| Author |
Topic |
Chribba
Otherworld Enterprises
Otherworld Empire |
Posted - 2008.05.26 15:47:00 - [ 1]
Edited by: Chribba on 26/05/2008 15:48:36I've raised this idea/issue many times before, but since this is now the official way to go here goes again  Now and then there's a wave of threads about people getting their accounts hacked, true or not - it doesn't really matter. I suggest CCP should/need to look into account security, for taking measures so that we can at least try and prevent unauthorized abuse and loss of our accounts and/or ISK/items. As I see it, there needs to be two basic features added to our accounts. One is intended for the more experienced part of the playerbase, and the other part can be used by most pilots. 1) This should be fairly simple to implement, and will not cause any major load on anyone, same as the API now has - a log of timestamps, IP's and login attempts NEEDS to be available through the account managment pages. This is very basic and will allow us to regulary see if there has been any attempts, success or not on our accounts. Lots of fails might indicate someone is trying to hack our account, and we can change password in order to make it a bit harder to gain access. This option could be used by anyone who wants to simply view account activity, and I'm sure CCP already saves this information so it shouldn't be too much of a problem displaying this on a page. This imo is the LEAST CCP could do for our account security.2) Now this is for the more advanced/experienced computer geeks. This WILL give involved parties a bit more trouble than idea 1) - AND THIS WILL NEED TO HAVE SOME SORT OF AGREEMENT WHEN ACTIVATED!The idea is simply to allow us to lock our accounts down based on IP-adresses. Single, range, and masked IP's. Very effective. Yes this will cause trouble when someone activates it and then later maybe needs to log on from somewhere else, or their IP changes. So basicly this is for people with static, or semi-static ranges. When locked, a user can reset the lock by for example having a verification mail sent to his/her email with a reset link (just like any password reset feature), and/or a time-limit added to that. If a user knows in advance he/she needs to log on from somewhere else then he/she should have enough knowledge to make proper changes in advance. THE AGREEMENT BUTTON! - This feature NEEDS to come with an agreement box stating that you are aware that by locking your account you might have trouble logging on and thus the reset proceedure can take time if needed to involve GMs etc. By making a pilot agree to use this feature there will be less whining (or maybe it won't but still - YOU AGREED!) if an error appears. The main point of 2) is that the account security will be fairly high and the risk of hacked accounts (for some of us) is just about zero. This feature, of course should be implemented in all services, ranging from the game-servers to the forum and account managment pages.Now let's make this come true! /c |
Boknamar
Gallente
Quality Control.
|
Posted - 2008.05.26 16:06:00 - [ 2]
Oh, how priceless would it be if they implemented log of accesses by IP address. I can see the thousands of frantic help requests now: "OMG!!! My account was accessed by 207.42.69.8 and my address is 192.168.2.3!!! HAX!!!!!1~
But these might be useful tools for people who know how to use them, so it's worth discussing at least. |
Slickdrac
Minmatar
hirr
Morsus Mihi
|
Posted - 2008.05.26 16:23:00 - [ 3]
That's why he pointed out "for advanced users" which is a really nice way of saying "you don't know jack **** about computers."  Definitely in support of both of these tho, especially since the failed password thing is so common in so many places. Yes it's irritating when you mistype it too much, but it's useful when you try to log in and your account was locked out. Fake edit: Also, if CCP tracked login failures by IP, if the same IP is locking an account out multiple times, there should be something put in place banning that account from contacting the server in the first place for causing a DOS for that player |
Piitaq
Gallente
19th Star Logistics
|
Posted - 2008.05.26 16:42:00 - [ 4]
Good idea!
People not interested, can just login to the game, without paying these extra features any attention. |
Ishina Fel
Caldari
Terra Incognita
Black Star Alliance
|
Posted - 2008.05.26 16:51:00 - [ 5]
Neat. |
Mistral Sud
Minmatar
Black Box Corp.
|
Posted - 2008.05.26 17:31:00 - [ 6]
This is the famous open can of worms!
