Allow Subscription Password to be Modified

agraucred · Feb 19, 2003

bump. if i could have change it i wouldnt be chasing up goa for a sub password reminder

kameh · Feb 19, 2003

BUMP

Let me set my subs password and change it when I want, as it is a set password that never expires or changes is utterly stupid.

-Nxs- · Feb 20, 2003

BUMP for the 3rd time, with all the SI threads around we dont want this one forgotten.

There are so many ways for a determined user to obtain your SUB password, even for the most carefull player.

Please allow us the means to generate a randomly new password if the email account is the same that the game was registered too.

stighelmer · Feb 20, 2003

/bump

leap · Feb 20, 2003

kameh · Feb 20, 2003

bump
keep this going please

bloodomen1984 · Feb 20, 2003

abit late in posting this but i totally agree about the sub password let us change it ive lost 4lvl 50s because rightnow said it was "impossible to change a subscription password"

-Nxs- · Feb 21, 2003

Sorry but this thread is slipping, due to all the SI stuff...

please help support this thread.

/bump

old.Tohtori · Feb 21, 2003

Originally posted by Kicks
tell me Tohtori how would u defend yourself if u were and irc user who had inadvertantly d/led a nasty script that attatched itself to irc and used this access to get to your daoc subscription password.

Just to answer this one since it went by me the last time...

By not having the passes (any pass watson ever) on the computer.

-Nxs- · Feb 21, 2003

I think everyone is in agreement that sub passwords do occasionaly get (call it what you will) leaked, hacked, obtained.

It would be so much easier if you could request a new randomly generated sub password to the email address you firest registered the game with.

This would NOT encourage people to account trade, and would provide so much additional security to the game.

Please Please Please support this thread.

Ohh, and it helps if you go to the bottom of the messages, and there is a "Rate This Thread" drop down list on the right hands side... give it a few points please too.

kameh · Feb 21, 2003

*kicks to top of list*

Meatballs · Mar 3, 2003

Right, finally got round to doing something about this put this into RightNow:

Customer (Andrew CAMPBELL) 03/03/2003 07:07 PM
The EULA states that:

* When your Account is set up, you are allocated a password. You are responsible for maintaining the confidentiality of said password and for all impairment, damages and losses (in particular, deleted characters) that may result from the disclosure of your password or from the use of your password by another person to access your Account.

As I am responsible for maintaining the confidentiality of my password I would like the ability to change it whenever I feel it is necessary. Otherwise I would like this to be changed as we cannot possibly be responsible for it if the password never expires.

Heres some links to some links and some quotes from some respectable websites on the issue:

http://www.microsoft.com/ntserver/techresources/security/password.asp
-Your password should be changed every 45 days

http://news.bbc.co.uk/1/hi/sci/tech/2061780.stm
- Experts say that passwords used to log on to the internet and access confidential information such as bank details should be altered at least once a month, both at home and at work.

http://www.ja.net/CERT/Belgers/UNIX-password-security.html
- Let passwords expire, for example after three months for regular users, after a month for users with extra privileges. The timespan a password lives should not be chosen too small. What will still exist is the danger of users using series of passwords, like 'Secret1', 'Secret2',... making it easy for a hacker to, once he has obtained a password, guess the successor.

If for technical reasons subscription passwords cannot be changed, get someone working on it. THANKS!

If anyone wants to help improve it, or just wants to copy and paste it into RightNow so it gets some attention you're welcome

snox · Mar 3, 2003

Bump!!

fl3a · Mar 3, 2003

Gimly · Mar 4, 2003

PMUB

Jace · Mar 4, 2003

Bumped and reported via Rightnow.

Shike · Mar 4, 2003

bumpetibump

btw, is it hard to create a keylogger that only starts when you enter www.camelot-europe.com?, not really.
I talked to a friend of mine thats somewhat of a softwaregenius and asked how hard it would be to "gather" passwords and subpasswords with the circumstances GoA have provided for us, his first spontanious reaction was to laugh ^^ Firewall or no firewall, if a hacker want your password, he will get it if he is enough skilled, even if you dont have it written in a *.txt somewhere.

-Nxs- · Mar 4, 2003

BUMP - AGAIN !!

Thae · Mar 4, 2003

[PS]Riddler · Mar 4, 2003

Buuuuuump!

-Nxs- · Mar 5, 2003

damn the thread has slipped to a 2nd page.... BUMP !!!

