Please upgrade your browser for the best possible experience.

Chrome Firefox Internet Explorer
×

Display Name Only Log In - Coming April 2, 2013

STAR WARS: The Old Republic > English > General Discussion
Display Name Only Log In - Coming April 2, 2013
First BioWare Post First BioWare Post

RoccProfit's Avatar


RoccProfit
03.06.2013 , 02:01 PM | #281
AWESOME! it is a good thing that someone realized that using your email to log in is NOT a means to better security! All that does if you account gets hacked is give them your email address which they can now mess with. Good job bioware in seeing this flaw in typical thinking.

Jacen_Starsolo's Avatar


Jacen_Starsolo
03.06.2013 , 02:04 PM | #282
Quote: Originally Posted by RoccProfit View Post
AWESOME! it is a good thing that someone realized that using your email to log in is NOT a means to better security! All that does if you account gets hacked is give them your email address which they can now mess with. Good job bioware in seeing this flaw in typical thinking.
If they get in either way, they have your e-mail address "to mess with".

HomicidalWhales's Avatar


HomicidalWhales
03.06.2013 , 02:06 PM | #283
Quote: Originally Posted by Urael View Post
A) EAware redefining terms AGAIN. Display Name = Forum "Handle" for those curious.

B) While at first blush it would seem that going from Email ( usually unknown/private ) to Handle ( very public ) there may seem to be a risk to security for hacking. I for one would expect to have A LOT of hacking attempts given how many people "love me" here. What you have is a fall back to the "questions" you were asked to associate with your account. These are triggerred if you don't log in from a consistante IP. Update your questions and change your password to be 10+ characters long with at least 2 Upper case, 2 lower case letters, 2 numbers, and 2 special characters. Nothing to worry about.
+1 Urael!

But as for me, I really think this change is irrelevant, unnecessary, and just plain out of the blue. Why work on this when they could be improving security, reviewing their rules or something that's actually going to be beneficial to the community?

Jacen_Starsolo's Avatar


Jacen_Starsolo
03.06.2013 , 02:11 PM | #284
Quote: Originally Posted by Jenovan View Post
:/ The line you are referring to is a hint that there will be security/verification measures linked to your email -- which is why they want to remove our email addresses from the login system.

In GW2, for example, a bit after launch they implemented a system such that the first time you try to log in from a new IP, you can't actually log in until an email is sent to your registered email account. From that email, you will need to verify the attempted login (or deny it!).
More games should do what GW2 does I say. It's a pain at times but well worth it.

DaRoamer's Avatar


DaRoamer
03.06.2013 , 02:31 PM | #285
Quote: Originally Posted by Jacen_Starsolo View Post
If they get in either way, they have your e-mail address "to mess with".
No they don't, your email address is hidden. Go look at your account right now.

Darkness_Squall's Avatar


Darkness_Squall
03.06.2013 , 02:46 PM | #286
The lack of logical thinking in this thread is depressing. If a "hacker" - or more accurately, an account thief - has your display name and password, he may be able to log in IF he got past the security questions, but he still needs your e-mail address to gain a foothold. If you log in with your e-mail address, then the thief already has your e-mail address... and that's two birds with one stone. Changing login to display name prevents them from learning your e-mail. What's all the about?

PeterGun-SWE's Avatar


PeterGun-SWE
03.06.2013 , 03:06 PM | #287
Quote: Originally Posted by Prysha View Post
Dude, atleast in germany we can buy physical security keys from any tech markt.. like Saturn or Media Markt...
Well i gues you 'Jerrys' are lucky, so please stop your gloating... and give the rest of us in EU a chance to get a response from Phillip_BW about the Physical Security Keys that the rest of EU and Asia-Pacific should be able get!!!

Its all about SECURITY!!!

Jacen_Starsolo's Avatar


Jacen_Starsolo
03.06.2013 , 03:07 PM | #288
Quote: Originally Posted by DaRoamer View Post
No they don't, your email address is hidden. Go look at your account right now.
It's easy to figure for some depending on the part after the @ sign. If you don't use a hotmail, gmail, ISP, or other such e-mail address. If you own a URL and used that, it's not as hard.

But now I am also saying everyone should get KeePass or something that will generate a random complex unique password for TOR even more than before.

Mogic's Avatar


Mogic
03.06.2013 , 03:20 PM | #289
Quote: Originally Posted by Bomyne View Post
Do you remember the two pieces of information you inputted in the app when you were setting it up? Naturally you made a backup. If anyone gets that backup, they can recreate your authenticaor.
No. That isn't even close to how authenticators work.

In order for me to figure out the sequence I would need to obtain a master seed key from Biowares Authentication server. Then I would still need the 10 digit code on the back of your authenticator.

The only way that authenticators have been hacked in the past is by using man in the middle attacks.

This is no "easy feat" as you claim.

And sorry but knowing my display name still doesn't make it possible to hack my account, you still need 2-3 other pieces of information for your normal Joe Common user (email, password, authenticator) if your smart and used a separate password and email then you need 4.

For someone whos so up in arms about security, why would you have a character named the same as your Display name and then broadcast it to the world when arguing about security?

bowlergirl's Avatar


bowlergirl
03.06.2013 , 03:26 PM | #290
You might not be able to answer this question...

Do you guys hire former hackers to attempt to hack the site and user information to make your security better? I have heard about companies outsourcing reformed hackers to help their businesses.