So CCP should keep track of every IP adress its connected to the Server & make it public?
dream on ! |
PartyPopper
GoonFleet
GoonSwarm
|
Posted - 2008.05.26 18:04:00 - [ 7]
Edited by: PartyPopper on 26/05/2008 18:04:36WARNING! YOUR COMPUTER IS BROADCASTING AN IP ADDRESS!!!  Originally by: Mistral Sud
So CCP should keep track of every IP adress its connected to the Server
If they don't already do this then there's something very wrong with their network security. Originally by: Mistral Sud
& make it public?
Not public, read the post. You would be able to see what IP addresses were logging in to YOUR account. If everything is as it should be, that will just be your IP address(es). |
Kame Malice
Minmatar
Brutor tribe
|
Posted - 2008.05.26 18:24:00 - [ 8]
SUPPORTED!
I would so turn on that IP lock... since no one else within 1000 square miles of me even knows what eve is, i'm prety sure this would titaly secure me. :) |
SentryRaven
KIA Corporation
Zenith Affinity
|
Posted - 2008.05.26 19:08:00 - [ 9]
I am supportive of option a), since this would be used by me.
Since I would not use option b), I will not support the option, but it sounds good for those that want to use it.
All in all.... I support your idea. |
MongWen
The Devil's Right Hand
MACHI MISCHIEF
|
Posted - 2008.05.26 20:14:00 - [ 10]
Edited by: MongWen on 26/05/2008 20:14:08
I Realy need to support this. |
Dani Leone
Gallente
A Dark Cloud
|
Posted - 2008.05.26 20:26:00 - [ 11]
I like that idea a lot, shouldn't be too difficult to implement one way or the other as well :)
|
Herschel Yamamoto
Agent-Orange
Nabaal Syndicate
|
Posted - 2008.05.26 20:30:00 - [ 12]
Edited by: Herschel Yamamoto on 26/05/2008 20:30:19 Originally by: Mistral Sud
This is the famous open can of worms!
So CCP should keep track of every IP adress its connected to the Server & make it public?
dream on !
Who the hell wanted it made public? You'd have to be logged in to see it. I might make fun of Chribba for his Veldspar-loving ways, but he's not a total moron. |
Sturmwolke
|
Posted - 2008.05.26 20:30:00 - [ 13]
Nice idea, but : - too complex for the average user - will create too much hassle for CCP when it comes to support I guess the biggest weakness with account security is the password. I'm not an expert on network security, but I think one possible way to greatly minimize hacked account is to use encrypted certicates/digital signatures and lock it to the physical computer in question. Therefore, it's almost impossible to transferred onto a different system once installed. Use of username/password will be un-necessary unless you need to regenerate or download these certificates for installation (to one or mulptiple systems). It's not totally immmune to keyloggers, but then again, even your bank account online details won't be safe from keyloggers ... so that point is moot. What remains is if CCP sees hacked accounts as a critical issue that needs to be resolved and thus worthwhile to spend their resources on it - both short-term and long-term (in terms of maintenance and providing support). Else, this is just another instance of talking to a brick wall  |
AtomizerX
Supernova Security Systems
|
Posted - 2008.05.26 20:56:00 - [ 14]
Sounds like a good idea. |
Dlardrageth
ANZAC ALLIANCE
IT Alliance
|
Posted - 2008.05.26 21:11:00 - [ 15]
Edited by: Dlardrageth on 26/05/2008 21:13:13Totally supported  Though I have one little question at the second part of the suggestion (IP-/range-locking). What happens if the account becomes hacked and the hacker both changes verification address and locks the IP to a different range? Is that account in that case effectively "lost"? Because in this case I think at least the billing/subscription part has to be totally detached. Or the verification address access. Considering how long billing/subscription petitions often take  that scenario depicted above could lead to some financial loss. Which I'm sure Chribba would not want to risk. Edit: Corrected phrasing for clarification of issue. |
Chribba
Otherworld Enterprises
Otherworld Empire |
Posted - 2008.05.26 22:15:00 - [ 16]
|
Liisa
Jericho Fraction
The Star Fraction
|
Posted - 2008.05.26 22:28:00 - [ 17]
At the very least a "There have been x failed login attempts since your last login." type of message. |
Theramin Dogon
Gallente
GoonFleet
GoonSwarm
|
Posted - 2008.05.26 22:39:00 - [ 18]
Edited by: Theramin Dogon on 26/05/2008 22:38:56 Originally by: Chribba
The idea is simply to allow us to lock our accounts down based on IP-adresses. Single, range, and masked IP's. Very effective.
