These forums have been archived and are now read-only.

The new forums are live and can be found at https://forums.eveonline.com/

Assembly Hall

 
  • Topic is locked indefinitely.
 

[Proposal] Introduce RSA style security to account login (optional)
Author
Previous Topic Next Topic
Bruno Bourque
#1 - 2012-02-24 12:56:11 UTC
Done a search and only found 1 post that mentions it at all, and that is quoted at the bottom of this post.

Firstly, I have never had my accounts hacked. I have a decent length password, alpha-numeric with symbols ect.
But as added security a lot of new release games are giving the option to purchase a physical RSA style token that when activated means that without the physical token you cant login to the game even if you have the password.

I think that something like this to login to the client would improve security on accounts and reduce hacked accounts.

Things to make clear tho:

  • This should be optional, if you dont want one, you shouldnt have to have one.
  • This should be configurable to allow you to choose what asspects of Eve need a token, Account Managment, Forums, Client ect.
  • A single token should be used for all your accounts. Not 1 token per account.


Flame on

Max Kolonko wrote:
I noticed that OP have relly hard time understanding that people have dynamic IP adresses.

Again - I agree that security can be tightened for the sake of it. For example, some time age (fanfest) they showed those devices (tokens?) that generates numeric code based on build-in unique seed. They could make it finally available, so players can buy it and be sure that their accounts are safe
Danika Princip
GoonWaffe
Goonswarm Federation
#2 - 2012-02-24 13:25:36 UTC
Did you actually read that quote?

Why suggest something CCP are already doing? (albeit slowly)
Bruno Bourque
#3 - 2012-02-24 14:18:39 UTC
So a users post means CCP is actually working on it? There is no mention of it anywhere other than that 1 post.
Drake Draconis
Brutor Tribe
Minmatar Republic
#4 - 2012-02-24 14:57:26 UTC
Danika Princip wrote:
Did you actually read that quote?

Why suggest something CCP are already doing? (albeit slowly)



Proof please...

================ STOP THE EVEMAIL SPAM! https://forums.eveonline.com/default.aspx?g=posts&t=78152
mxzf
Shovel Bros
#5 - 2012-02-24 15:45:17 UTC
If people would just be smart about their computer security there would never be an issue. The only time a third party has access to someone's account is when they've given their password away, either on purpose or accidentally. Physical keys doesn't prevent outside attackers from getting access any more than passwords do, it just makes it harder for the user to give away their password by being stupid.

Oh, and you can already rig up physical security keys to work with Eve with a bit of knowhow.
Bruno Bourque
#6 - 2012-02-24 16:29:14 UTC
mxzf wrote:
If people would just be smart about their computer security there would never be an issue. The only time a third party has access to someone's account is when they've given their password away, either on purpose or accidentally. Physical keys doesn't prevent outside attackers from getting access any more than passwords do, it just makes it harder for the user to give away their password by being stupid.

Oh, and you can already rig up physical security keys to work with Eve with a bit of knowhow.


Users will always be users. Thats a given, but if you need a code off a physical device in order to login, how exactly do you propose I get hold of that code without the device?

Also, care to elaborate or support your comment that this can be done already? (Post-it notes with your password dont count)
Danika Princip
GoonWaffe
Goonswarm Federation
#7 - 2012-02-24 16:51:48 UTC
Drake Draconis wrote:
Danika Princip wrote:
Did you actually read that quote?

Why suggest something CCP are already doing? (albeit slowly)



Proof please...


It was announced at fanfest last year :V
Drake Draconis
Brutor Tribe
Minmatar Republic
#8 - 2012-02-24 20:46:05 UTC  |  Edited by: Drake Draconis
Danika Princip wrote:
Drake Draconis wrote:
Danika Princip wrote:
Did you actually read that quote?

Why suggest something CCP are already doing? (albeit slowly)



Proof please...


It was announced at fanfest last year :V


I was asking for documented proof....not word-of-mouth crap.

Anyone can say they are working on it(tm)

Give me a dev blog....or an CCP annoucement saying this.

================ STOP THE EVEMAIL SPAM! https://forums.eveonline.com/default.aspx?g=posts&t=78152
Grey Azorria
Federation Industries
#9 - 2012-02-24 21:21:43 UTC
One major issue with authenticators or whatever is that it will be a huge PITA for people with multiple accounts, which in EVE is pretty much everyone. So if they are optional, a lot of people will never use them, if they are not, then prepare for authenticator-gate (any technical issues with getting them to securely work with multiple accounts not withstanding).

(also @OP it doesn't matter a damn how much you have your numbers, letters and cases mixed up in your password, PROOF)

Do not argue with an idiot. He will drag you down to his level and beat you with experience.

Sometimes when I post, I look at my sig and wish that I'd follow my own god damned advice.
Bruno Bourque
#10 - 2012-02-24 21:35:40 UTC
Grey Azorria wrote:
(also @OP it doesn't matter a damn how much you have your numbers, letters and cases mixed up in your password, PROOF)

Cartoons are proof ?
Grey Azorria
Federation Industries
#11 - 2012-02-24 21:48:17 UTC
Bruno Bourque wrote:
Grey Azorria wrote:
(also @OP it doesn't matter a damn how much you have your numbers, letters and cases mixed up in your password, PROOF)

Cartoons are proof ?

No, the math within that particular cartoon is proof.

Do not argue with an idiot. He will drag you down to his level and beat you with experience.

Sometimes when I post, I look at my sig and wish that I'd follow my own god damned advice.