Silly question time On the confirmation email I got from Cryptic it's told me my machine name and I.P address.... My IP changes each time I reboot my router, is STO going to have a sulk after the next reboot?
its the same basic concept that facebook has. I save the machine, and i can therefor log into my facebook from this machine at any time without causeing a security problem. but if someone tries to log into my facebook from a device that i have not saved, i get an email informing me of that. and IF i did not authorize it, there are steps that can be taken after that. It makes all logical sense to me.
hate it .....what a waste of time that could of been dedicated to making the account bank everything we wanted instead of a glorified mail system we already have and didn't like, that is why we asked for an account bank......some people just do not get it.
You want all items within our accounts in a single bank so hackers can cleanout an account even quicker, before extra security is added?
Offering such an ability in banking would probably encourage hacking big time. It would make it far more worth a hackers time and effort to hack someone they know is a vet with 10 characters. Especially one who brags about having a lot.
Security measure sounds alright and would be best being put in place before encouraging hackers. I do wonder how many hackers will also target someones emails.
This is mainly for PWE_Branflakes, since he seems to be the one running this thread:p
Seems everyone's main concern is, if a hacker tries to access and account from the game client itself, then yeah, the system catches it. But there is a whole new problem. Now the hacker knows they have the right password. They can now, simply log into STO website, and change the password in there, and reroute all sto based emails, and then do what is necessary to get the prompt again, with a code containing email sent to them. From there they can remove the computer normally used from the access list, and make the account theirs in every sense of the word. So the concern being voiced here is, why block the in-game client at all if all that's going to do is make it so the hacker has to do a little password changing and email rerouting and be inconvenienced of about 5 minutes of their time.
But what I would like to say is, a half baked feature that has its other half in the works is better than no feature at all. If nothing else, since the majority of us have smartphones that notify us the instant we get an email, once we got the message, we simply beat the hacker to the punch, and tell cryptic what is going on so they can take over. After all, I am sure there is a computer somewhere that keeps a listing of all the accessing information on each account stored somewhere so that it can be used for investigative purposes, and even if there wasn't, all computers keep records of that type somewhere.
In short: most people here are saying its an excellent concept, it just has a major back door flaw. That flaw being the ability to, after confirming that the password is correct, simply using the website itself to finish the take over process.
Anyway, just wanted to put that out there, and basically give you a condensed version of what everyone here, aside from the guy talking about the account banking system., is saying. And what that is is: Nice car...now, can I also get locks for the rear passenger doors?
It's nice that Cryptic is finally doing something, but I'm not too fond of this system. It does not account for those with alternate computers (like how some people like to sometimes play from their laptops) or using a relatives computer on vacation. And like said previously, it's not accounting for variations of the IP if the router is reset or you have a roving IP.
Furthermore, It would be really nice to visually see Log-In times, which could help us immediately recognize unauthorized accesses. As well as failed password attempts since you last sucessfully logged on.