These forums have been archived and are now read-only.

The new forums are live and can be found at https://forums.eveonline.com/

Player Features and Ideas Discussion

 
  • Topic is locked indefinitely.
 

authenticator
Author
Previous Topic Next Topic
Maria Dragoon
Brutor Tribe
Minmatar Republic
#1 - 2014-08-14 04:07:12 UTC  |  Edited by: Maria Dragoon
Don't know if this is the right place to put this but... I would like to say...

If Eve online produce an authenticator system, or key chain digipass, I would buy the crap out of that...

That you for reading this :)

Life is really simple, but we insist on making it complicated. Confucius

"A man who talks to people who aren't real is crazy. A man who talks to people who aren't real and writes down what they say is an author."
Jur Tissant
Garoun Investment Bank
Gallente Federation
#2 - 2014-08-14 04:29:26 UTC
Doesn't sound bad for an added layer of protection. Blizzard has a smartphone app which I find convenient.
Nariya Kentaya
Ministry of War
Amarr Empire
#3 - 2014-08-14 06:19:02 UTC
Jur Tissant wrote:
Doesn't sound bad for an added layer of protection. Blizzard has a smartphone app which I find convenient.

problem a friend of mine ran into, was his smartphone got sat on (by him, yeah, hes that heavy, 7ft dude, lotta muscle), anyways, took him 2 months to get Blizzard to reset his authenticator so he could access his account again.

Granted, this was shortly after they created the whole smartphone authenticator thing, so maybe theyve changed or streamlined practices since then, but still.
Maria Dragoon
Brutor Tribe
Minmatar Republic
#4 - 2014-08-14 20:34:49 UTC
I was talking more about the single button press that you stick on your keychain authenticator :)

Life is really simple, but we insist on making it complicated. Confucius

"A man who talks to people who aren't real is crazy. A man who talks to people who aren't real and writes down what they say is an author."
Celthric Kanerian
Viziam
Amarr Empire
#5 - 2014-08-15 00:03:07 UTC
I don't see why this shouldn't be a thing... But in truth, I've never heard of a player gotten hacked in all of my time in Eve.
Arya Regnar
Darwins Right Hand
#6 - 2014-08-15 01:09:42 UTC
Celthric Kanerian wrote:
I don't see why this shouldn't be a thing... But in truth, I've never heard of a player gotten hacked in all of my time in Eve.

Oh it happens, I buy good characters sometimes and I had 3 characters I wanted to buy be a victim of theft.

Thiefs steal account and liquidate everything to RMT isk to RL currencies.

Too good to be true applies.

EvE-Mail me if you need anything.
Alvatore DiMarco
Capricious Endeavours Ltd
#7 - 2014-08-15 01:13:09 UTC  |  Edited by: Alvatore DiMarco
If I recall correctly, CCP said something about looking into this kind of thing a long time ago.

Obviously there hasn't been much talk about it since or else I'd remember better.

They got distracted with avatars and scanner sweeps and pirate factions instead.

CCP, you're so ADD.
Maria Dragoon
Brutor Tribe
Minmatar Republic
#8 - 2014-08-15 01:18:18 UTC
Alvatore DiMarco wrote:
If I recall correctly, CCP said something about looking into this kind of thing a long time ago.

Obviously there hasn't been much talk about it since or else I'd remember better.

They got distracted with avatars and scanner sweeps and pirate factions instead.

CCP, you're so ADD.


Vote up to get CCP less ADD then?