Im pretty confident that no one else knows my subscription password, there is a firewall and antivirus software installed throughout my lan... workstations are locked so prying eyes at home cant see information.

I work in the computer industry and believe I've done all i can to secure my subs password.

But... i would still like it changed, its been static now for over 11 months, any security consious person would change their password within this period... and i cant.

Please GOA, let the email account the game was registered with, request a new randomly generated sub password... PLEASE !!!

old.Tohtori · Mar 5, 2003

Originally posted by -Nxs-

I work in the computer industry

What you do then to be an expert? And no, screwing the nuts and bolts in the back of a comp doesn't count...

-Nxs- · Mar 5, 2003

Originally posted by old.Tohtori

What you do then to be an expert? And no, screwing the nuts and bolts in the back of a comp doesn't count...

Never said i was an expert, just said i work in the industry.

old.Tohtori · Mar 5, 2003

I work in the computer industry and believe I've done all i can to secure my subs password.

You use it in a way that implicates that your experience in the computer industry provides you with some extra ability to protect your computer.

Teh Seel went technical.

-Nxs- · Mar 5, 2003

Originally posted by old.Tohtori

You use it in a way that implicates that your experience in the computer industry provides you with some extra ability to protect your computer.

Teh Seel went technical.

You really think id post in a public forum the details of my lan, firewall and antivirus apps.... ohh dear

If someone wants to get my sub password and they are determined then it is possible, nothing is ever 100% secure unless its switched off... in a locked room... ok maybe thats only 95% secure... whatever hehe

The fact remains, most industries force passwords to expire and be changed reguarly.

old.Tohtori · Mar 5, 2003

Originally posted by -Nxs-

You really think id post in a public forum the details of my lan, firewall and antivirus apps.... ohh dear

Well that would've been silly of you.

I just wanted to know your job

Teh Krypt · Mar 5, 2003

Bump for sure.

Listen to your customers GoA.

Carlos Bananos · Mar 5, 2003

Originally posted by Teh Krypt
Bump for sure.

Listen to your customers GoA.

They couldn't do that, it goes against the unwritten 'MMORPG company Rules'.

-Nxs- · Mar 6, 2003

Originally posted by Carlos Bananos

They couldn't do that, it goes against the unwritten 'MMORPG company Rules'.

I'm sure they will do the right thing, if enough people keep pushing this.

Slip Slipurson · Mar 6, 2003

Originally posted by Shike
bumpetibump

btw, is it hard to create a keylogger that only starts when you enter www.camelot-europe.com?, not really.
I talked to a friend of mine thats somewhat of a softwaregenius and asked how hard it would be to "gather" passwords and subpasswords with the circumstances GoA have provided for us, his first spontanious reaction was to laugh ^^ Firewall or no firewall, if a hacker want your password, he will get it if he is enough skilled, even if you dont have it written in a *.txt somewhere.

and this helps us how ?? we change our pass and he/she just logs the next login we do to subs pages.... i do not think there are many hackers that are after your daoc account, it is not like they can do much harm to it... the ppl that "hack" accounts are ppl that have come over passwords by "testing" others chars or old owners/friends of the char, so stop letting your chars be played by others and they are most likely to not be hacked/destroyed

I think the main reason for many (no not everyone) ppl wanting to change the pass is so they can sell, buy and trade accounts however they want...

but still it would be nice to be able to change the password to something easier

onr thing GOA could do is to remove the game password and the email-change possibility (only way to change the email could be by entering the gamelogin/pass, but then again someone could log that also) at the subspages, then what can the hacker do ? change your adress or terminate or most horribly PAY for your account.

Allow Subscription Password to be Modified

agraucred

Guest

kameh

Guest

-Nxs-

Guest

stighelmer

Guest

leap

Guest

kameh

Guest

bloodomen1984

Guest

-Nxs-

Guest

old.Tohtori

Guest

-Nxs-

Guest

kameh

Guest

Meatballs

Guest

snox

Guest

fl3a

Guest

Gimly

Guest

Jace

Guest

Shike

Guest

-Nxs-

Guest

Thae

Guest

[PS]Riddler

Guest

-Nxs-

Guest

old.Tohtori

Guest

-Nxs-

Guest

old.Tohtori

Guest

-Nxs-

Guest

old.Tohtori

Guest

Teh Krypt

Guest

Carlos Bananos

Guest

-Nxs-

Guest

Slip Slipurson

Guest

Users who are viewing this thread

Similar threads