Lt. Commander
Join Date: Dec 2007
Posts: 120
# 21
06-11-2012, 03:38 AM
How is the "different computer" determined? If it's by IP, how do you deal with dynamic IPs? PlusNet in the UK, for example, use these, and I know a lot of other companies do, too.
Lt. Commander
Join Date: Dec 2007
Posts: 120
# 22
06-11-2012, 12:01 PM
Silly question time On the confirmation email I got from Cryptic it's told me my machine name and I.P address.... My IP changes each time I reboot my router, is STO going to have a sulk after the next reboot?
Lt. Commander
Join Date: Dec 2007
Posts: 120
# 23
06-11-2012, 12:45 PM
that is what that wierd code was for will we have to do again when goes live?
Lt. Commander
Join Date: Dec 2007
Posts: 120
# 24
06-11-2012, 12:45 PM
its the same basic concept that facebook has. I save the machine, and i can therefor log into my facebook from this machine at any time without causeing a security problem. but if someone tries to log into my facebook from a device that i have not saved, i get an email informing me of that. and IF i did not authorize it, there are steps that can be taken after that. It makes all logical sense to me.
Lt. Commander
Join Date: Dec 2007
Posts: 120
# 25
06-15-2012, 05:21 AM
Quote:
Originally Posted by picardalpha2clearance View Post
hate it .....what a waste of time that could of been dedicated to making the account bank everything we wanted instead of a glorified mail system we already have and didn't like, that is why we asked for an account bank......some people just do not get it.
You want all items within our accounts in a single bank so hackers can cleanout an account even quicker, before extra security is added?

Offering such an ability in banking would probably encourage hacking big time. It would make it far more worth a hackers time and effort to hack someone they know is a vet with 10 characters. Especially one who brags about having a lot.

Security measure sounds alright and would be best being put in place before encouraging hackers. I do wonder how many hackers will also target someones emails.
Lt. Commander
Join Date: Dec 2007
Posts: 120
This is mainly for PWE_Branflakes, since he seems to be the one running this thread:p

Seems everyone's main concern is, if a hacker tries to access and account from the game client itself, then yeah, the system catches it. But there is a whole new problem. Now the hacker knows they have the right password. They can now, simply log into STO website, and change the password in there, and reroute all sto based emails, and then do what is necessary to get the prompt again, with a code containing email sent to them. From there they can remove the computer normally used from the access list, and make the account theirs in every sense of the word. So the concern being voiced here is, why block the in-game client at all if all that's going to do is make it so the hacker has to do a little password changing and email rerouting and be inconvenienced of about 5 minutes of their time.

But what I would like to say is, a half baked feature that has its other half in the works is better than no feature at all. If nothing else, since the majority of us have smartphones that notify us the instant we get an email, once we got the message, we simply beat the hacker to the punch, and tell cryptic what is going on so they can take over. After all, I am sure there is a computer somewhere that keeps a listing of all the accessing information on each account stored somewhere so that it can be used for investigative purposes, and even if there wasn't, all computers keep records of that type somewhere.

In short: most people here are saying its an excellent concept, it just has a major back door flaw. That flaw being the ability to, after confirming that the password is correct, simply using the website itself to finish the take over process.

Anyway, just wanted to put that out there, and basically give you a condensed version of what everyone here, aside from the guy talking about the account banking system., is saying. And what that is is: Nice car...now, can I also get locks for the rear passenger doors?
Lt. Commander
Join Date: Dec 2007
Posts: 120
# 27
06-19-2012, 12:43 AM
It's nice that Cryptic is finally doing something, but I'm not too fond of this system. It does not account for those with alternate computers (like how some people like to sometimes play from their laptops) or using a relatives computer on vacation. And like said previously, it's not accounting for variations of the IP if the router is reset or you have a roving IP.

Furthermore, It would be really nice to visually see Log-In times, which could help us immediately recognize unauthorized accesses. As well as failed password attempts since you last sucessfully logged on.
Captain
Join Date: Jun 2012
Posts: 1,754
# 28
06-20-2012, 03:12 AM
Bump, just testing if we can still post in 'archived' threads.

Edit: Ok, one thing to remove from the "How many ways does this merger suck" list.

Re-edit: Wtf? Why didn't it return me to the thread? O_O

Re-re-edit: Ok, that's annoying.
Career Officer
Join Date: Jun 2012
Posts: 206
# 29
06-20-2012, 03:37 AM
That is just downright bizarre, seeing all the names on all the old posts changed to "Archived Post"... it's like, spooky. :frown:

I don't like that.
Username: PodSix
Join Date: 11/09/2009
Fleet: None
Ensign
Join Date: Jun 2012
Posts: 19
# 30
06-20-2012, 04:12 AM
Quote:
Q: Can I opt out of Account Guard?
A: Yes. At this time you will need to Contact Customer Support to opt out of Account Guard.
***
Good. Can't stand all that security crap.

So when do we need to contact customer support and how to contact them? Standard support ticket?

__________________________________________________ ___________
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


All times are GMT -7. The time now is 10:30 AM.