Life is really simple, but we insist on making it complicated. Confucius

"A man who talks to people who aren't real is crazy. A man who talks to people who aren't real and writes down what they say is an author."
Ix Method
Doomheim
#9 - 2014-08-15 16:37:06 UTC
As long as it can use generic Google Authenticator, etc. Having 50 different apps to trawl through everytime you get a new phone is an absolute ballache Smile

Travelling at the speed of love.
Maria Dragoon
Brutor Tribe
Minmatar Republic
#10 - 2014-08-15 16:47:27 UTC
Ix Method wrote:
As long as it can use generic Google Authenticator, etc. Having 50 different apps to trawl through everytime you get a new phone is an absolute ballache Smile


Or you can buy a keychain authenticator and never have to worry about scrolling through apps! Just don't lose your keys! :D

Life is really simple, but we insist on making it complicated. Confucius

"A man who talks to people who aren't real is crazy. A man who talks to people who aren't real and writes down what they say is an author."
Frostys Virpio
State War Academy
Caldari State
#11 - 2014-08-15 16:53:11 UTC
Nariya Kentaya wrote:
Jur Tissant wrote:
Doesn't sound bad for an added layer of protection. Blizzard has a smartphone app which I find convenient.

problem a friend of mine ran into, was his smartphone got sat on (by him, yeah, hes that heavy, 7ft dude, lotta muscle), anyways, took him 2 months to get Blizzard to reset his authenticator so he could access his account again.

Granted, this was shortly after they created the whole smartphone authenticator thing, so maybe theyve changed or streamlined practices since then, but still.


Your friend either got unlucky or did something wrong. If CCP has a call center for billing issue, I'm pretty sure they would be able to handle stuff like that like Blizzard did from day 1 with both keychains and the app. The added layer of security is pretty nice to have.
Lothras Andastar
Garoun Investment Bank
Gallente Federation
#12 - 2014-08-15 18:26:32 UTC
If you are stupid enough to have your account compromised you deserve everything you get.

Because the Legacy Code has too much Psssssssssssssssh, nothing will ever get fixed until CCP stop wasting money on failed sparkle MMOs and instead rewrite the entire backend of EvE from scratch.
Maria Dragoon
Brutor Tribe
Minmatar Republic
#13 - 2014-08-15 18:39:18 UTC
Lothras Andastar wrote:
If you are stupid enough to have your account compromised you deserve everything you get.



Awrrr, what a mean thing to say! Of course, this feature just adds an even extra layer of security, though even then, I'm sure if you are "dumb enough" you can still have your account compromised, however that being said.

Some people, like me, like to have that extra layer of security.

Life is really simple, but we insist on making it complicated. Confucius

"A man who talks to people who aren't real is crazy. A man who talks to people who aren't real and writes down what they say is an author."
Bohneik Itohn
10.K
#14 - 2014-08-15 19:12:53 UTC
Most hacked accounts are inactive, as I understand it. It's easier to not draw attention from brute-force methods (How many times have you forgotten a password to some old account and made a few dozen attempts trying to reactivate it?) and can often be linked to inactive email accounts which are also easier to brute-force.

I've also been hearing more and more cases of accounts with authenticators getting cracked, so it's not really a sure-fire way to prevent your account from getting compromised anymore. It's more of a game of roulette, in my opinion. Either your account ends up on the short list, or it doesn't, but the competent account crackers seem to be able to get any account they want

Scary, when you consider that some online banking services have less security than some MMO's, but also not scary when you also consider that digital items and digital currency are not considered personal property under any country's law that I'm even vaguely familiar with. The small-timers are sticking with small-fry that won't bring anyone inconvenient sniffing in their direction.

To summarize: Something like an authenticator would be nice, if it could be guaranteed to work, but current evidence says that CCP would have to one-up all of the usual tools to make it work, and it'd just be a shiny blinking challenge beacon to people out there who enjoy or make a living off of cracking account security measures, thus putting an expiration date on it's efficacy as soon as it's implemented.

But hey, that's the internet for ya. So long as you're not silly enough to assume that it's going to be foolproof forever this wouldn't be a bad thing for CCP to implement, even if it is a false sense of security for people who don't understand that anything short of double-blind encryption can be compromised.

Wait, CCP kills kittens now too?!  - Freyya

Are you a forum alt? Have you ever wondered why your experience on the forums is always so frustrating and unrewarding? This may help.
Maria Dragoon
Brutor Tribe
Minmatar Republic
#15 - 2014-08-15 21:04:34 UTC
Bohneik Itohn wrote:
Most hacked accounts are inactive, as I understand it. It's easier to not draw attention from brute-force methods (How many times have you forgotten a password to some old account and made a few dozen attempts trying to reactivate it?) and can often be linked to inactive email accounts which are also easier to brute-force.

