Menu
What's New
By:
Filters

Added captcha for website login

Bertha Bot

Bertha Bot

Entropia News Fetcher
Joined
Jul 26, 2006
Posts
3,315
A new security measure have been added to the login form on the account.entropiauniverse.com website.
From now on you will have to solve a simple math question in addition to providing your username and password in order to login.
Gold Card functionality for the highest security will work as normal (for more info on the Gold Card system see https://account.entropiauniverse.com/account/security/)
We are sorry for any inconvenience this might add but we are confident that this addition will help in keeping your Entropia account more safe.


Originally Posted Here
 
Finally!

Now the people who sells crafted stuff for way too little will not be able to access the game and crafting can return to its previous state! :yay:
 
WhiningSkeptic said:
Finally!

Now the people who sells crafted stuff for way too little will not be able to access the game and crafting can return to its previous state! :yay:
Click to expand...

:scratch2: WHAT!!!
 
Meh. As i just commented on fred's hacked account thread, a math captcha can't even stop spambots, so the chance it will stop something as lucrative as hacking accounts is nil.

A templock with automated email notification is in order when too many failed login attempts happen through webpage. Anyone know if MA does the lockout thing like they do through game client?
 
K-Max said:
:scratch2: WHAT!!!
Click to expand...

Hes saying, that people that are not smart enough to sell for normal price will not be able to login because MA added a math problem :silly2:
 
True Juan said:
Hes saying, that people that are not smart enough to sell for normal price will not be able to login because MA added a math problem :silly2:
Click to expand...

Ah I get it now, was not getting the connection to unusual traders and resellers :laugh:
 
Doer said:
Meh. As i just commented on fred's hacked account thread, a math captcha can't even stop spambots, so the chance it will stop something as lucrative as hacking accounts is nil.

A templock with automated email notification is in order when too many failed login attempts happen through webpage. Anyone know if MA does the lockout thing like they do through game client?
Click to expand...

Or they can add the system some systems use where if you have to authorise a login from a new IP address or machine by responding to an email.
 
SpikeBlack said:
Or they can add the system some systems use where if you have to authorise a login from a new IP address or machine by responding to an email.
Click to expand...

Yup yup - this one is good ;).

@edit:
just the new machine - not the new IP address ;). Lots of people having dynamic IP changing every 24 hours or on router reset ;).

Falagor
:bandit:
 
SpikeBlack said:
Or they can add the system some systems use where if you have to authorise a login from a new IP address or machine by responding to an email.
Click to expand...

No thank you, i regulary login from diff machine's and IP's, would just be a pain in the ass to also need to login in email account that allready has those function, asking to verify everytime when i change a machine.
 
Jan Universe said:
No thank you, i regulary login from diff machine's and IP's, would just be a pain in the ass to also need to login in email account that allready has those function, asking to verify everytime when i change a machine.
Click to expand...

Battle.net and Steam uses this mechanics:
if you lgoin from new machine you need to verify it once - it will be added to "safe machines" list at their server. So basicly using 3 different computers you will need to do the process 3 times (and +1 every time you decide its time to format).

Falagor
:bandit:
 
The thing that worries me most with these recent hackings..
Either Fred or DMatrix stated that they were being booted out of EU due to the hacker logging in from another location.
In another virtual world, when this happens, you get a warning message "Someone is trying to access your account from another location".
In EU you get kicked out to allow the hacker access. :scratch2:
 
Falagor said:
Battle.net and Steam uses this mechanics:
if you lgoin from new machine you need to verify it once - it will be added to "safe machines" list at their server. So basicly using 3 different computers you will need to do the process 3 times (and +1 every time you decide its time to format).

Falagor
:bandit:
Click to expand...

yes and that is exactly the reason why i hate it. at home i have 3 laptops and 1 desktop, and i want to switch as often as i want without having those stupid process eachtime i just want to use other machine.
ah sorry did over read the added function to safe list. but still, i'm not for the idea.
 
ImUp2Mischief said:
The thing that worries me most with these recent hackings..
Either Fred or DMatrix stated that they were being booted out of EU due to the hacker logging in from another location.
In another virtual world, when this happens, you get a warning message "Someone is trying to access your account from another location".
In EU you get kicked out to allow the hacker access. :scratch2:
Click to expand...

