story.

The fact that Cryptic allows your Forum/Website username to be your @handle in game, isn't the players issue, its Cryptic's. Our account names shouldn't be shown inside the game....period...end of story. They shouldn't even allow the system to allow users the ability to make the Account Name and @handle the same when signing up.
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


All times are GMT -7. The time now is 11:09 PM.