I've also been hearing more and more cases of accounts with authenticators getting cracked, so it's not really a sure-fire way to prevent your account from getting compromised anymore. It's more of a game of roulette, in my opinion. Either your account ends up on the short list, or it doesn't, but the competent account crackers seem to be able to get any account they want

Scary, when you consider that some online banking services have less security than some MMO's, but also not scary when you also consider that digital items and digital currency are not considered personal property under any country's law that I'm even vaguely familiar with. The small-timers are sticking with small-fry that won't bring anyone inconvenient sniffing in their direction.

To summarize: Something like an authenticator would be nice, if it could be guaranteed to work, but current evidence says that CCP would have to one-up all of the usual tools to make it work, and it'd just be a shiny blinking challenge beacon to people out there who enjoy or make a living off of cracking account security measures, thus putting an expiration date on it's efficacy as soon as it's implemented.

But hey, that's the internet for ya. So long as you're not silly enough to assume that it's going to be foolproof forever this wouldn't be a bad thing for CCP to implement, even if it is a false sense of security for people who don't understand that anything short of double-blind encryption can be compromised.



Fun fact, biggest reason why authenticators get cracked is because people fall for spoofed websites.

Life is really simple, but we insist on making it complicated. Confucius

"A man who talks to people who aren't real is crazy. A man who talks to people who aren't real and writes down what they say is an author."
Bohneik Itohn
10.K
#16 - 2014-08-15 21:19:38 UTC
Maria Dragoon wrote:

Fun fact, biggest reason why authenticators get cracked is because people fall for spoofed websites.


I wouldn't be surprised at all. The assumption could also be made that some of them fell for it because of the false sense of security the authenticator can give.

In the end nothing beats paying attention and doing what you know you're supposed to do to keep your information safe.

Wait, CCP kills kittens now too?!  - Freyya

Are you a forum alt? Have you ever wondered why your experience on the forums is always so frustrating and unrewarding? This may help.
Maria Dragoon
Brutor Tribe
Minmatar Republic
#17 - 2014-08-15 21:22:33 UTC
Bohneik Itohn wrote:
Maria Dragoon wrote:

Fun fact, biggest reason why authenticators get cracked is because people fall for spoofed websites.


I wouldn't be surprised at all. The assumption could also be made that some of them fell for it because of the false sense of security the authenticator can give.

In the end nothing beats paying attention and doing what you know you're supposed to do to keep your information safe.



Yelp, nothing is perfect, regardless of how much security one gets, someone out there will attempt to figure out how to get around it, be it through viruses. Brute force hacking, to stealing your packets to figure out what kind of information you are sending. This is why you are always careful as part of security is also part of your own responsibility. Don't download things you don't 100% trust, and always make sure where you go is safe before you enter any kind of information.

Life is really simple, but we insist on making it complicated. Confucius

"A man who talks to people who aren't real is crazy. A man who talks to people who aren't real and writes down what they say is an author."
Brutalis Furia
Hammer and Anvil Industries
#18 - 2014-08-16 21:50:29 UTC
With the announcement recently that 3rd party websites are going to be able to use the unified login, I especially would like an additional layer of security to replace the one being removed.
Maria Dragoon
Brutor Tribe
Minmatar Republic
#19 - 2014-08-17 14:03:47 UTC
Brutalis Furia wrote:
With the announcement recently that 3rd party websites are going to be able to use the unified login, I especially would like an additional layer of security to replace the one being removed.


Oh? Well, I myself never been a big fan of unified logins, which is why when it ask me if I want to log in through facebook, I'm like "NOPE!"

Life is really simple, but we insist on making it complicated. Confucius

"A man who talks to people who aren't real is crazy. A man who talks to people who aren't real and writes down what they say is an author."