Yes, and when someone doesn't understand the difference between dynamic and static IPs, we should get CCP to take away their computers. Oh, wait. That's not CCP's job either. |
Inanna Zuni
Minmatar
The Causality
Electus Matari |
Posted - 2008.05.26 23:38:00 - [ 19]
Edited by: Inanna Zuni on 26/05/2008 23:40:51Some initial thoughts ... Generally, security on *any* online service is the responsibility of the user. If you choose a simple password (like "snoopy" which was allegedly the most common password in the world for many years) then you are the point of failure, not the owners of the system although yes, they could have run a basic 'password strength' test against the standard lists available. The other aspect is that, again generally, most "password hacking" is actually people having physical access to the machine concerned and using either a stored password or reading the post-it note thereon! However, whilst it isn't an in-game matter ... Originally by: Chribba
a log of timestamps, IP's and login attempts NEEDS to be available through the account managment pages. This is very basic and will allow us to regulary see if there has been any attempts, success or not on our accounts. Lots of fails might indicate someone is trying to hack our account,
Showing such a list (or just last attempt/access detail) to the user after log-in is a pretty standard function on many websites which require a log-in and I see no reason this should not be incorporated into the EVE start-up sequence (ie as a small entry on the character-selection screen). Originally by: Chribba
and we can change password in order to make it a bit harder to gain access.
Arguably, this is closing the stable door after the horse has bolted as you should have a seccure password to start with. Changing from one poor quality password to another which is no better isn't really going to help you. Originally by: Chribba
The idea is simply to allow us to lock our accounts down based on IP-adresses. Single, range, and masked IP's. Very effective.
The basic single-IP option is available on some online services already (Live Journal comes to mind) but range and masking options would, I suggest, make life too complicated for those who don't understand netmasks, etc. Whether sufficient people have fixed IPs for it to be worthwhile CCP developing such an option I have no idea. I shall watch this thread with interest. IZ (side note; interesting that there is a suppression of some terminology on here, with replacement of a partial word with "*"s) |
DasDizzy
Beyond Divinity Inc
|
Posted - 2008.05.26 23:51:00 - [ 20]
i fully support this |
Sturmwolke |
Posted - 2008.05.27 00:37:00 - [ 21]
Edited by: Sturmwolke on 27/05/2008 02:22:28Edited by: Sturmwolke on 27/05/2008 00:59:58 Originally by: Chribba
Originally by: Sturmwolke
I guess the biggest weakness with account security is the password. I'm not an expert on network security, but I think one possible way to greatly minimize hacked account is to use encrypted certicates/digital signatures and lock it to the physical computer in question. Therefore, it's almost impossible to transferred onto a different system once installed.
Use of username/password will be un-necessary unless you need to regenerate or download these certificates for installation (to one or mulptiple systems). It's not totally immmune to keyloggers, but then again, even your bank account online details won't be safe from keyloggers ... so that point is moot.
Well that would make it impossible to play on other computers so I think that's not a good idea. I feel it would be a more complicated task to generate certificates for every computer you MIGHT want to use, rather than opening up for IP's or, just leave the option off for any computer.
