View Full Version : Good ideea against hacking
2nd April 2005, 05:58 AM
A personal password that you enter when you sing the user. This password will be unchangeble and you won't be able to retrieve it if you have forgotten it. You'll have to enter this password each time you want to delete/reset your account, change commanders or email/koc password or sell more than 10% of your armory.
If any1 hacks a koc account, he won't be able to hurt it in any way. The pass will be stored on the koc servers so if any1 wants to steal it, he'll have to hack koc. I think it's foolproof.
Post your comments about this ideea.
2nd April 2005, 06:10 AM
its a good idea, but needs some tweaking, IMO, as for all ideas, in the beginning..
Not having any possibly way to get your password is kind of harsh, isn't it?
How about some sort of clue, sort of like "Whats your mother's maiden name?" except you would create the question to tailor to your password.
Also, i like your idea of not having to use your 2nd password to log-in. the hacker can get in to your account... but not do much damage.
2nd April 2005, 06:28 AM
the clue thing is a good ideea but if they implement the lost password option, the hacker could get your password by hacking the email.
2nd April 2005, 07:26 AM
accounts would be alot harder to sleal if a few *real security* features were used by the admins. numbers 1 and 2 are things that have pissed me off in the past.
1. make it so when you want to change your email YOUR ORIGINAL EMAIL IS SENT THE VERTIFICATION EMAIL. right now the 'do you want to change your email' email is sent to the email you want to change it to... :frusty: this way if a person gets ahold of your account information, he can change the email to whatever he wants without hacking your email.
2. right now if you want to change your password YOU DON'T GET A VERTIFICATION EMAIL. the password is automaticly changed if your logged in. this like #1 just is just one more reason why hacking a persons email account to get their KoC info irrelevant, if i can get into a persons account and change thier password without them even getting a notification about it why would i need to hack thier email?
3. if i was worried about 3rd party people getting into an account and screwing everything up i would set someting up like the game gunbound does. (it is an online game sorta like the game Worms, but you can earn points or buy things for your character to make them better) They have an IP filter, which means if your ip isn't on your accounts 'safe' list, your not getting onto the places where you can fuck up your account. if your ip isn't in your safe zone, you can request it to be put into the safe zone VIA EMAIL.
while most of my suggestions are revolving around email, it (email) is harder to hack into then lets say throwing up a fake mirror that submits the account information to a person.