Account Password Security
" There are a few interesting, plain english articles on CodingHorror.com Dictionary Attacks 101 http://www.codinghorror.com/blog/2009/01/dictionary-attacks-101.html Speed Hashing (talks about password length) http://www.codinghorror.com/blog/2012/04/speed-hashing.html Rainbow Hash Cracking (explains the basics of cracking passwords) http://www.codinghorror.com/blog/2007/09/rainbow-hash-cracking.html Hardware Assisted Brute Force Attacks: Still For Dummies http://www.codinghorror.com/blog/2007/10/hardware-assisted-brute-force-attacks-still-for-dummies.html I wonder what is the ratio between cracked passwords and keyloggers/trojans though? Has any gaming company released such data? Weak passwords are definitely bad, but often times when you see people raging about stolen accounts they share their pass with friends, or they download all sorts of things from shady sites, or they give their pw to someone ingame for trading, etc... Exception for the recent Diablo III woes, reportedly it was a form of session hijacking. Last edited by DeF46#3887 on Jun 17, 2012, 7:55:31 AM
|
|
" I got hit by the zero-day wmf exploit that downloaded a MASSIVE payload onto my computer. Took me months to get everything working again (without a reinstall). These types of exploits are the worst, because even savvy browsers can get hit, because you don't have to click on anything at all, or install anything at all yourself... you just have to visit a website with malicious code. A friend of mine used to use html exploits to steal session IDs from users by posting an innocuous picture and waiting for people to simply 'mouse over' the picture... if your mouse hit the picture, then he could log into your account. So yeah, it's easy to get hit with some nasty stuff. If you have account problems please [url="http://www.pathofexile.com/support"]Email Support[/url]
| |
|
One Question for the Devs, will PoE ever have a Authenticator?
IGN: kReiZy
|
|
|
Would be great, although i don't think it is needed as much
Last edited by Speite#2705 on Jun 17, 2012, 2:15:52 PM
|
|
|
http://www.entrust.com/strong-authentication/identityguard/calculator.cfm
This site, a competitor to RSA SecurID which provides authenticator solutions lists relative prices for 10k user price points and deployment costs. GGG would probably take a 25-50% cost increase and pass that onto the consumer in order to continue providing the service over time... It's not out of the realm of possibility, but they would probably need at least 50,000 users to pre-order the authenticator before the risk involved in that deployment was justifiable. Also considering Blizzard's cost of 6.50 and the 10k price points, we can assume their cost is on the order of $3-5 for those... but given they had something crazy like 30 million users at the time of their purchase... yeah. I've seen values range from $100 per user to 6 at blizzard... so the question becomes: Would there be enough users that would be willing to pay the $10-20 (includes shipping, fees, and overhead) or maybe even higher like $20-40 it would cost to deploy authenticators in GGG's environment? If you have account problems please [url="http://www.pathofexile.com/support"]Email Support[/url]
| |
|
no option for a Authenticator App like the Battle.net has?
With the Authenticator the users will trust the Game more and will maybe use the Cash Shop more. But yes, i would pay 10-20$ for an Authenticator. IGN: kReiZy Last edited by sYkoDe4d#0481 on Jun 17, 2012, 5:49:37 PM
|
|
|
Does my password is strong :
"123456q" ? Master of Orion
|
|
" the "q" at the end make this passwort Bulletproof ;) IGN: kReiZy
|
|
|
What if your password was something like this:
saklfkalsfjawo How long would that take? Draeke, 42 HC Marauder died from a one shot... First HC char.
|
|
" Somewhere between a week and a few years. The much simpler Ilikethis1! would take a couple years to a couple thousand years. If you have account problems please [url="http://www.pathofexile.com/support"]Email Support[/url]
|