/c
No, the idea behind installation is to have a user access a secure CCP PKI server, download and install this certificate. It is very simple, once automated or included as part of the EVE program. They only have to do this ONCE per machine, just as long as CCP's wise enough to include an exclusion clause for the cerficate when user wants to uninstall/re-install EVE. An option to export the certificate into a password protected file is also feasable in case where a user doesn't want all that download hassle, but then again, there's really little point in this since EVE doesn't run without the internet. The beauty of all the above is that your username and password are not revealed, except the only time when you download the certificate. Finally, it could probably be expanded to Eve-Online logins where you access your account details/or want to post something in the forums - another source for username/password which can still be sniffed out by keyloggers. P.S The concept is very similar to the IE webcert P.P.S Machine sharing also isn't an issue since it will also be locked to the particular user on the machine. Edit : Just to clarify further, all of these (and prev post) are in respect to Chribbba's point 2 specifically. Just adding more options to discuss on the suggestion. |
Veryez
|
Posted - 2008.05.27 00:42:00 - [ 22]
Good ideas as always Chribba. Supported! |
Tarin Adur
Gallente
Aliastra
|
Posted - 2008.05.27 01:38:00 - [ 23]
Edited by: tarin adur on 27/05/2008 01:38:50
Supported, no reason not to. |
Bad Harlequin
Raiders of the Open Stars
Crimson Steel Empire
|
Posted - 2008.05.27 01:50:00 - [ 24]
More security tools sound cool. No idea what kinda overhead / support it would cost CCP in practice, tho. I wonder, tho, how many people in EvE would fail a basic password audit. Really, that - and social hacking - will always be the biggest weakness. Those who would use and understand Chribba's solution probably aren't the vulnerable targets anyway, you know? It's the people with "evelol" as their password and who leak their account info to scammers etc that make me  . That can't be fixed by complicating the system. (for the record, my password is currently around 20 mixed characters and i change it irregularly) |
Shuckstar
Gallente
Hauling hogs
|
Posted - 2008.05.27 04:38:00 - [ 25]
|
Serenity Steele
Dynamic Data Distribution
|
Posted - 2008.05.27 23:13:00 - [ 26]
Would it not be simpler to just have a password "strength" bar when entering a password. (displays Weak > Medium > Strong) dynamically as people enter the password?
Then people can make a concious decision if "snoopy" is fine, or they really do want to have "AHJ4tinS^Foil%S$^*@€Hat!3_47¯SJ" as their password.
|
Ethaet
Gallente
Aliastra
|
Posted - 2008.05.27 23:50:00 - [ 27]
|
Bad Harlequin
Raiders of the Open Stars
Crimson Steel Empire |
Posted - 2008.05.28 00:42:00 - [ 28]
Ah yeah - like Ms. Steele says, those "password strength" bars would be an excellent first step, shoulda thoughtta that.
...did Ethaet just get modlolled?
|
Sturmwolke |
Posted - 2008.05.28 04:22:00 - [ 29]
Throwing another simple suggestion to CCP to strengthen account security : Encrypt stored usernames in all locations where it's cached. Breaking into an account typically would require BOTH a password and a username. Let's overstep user ignorance/social engineering for a second and concentrate on the technical. Right now, all that I need to do to find someone's username would be to just open up the "pc.dat" file under "C:\Documents and Settings\<XP User>\Local Settings\Application Data\CCP\EVE\settings" in Notepad !!! 50% work done, yeah!! ... now let's guess this bugger's password |
Vaal Erit
Science and Trade Institute
|
Posted - 2008.05.28 08:08:00 - [ 30]
Originally by: Serenity Steele
Would it not be simpler to just have a password "strength" bar when entering a password. (displays Weak > Medium > Strong) dynamically as people enter the password?
Then people can make a concious decision if "snoopy" is fine, or they really do want to have "AHJ4tinS^Foil%S$^*@€Hat!3_47¯SJ" as their password.
BINGO. Chribbas first idea is terrible. As someone who has cr@cked passwords I can tell you that your idea will do nothing Chribba. I am just as likely to cr@ck your pw if you change it every month or not. Most of the cr@cking is done via brute force+wordlist because the user picked a weak password. Hacking into EVEs secure server and grabbing pw files and decrypting files is insanely hard. Your method will have no effect on people's accounts getting "hacked" Forcing players to have a strong password is a very good method in increasing account security. Oh and Chribbas second idea would be rarely used by players if at all, there would be a lot of time and effort involved in protecting players who are already paranoid about their password and will never get "hacked" PS GD the profanity filter is gay. |
All Channels
[Issue] Account security
Screenshots & Art