Ha! I sure wish it worked that way. Instead, you get a message your avatar is already logged in if you try this. This happens frequently, even when you're not hacked...and not logged in.
 
Falagor said:
Battle.net and Steam uses this mechanics:
if you lgoin from new machine you need to verify it once - it will be added to "safe machines" list at their server. So basicly using 3 different computers you will need to do the process 3 times (and +1 every time you decide its time to format).

Falagor
:bandit:
Click to expand...

Yes that is basically why i need to verify every login, as i have a dynamic IP-Address
 
Simply verifying every country would make a big difference.
 
Jennson said:
Yes that is basically why i need to verify every login, as i have a dynamic IP-Address
Click to expand...

I have dynamic IP too and i just needed to pass the process once for every machine i have ;).

Falagor
:bandit:
 
Jennson said:
Yes that is basically why i need to verify every login, as i have a dynamic IP-Address
Click to expand...

they aren't based on IP, its something else, like MAC address (hardware specific)
 
jqkill said:
they aren't based on IP, its something else, like MAC address (hardware specific)
Click to expand...

Yeah i just realized i mixed up games :ahh:, for battle.net i use this authenticator thingie although probably a waste of money. It was another game of another vendor which i won'T name, but has a sci-fi theme that sends verification mails quite often, so i need to verify almost every login.
 
damn, im shit at math :eyecrazy:
 
Bertha Bot said:
From now on you will have to solve a simple math question
Click to expand...

For small fee I will provide anyone with math solutions to questions, PM me for details.

Thank you, and let Lootius bless you all.

Kiss.
 
Falagor said:
I have dynamic IP too and i just needed to pass the process once for every machine i have ;).

Falagor
:bandit:
Click to expand...

Found my mistake. See my post above. :ahh: . Guess the first signs i'm getting older lol:eyecrazy:
 
I don't understand how this is supposed to help at all. I can see how it might help to prevent spam accounts on forums etc, but not how it could do anything to prevent hacking.
 
So, ummm.... How is a brute force attack even possible if an account gets temp locked after a few failed login attempts?
 
Oleg said:
I don't understand how this is supposed to help at all. I can see how it might help to prevent spam accounts on forums etc, but not how it could do anything to prevent hacking.
Click to expand...

Well, it's a BIT more security. Tho, such shit:

j4oc8uxs976zhk$1xdnjpvft1


Is a damn fucking weak captcha, and for k3w1 h4x0r isn't even a problem.

This is real captcha from registration at QRBG service:

B8DM4O2.png
 
HardWrath said:
So, ummm.... How is a brute force attack even possible if an account gets temp locked after a few failed login attempts?
Click to expand...

it's simply buttplug against login: HardWrath pwd: HardWrath

P.S.: sorry if i guessed right
 
dr3w said:
Well, it's a BIT more security. Tho, such shit:

j4oc8uxs976zhk$1xdnjpvft1


Is a damn fucking weak captcha, and for k3w1 h4x0r isn't even a problem.

This is real captcha from registration at QRBG service:

B8DM4O2.png
Click to expand...

Do you really want to reduce playerase to 10% of its current state? ;)

@edit:
besides - haker who can write OCR can easily make program to calulate equations like that too.

Falagor
:bandit:
 
dr3w said:
Well, it's a BIT more security. Tho, such shit:

j4oc8uxs976zhk$1xdnjpvft1


Is a damn fucking weak captcha, and for k3w1 h4x0r isn't even a problem.

This is real captcha from registration at QRBG service:

B8DM4O2.png
Click to expand...

:laugh:

I'd need to refresh about three dozen times to get one I could do.
 
Falagor said:
besides - haker who can write OCR can easily make program to calulate equations like that too.
Click to expand...

Sure. And the system which will receive result less than in five seconds can easily show page "FUCK OFF, TERMINATOR"
 
WhiningSkeptic said:
Finally!

Now the people who sells crafted stuff for way too little will not be able to access the game and crafting can return to its previous state! :yay:
Click to expand...

hahaha, that made my day :lolup:
 
You must log in or register to reply here.
Back
Top