These forums have been archived and are now read-only.

The new forums are live and can be found at https://forums.eveonline.com/

EVE General Discussion

 
  • Topic is locked indefinitely.
 

IF log in have CAPTCHA (It won't)
Author
Previous Topic Next Topic
Just Lilly
#41 - 2012-07-17 19:21:01 UTC
How about an mobile authenticator instead, like the one Blizzard use.
It's a free app for your smartphone.

Everyone use smartphones...
Powered by Nvidia GTX 690
Dave stark
#42 - 2012-07-17 19:23:36 UTC
user name and password is fine. this is a game not my online banking.
Lin-Young Borovskova
Doomheim
#43 - 2012-07-17 19:25:51 UTC
Finde learth wrote:
Oberine Noriepa wrote:

Note that those screenshots feature the launcher and not the client itself. It's not a bad thing in the slightest.


You can't log in unless you use the launcher log in.
So it means if eve auto restart for any reasons, you need to close the auto restart EVE then use the launcher log in.

That's very annoying.

And the launcher log in won't save your account name.



Nor prevents the account of being stolen or bots anyway, well maybe just in some silly dudes minds.

brb
Cede Forster
Deep Core Mining Inc.
Caldari State
#44 - 2012-07-17 19:34:51 UTC
optional authenticator would be nice,
just using username + password to secure the account feels a little like walking at night through detroit

with a blond wig, a miniskirt and bag full of drugs
Tarsus Zateki
Viziam
Amarr Empire
#45 - 2012-07-17 22:55:06 UTC
Dave stark wrote:
user name and password is fine. this is a game not my online banking.


Of course stealing banking information is a felony in most countries while stealing an Eve Online account isn't. Having a little extra security on something you value that has no real criminal repercussions isn't a bad idea. The value of stolen WoW accounts is the reason Blizzard sells authentication fobs at a loss and provides free authenticators for smart phones. They can't prosecute account thieves and the customer service costs of dealing with stolen accounts is far more than the price of fobs.

Its even worse in Eve Online as a compromised account can not only result in a loss of ISK and assets but could jeopardize the gameplay and assets of hundred or thousands of other people in the case of corporation CEOs and alliance executors.

You asked me once, what was in Room 101. I told you that you knew the answer already. Everyone knows it. The thing that is in Room 101 is the worst thing in the world.
Terminal Insanity
KarmaFleet
Goonswarm Federation
#46 - 2012-07-17 23:03:30 UTC
YES make this a requirement for trials or accounts that are less then a few months old.

NO, DO NOT MAKE ME FILL IN THOSE GODDAMN UNREADABLE CAPTCHAS EVERY ******* GODDAMN TIME I LOG IN.

I already spend more time trying to decipher captchas then anyone should have to.

"War declarations are never officially considered griefing and are not a bannable offense, and it has been repeatedly stated by the developers that the possibility for non-consensual PvP is an intended feature." - CCP
Mr M
Sebiestor Tribe
#47 - 2012-07-17 23:59:33 UTC
I hate it when I get a captcha like this.

Share your experience

Write for the EVE Tribune

www.eve-tribune.com
Vitamin B12
#48 - 2012-07-18 05:27:51 UTC
dexington wrote:
Chokichi Ozuwara wrote:
Captcha does nothing to secure your account. Bots are designed to capture captchas and fire them off to third party solving services (manual and automated) which beat them easily.

Adding this would be stupid. It would be like 2008 all over again.


It protects you account against brute force attacks, or at least makes the process of brute force attacks slow and expensive if there is no way to decode the answer without human interaction.


Brute Force need to be adressed on the server side (CCP) not on the client. If a file is on my computer I can modify it. That is really bad and weak protection. Never give the user control over something.

Regarding "login attempts": I would really like to see the security feature we already got on evegate also in the client. If you are logging in first time with this maschine ask for character names on the account.

/vita

Capital Ships Related BPC's & BPO's // fair price // fast delivery https://forums.eveonline.com/default.aspx?g=posts&m=973041
dexington
Caldari Provisions
Caldari State
#49 - 2012-07-18 06:25:20 UTC
Vitamin B12 wrote:
Brute Force need to be adressed on the server side (CCP) not on the client. If a file is on my computer I can modify it. That is really bad and weak protection. Never give the user control over something.


I'm not sure i get your point, the image is generated server side, and send to the client. You can modify the image as you like, but the server is still going to require the correct answer associated with the image, to grant you access to the system.

I'm a relatively respectable citizen. Multiple felon perhaps, but certainly not dangerous.
Altrue
Exploration Frontier inc
Tactical-Retreat
#50 - 2012-07-18 07:52:36 UTC
This should be interesting to prevent botting, or at least to make their life harder after downtime, requiring a manual intervention.

