Something else I hope SWTOR will do....

[Deleted]

I noticed that every time I played on a fresh install of windows the login would request that I answer one of my secret questions.

So therefore if someone does try and login from a computer that isnt yours, there gonna be greeted by one of your secret questions.

Make your secret questions super hard for people to guess the answer too and you should be ok. Unless your retarded and regularly downloaded keyloggers or fall for phishing emails.

[Fiddlesnarf]

I'm perfectly happy with the way WoW and SWToR does authentication, easy, quick, and cheap.

What I don't understand is..

....is make authentication easier.

How is inputting 6 digits hard?

[Dacu]

I'm perfectly happy with the way WoW and SWToR does authentication, easy, quick, and cheap.

What I don't understand is..

How is inputting 6 digits hard?

For the same reason spelling words correctly on the internet is hard.

[nogard64]

well I don't see how a keylogger can track your mouse movement, especially something like that would be based on so many variables, mouse speed, screen res, etc etc.

keylogger there are no variables, when you type and A in your password its an A on all keyboards.

And I think something like connecting a series of dots and placing random ICONS in a series of boxes would have combinations up in the millions so it would be really hard to brute hack, and I hope Bioware will institute a account lock of 5 mins after so many fail tries.

maybe they should just put in CAPTCHAS! lol thats a joke, its ok to laugh, I hate those too!

[Pejo]

well I don't see how a keylogger can track your mouse movement, especially something like that would be based on so many variables, mouse speed, screen res, etc etc.

keylogger there are no variables, when you type and A in your password its an A on all keyboards.

And I think something like connecting a series of dots and placing random ICONS in a series of boxes would have combinations up in the millions so it would be really hard to brute hack, and I hope Bioware will institute a account lock of 5 mins after so many fail tries.

maybe they should just put in CAPTCHAS! lol thats a joke, its ok to laugh, I hate those too!

Random icons would work, but it is the same as a password. Keyloggers log keys for the reason that you typically do not know it is happening since it doesn't draw a lot from the system; however, there is nothing keeping them from doing things such as screen captures/recording your input (if you use the voice way)/tracking your mouse movement.

The other issue with the mouse movement is then you're making it too complicated for the account holder if they have to manage the same speed everytime.

I think you're worried most about machines hacking your machine. They are real people on the other end so things like CAPTCHA isn't going to save you.

[Deleted]

Just don't use an authenticator and copy&paste the password.

The really annoying thing in WoW is that there's no option to save it like any other software/website.

[Pejo]

Keyloggers can read copy/paste and have been able to for a long time now.

[Eparg]

*waves hand* you WILL let me log in

i approve

[ElAmigo]

Speaking of this, are they already selling authenticators on their website?

[anewok]

Speaking of this, are they already selling authenticators on their website?

Not that I've seen. But there's supposed to be a big overhaul on the 10th, so maybe stuff like that will show up then.

[delnadris]

....is make authentication easier. I do not want to buy some other crap to be carried around just so i can log on to my game, what a backwards and LOW tech way of authenticating!

I hope SWTOR will develop more innovative ways, either connect a serious of DOTS on the screen to authenticate or even click and drag a series of symbols on the screen to verifies log in. Example you have to click and drag down 2 JEDI symbols and 2 YODA heads into a box, theres no way a KEYLOGGER can log how you click and you drag your mouse is there?

will if that fails give people an option to say a password into the MIC, just look at SIRI and DRAGON SPEECH voice recognition has moved light years ahead as an optional way even though I am sure most players will be on mics and VENT.

Authentication will be important because once the game builds up a vibrant econ the hackers and gold farmers will be licking their chops at getting into the game.

What is everyone else's hopes and thoughts on account security?

Or, you know, just get a non-crap phone, like most people have these days, and download an authenticator for free on that. Just sayin'.

[nogard64]

I think you're worried most about machines hacking your machine. They are real people on the other end so things like CAPTCHA isn't going to save you.

man that captcha thing was a joke, lighten up! I'm not worried about a thing, just trying to get some other people's ideas and feedback on what they would llike to see as far as Authentications goes.

---------- Post added 2011-12-07 at 06:48 AM ----------

Keyloggers can read copy/paste and have been able to for a long time now.

so If I made a ZIG ZAG pattern within a series of lets say 10X 10 set of Dots, a keylogger can follow that and log it? Your shitting me! Seriously link me a proof of that.

[Deleted]

Keyloggers can read copy/paste and have been able to for a long time now.

Well, don't get a malicious keylogger on your system, duh.

[Guillotine811]

Is there any way for keyloggers to be able to get passwords that are saved and there on login?

Also the argument against the mouse tracking was taking screenshots, but they would have to take a ton of screenshots in seconds to figure out the pattern you were running along the dot patterns.

I guess that wouldn't be impossible though.

[Doylez]

so If I made a ZIG ZAG pattern within a series of lets say 10X 10 set of Dots, a keylogger can follow that and log it? Your shitting me! Seriously link me a proof of that.

Well right now there probably isn't because there is no demand for such a trojan. But yes, theoretically you can do pretty much anything if you manage to comprimise a PC. It doesn't even have to follow your mouse, it can just intercept the data when you send it. There have been cases where a hacker got access to another users webcam so he could spy on them with their own camera any time he wants to... again, nothing is truly safe if it's connected to your PC.

[jvbastel]

I use my iphone to authenticate, works like a charm, don't really need another way here

[Bluey111]

I think the coin lock feature rift has is probably a step in the right direction, where if you log in from a different IP then you have to enter a code that is sent to your e-mail to use any money for anything, you arent allowed to sell, buy, mail, bank etc until you enter this code

[Trojan7evin]

thats actually not that far off, scientists have developed mind reading hardware, where they place this thing on a person's head and through the signals given off their brain and thoughts, they are able to move things such as a cursor on a screen.

I dont want to be a smart ass or anything but they've had that for about 10 years, the government just keeps it under wraps and beta tests these things alot longer before actually revealing it to the public... you probably know that but i'm just sayin

plus i'm sure that type of shit won't be given to a game company to help with game hackers

[DaGhostDS]

I think the coin lock feature rift has is probably a step in the right direction, where if you log in from a different IP then you have to enter a code that is sent to your e-mail to use any money for anything, you arent allowed to sell, buy, mail, bank etc until you enter this code

only issue, what happen when your email get compromised? You cant access it anymore and worse, the hacker can use it to send the coin code, not very effective.

The swtor authentificator will be the same one that Blizzard use for his battle.net, a Digipass Go.

[Deleted]

Well played sir, well played.

Don't worry, I'l blast my way in.