• Hail Guest!
    We're looking for Community Content Contribuitors to Stratics. If you would like to write articles, fan fiction, do guild or shard event recaps, it's simple. Find out how in this thread: Community Contributions
  • Greetings Guest, Having Login Issues? Check this thread!
  • Hail Guest!,
    Please take a moment to read this post reminding you all of the importance of Account Security.
  • Hail Guest!
    Please read the new announcement concerning the upcoming addition to Stratics. You can find the announcement Here!

Would this deter phishing or or upset players more?

G

Guest

Guest
I was just thinking.

With the recent phishing thread and my near miss last night, I wonder something. Some sites like yahoo e-mail and such have a safety mechanism, whereby if a password is incorrectly entered so many times in a row, no further attempts to log in can be made for 24 RL clock hours. I wonder if EA put in something like this if it would prevent some players from having their accounts stolen through somebody *guessing* their passwords.....that is if the hacker attempted it, they'd have to get it right, say within 5 tries or he was just SOL. Would it be worth the added security to players or do you think it would piss people off more to be locked out of their own accounts because of repeated finger misplacement. My keyboard is in bad need of replacement, half the keys are not labeled so I often typo passwords logging in especially since you can't see what you typed before you hit enter, but I can't remember ever doing it more than 3 times before finally taking the time to count the keys and get it right. What do we think, community? Is this a feature we'd like to see? I had an EA account hacked into at a time that I wasn't playing TSO currently, but I was playing Club Pogo and before I could get the account back I ended up losing millions of tokens because the idiot bought a bunch of useless crap in the Mini Mall with them, and he caused alot of drama with the account impersonating me. I'd happily put up with being locked out of that account for an hour if I mistyped the password a bunch of times in a row if it meant that I was guaranteed for that to not happen again. It's just virtual 'stuff' with no RL value, but still that represented alot of time I spent earning the tokens, and alot of grief putting up with bull crap from players who thought it was me that did the stuff the guy did...took months to really get all the drama alone to die down. Whether or not you have ever had one of your accounts hacked, would a safety measure like this be worth the risk of being locked out yourself, to you?
 
S

Shyanne1

Guest
This sounds like a good idea but with the experience players have had with not getting responses to emails and such there would have to be a pretty reliable system in place before I would support it.
 
G

Guest

Guest
I think it's good idea, but it's already pretty safe since your account name is usually diffrent to your sims names + I think as long as we know that no one not even EA needs our password we will all be safe, but I still think this is a good idea for saftey.
 
J

jasminemoon

Guest
I think any security is a good idea. BUT, I think that if it could be implemented: rather than locking people out after so many tries. Maybe it could re-direct the account to a login page, where we would have to answer a security question much like many other secure logins do. AND if the person were locked out, I don't think it should be completely because the staff is so busy it would be almost impossible to get in touch with them, when say, someone else attempted to log into your account and froze it, or you were just having a bad keyboard day. If the security question is not something easy to implement, then maybe the player could be locked out for say..I dunno..10 mins?

This would probably deter any account "hackers"..or at least move them onto a different account to attempt to log on.

All in all, I believe the security question would be best- because malicious users may just go around locking people out of their accounts for mean "fun".

Jasmine Moon
 
G

Guest

Guest
<blockquote><hr>

All in all, I believe the security question would be best- because malicious users may just go around locking people out of their accounts for mean "fun".

Jasmine Moon

[/ QUOTE ]That is an excellent point! I used to do this to people at work who I didn't like. They always had to go down to ADP in person, with ID card in hand, to get their accounts unlocked.

Yes, I was evil in my younger years.
 
N

NightFlyer

Guest
Additional security measures would be welcomed by many I believe. I would have no problem if they implimented something on this order.

Very harsh action on EA's part against those low-life-no-lifes with nothing better to than grief others over game accounts would be at least as good if not better.

I have to believe anyone who stoops this low has to be a very sad, sorry little person indeed. And must be very lacking in any sort of real life.

Enforcing the ToS in the area of obsconding with accounts should be taken very seriously by EA. Especially in light of the upcoming cash out.
 
G

Guest

Guest
<blockquote><hr>

I think any security is a good idea. BUT, I think that if it could be implemented: rather than locking people out after so many tries. Maybe it could re-direct the account to a login page, where we would have to answer a security question much like many other secure logins do. AND if the person were locked out, I don't think it should be completely because the staff is so busy it would be almost impossible to get in touch with them, when say, someone else attempted to log into your account and froze it, or you were just having a bad keyboard day. If the security question is not something easy to implement, then maybe the player could be locked out for say..I dunno..10 mins?

This would probably deter any account "hackers"..or at least move them onto a different account to attempt to log on.

All in all, I believe the security question would be best- because malicious users may just go around locking people out of their accounts for mean "fun".

Jasmine Moon

[/ QUOTE ]

That's why I mentioned the 24 hour time frame. It would not require a dev's help to get you back in....in 24 hours you'd be able to get back in on your own, just like you can if you screw up your yahoo e-mail password. You just wait 24 hours before checking e-mail, or in this case you'd play on an alternate account for 24 hours, whether its another premium or a free account. Now that the free accounts are out, implementation of something like this would no longer mean a player was locked out of game entirely for that 24 hour period, presumably it would just be that one account. Like I said I'd rather give up access to it for 24 hours as a result of my blunder than have it be unsecured and a hacker get it and I may never get it back......the lesser of two evils.
 
I

imported_SimTripps

Guest
<blockquote><hr>

<blockquote><hr>

All in all, I believe the security question would be best- because malicious users may just go around locking people out of their accounts for mean "fun".

Jasmine Moon

[/ QUOTE ]That is an excellent point! I used to do this to people at work who I didn't like. They always had to go down to ADP in person, with ID card in hand, to get their accounts unlocked.

Yes, I was evil in my younger years.


[/ QUOTE ]

omg I'm still like that, and I'm in my 40s lol..
 
G

Guest

Guest
I like the idea. I would add something like this:

Three tries and you account is locked for 24 hours, unless you go to the link in your email and answer security questions, in which case if you get them right you can log in right away. This way, if the security questions were added the hacker has no chance of gussing at those as well because the link was sent to your email, and if you're not around anyway the 24 hour lock stays in effect to deter the hacker.
 
G

Guest

Guest
<blockquote><hr>

I like the idea. I would add something like this:

Three tries and you account is locked for 24 hours, unless you go to the link in your email and answer security questions, in which case if you get them right you can log in right away. This way, if the security questions were added the hacker has no chance of gussing at those as well because the link was sent to your email, and if you're not around anyway the 24 hour lock stays in effect to deter the hacker.


[/ QUOTE ]

Some of these hackers though are hacking into e-mails too and that is how they get the passwords, they have them e-mailed and they don't even have to guess them. But if there was a security question the hacker would have to know 'intimate' details of the person they are hacking, since the security questions are typically 'what was the name of your first pet' 'what is your mother's maiden name' 'what is the last 4 digits of your SSN' that kind of stuff. Maybe they ought to institute something like that when a person requests to retrieve a lost password, instead of sending it to them through e-mail right off, they send them an e-mail asking for verification of those security questions. No answer, no password.
 
You must log in or register to reply here.
Top