So, the idea of having a CHAPTA for the first months of an account is imo a good idea.

After.. I see no point, an optionnal authentificator would be fine.

Signature Tanking Best Tanking

[Ex-F] CEO - Eve-guides.fr

Ultimate Citadel Guide - 2016 EVE Career Chart
Haffsol
#51 - 2012-07-18 08:12:15 UTC
sorry I'm a bot and can't read captcha

is https too easy to implement or what?
dexington
Caldari Provisions
Caldari State
#52 - 2012-07-18 08:35:08 UTC
Haffsol wrote:
is https too easy to implement or what?


It's two different thing, https is applying a application layer cryptographic protocol to the http protocol, http + ssl. This is used to avoid eavesdropping and tampering of the data send between two computers.

Captcha is primary a means to try and force human interaction in a given process, most often the login process.

I'm a relatively respectable citizen. Multiple felon perhaps, but certainly not dangerous.
ChrisDude70
AlcoDOTTE
Test Alliance Please Ignore
#53 - 2012-07-18 10:38:46 UTC
Kisumii wrote:
This is bollocks, Just do what RIFT did, If you log in from unfamiliar IP you cannot spend or move any items until you check your email for the coin lock code and punch it in game. Simples.

Unless ofcourse you was dumb enough to get your game AND email hacked...


This would be a massive pain for us folks with dynamic IPs.




IIRC CCP had some form of keyfob authentication in the works from a few years ago.
Aramatheia
Tiffany and Co.
#54 - 2012-07-18 11:02:15 UTC  |  Edited by: Aramatheia
Tarsus Zateki wrote:
Using two part authentication works really well in Blizzard's line of games. No one that uses an authenticator has been publicly proven to have had their accounts compromised (lots of folks that have lied about having one though and have been hilariously called out by Blizzard GMs after claiming to be hacked). Of course with nearly ten million subscribers to World of Warcraft and several million other players in Diablo 3 there is a huge market for currency and items sourced from stolen accounts. I wonder how large an issue this is in Eve Online.

Either way as a user of an authenticator in my Blizzard games I'd happily support two part authentication in Eve Online, even if it was a just a simple E-Mail code sent to you when you try to log-in through an unfamiliar IP Address and such.

Edit: In before everyone who's afraid of change.


best part of blizzards authenticator is even if you havent used a blizzard game in a year (such as myself) youry account is still secure, i check on mine from time to time i just dont play the games anymore. I'd be fine with a physical eve authenticator just like the blizz one. In fact more so then stupid captcha's which only work because the letters are 99% unreadable and a human has to click through about 20 options of crap to find something that actually resembles alpha numeric entities
Verfanny
Brave Empire Inc.
Brave United
#55 - 2012-07-18 13:05:22 UTC
On the other hand it could be worse than a CAPTCHA. Look at L2 and Aion where you have to manually enter a 6 digits PIN on a constantly shifting virtual keypad each time you want to log in with a character, and of course the PIN is different for each of your character.
Lilliana Stelles
#56 - 2012-07-18 13:10:01 UTC
Captchas I can deal with.

Just so long as I don't have to carry around a plastic authenticator to play the game.

Not a forum alt. 
dexington
Caldari Provisions
Caldari State
#57 - 2012-07-18 13:18:55 UTC
Lilliana Stelles wrote:
Just so long as I don't have to carry around a plastic authenticator to play the game.


If/when two-factor authentication is added, i think it's going to be optional to use it, at least that is now it was implemented in other popular mmo's.

I'm a relatively respectable citizen. Multiple felon perhaps, but certainly not dangerous.
Lilliana Stelles
#58 - 2012-07-18 13:31:07 UTC
dexington wrote:
Lilliana Stelles wrote:
Just so long as I don't have to carry around a plastic authenticator to play the game.


If/when two-factor authentication is added, i think it's going to be optional to use it, at least that is now it was implemented in other popular mmo's.

Swtor and Diablo 3 both REQUIRED authentication to use specific features. I ended up buying them before I got a smartphone. I'd rather not have to deal with it in Eve.

Not a forum alt. 
Verfanny
Brave Empire Inc.
Brave United
#59 - 2012-07-18 13:32:34 UTC
Lilliana Stelles wrote:
Captchas I can deal with.

Just so long as I don't have to carry around a plastic authenticator to play the game.


There will most likely be a smartphone app too.
Palovana
Inner Fire Inc.
#60 - 2012-07-18 14:39:18 UTC
Mr M wrote:
I hate it when I get a captcha like this.

Δεν έχετε ελληνικό αλφάβητο στο πληκτρολόγιό σας?

Please support: export of settings in editable format

Your stuff goes here.