Two Plus Two Newer Archives  

Go Back   Two Plus Two Newer Archives > General Poker Discussion > News, Views, and Gossip
Reload this Page Fossilman's Stars Account Hacked?
FAQ Community Calendar Today's Posts Search

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #18  
Old 03-19-2007, 09:29 PM
Greg (FossilMan) Greg (FossilMan) is offline
Senior Member
  
Join Date: Sep 2002
Location: Raleigh, NC
Posts: 2,677
Default Re: Fossilman\'s Stars Account Hacked?
[ QUOTE ]
[ QUOTE ]

Now that I've read lots of these posts, I'm a big fan of the idea of having a separate ID name, different from your screenname, that you use along with a password when you login. This way, if you got locked out, you could change your ID and your password, and the person trying to hassle you would have to guess your ID name in order to get you locked out again. And, if they're trying to hack into your account, they'd have to guess your ID name and password, simultaneously, to succeed. That makes it WAY less likely that somebody could do it without using spyware or something to get the information from your computer.


[/ QUOTE ]

this seems like one of the most logical and easy-to-implement fixes. please use your pull w/ Stars, Greg!

take care.

[/ QUOTE ]

It turns out that this exact process, or at least one very similar to it, is just around the corner for all PS customers. As part of my reset procedure, I now have a separate secureID number that I have to input after I succesfully enter my password. This secureID is a 7-digit number picked randomly by PS, so there is no way a person could guess it with any reasonable chance of success.

I also like the idea of the secureID badges as pictured by burningyen in this thread. I remember having one of these things when I worked at Pfizer so I could log into my email and stuff from home, and get work done while not at the office. When you try to log into the system, you must enter your user ID, password, and the 8 digit number generated by the secureID device. The number changes every 30 seconds or something, and the number of my device is not the same as the number on anybody else's device at any given moment. Thus, the system knows that it is really me logging in, or at least somebody who has stolen my user ID, password, AND the physical secureID device generating the random number. Hackers, even those with spyware and keyloggers, have no shot at getting into your account unless they also have physical possession of the secureID device.

I'll mention this to PS. Maybe they can implement it for players with more than some minimum amount of money in their account. Obviously this solution is too expensive to implement for every customer, especially those with only play money. Heck, even if PS was going to make me pay for the service, I would do so.

Later, Greg Raymer (FossilMan)
Reply With Quote
 

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -4. The time now is 03:02 AM.

Contact Us - www.twoplustwo.com - Archive - Top

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2026, vBulletin Solutions Inc.