Please upgrade your browser for the best possible experience.

Chrome Firefox Internet Explorer
×

Display Name Only Log In - Update 2 - Coming April 2, 2013

STAR WARS: The Old Republic > English > General Discussion
Display Name Only Log In - Update 2 - Coming April 2, 2013
First BioWare Post First BioWare Post

DarthPierce's Avatar


DarthPierce
03.18.2013 , 03:53 PM | #41
My question is this:

What's with everything being duck related?

Shouldn't you be getting all your Jawas in a row?

I've never seen a duck round these parts till you showed up.

Jacen_Starsolo's Avatar


Jacen_Starsolo
03.18.2013 , 03:56 PM | #42
Quote: Originally Posted by Andryah View Post
He is a random_proto_player waiting to pounce on every comment by a Bioware staff member with a quack-quack here... and a peck-peck there. It is a species known as Quackasaurus Rex, which likes to prey on innocent creatures on the forum and endlessly distract the local wildlife by making much roaring and gnashing over anything and everything.

I must say however that Phillip pwned him, plucked his feathers, and said duck is ready to be served.
I bet that name is now taken in game if it wasn't already.

Pscyon's Avatar


Pscyon
03.18.2013 , 04:09 PM | #43
Quote: Originally Posted by DarthPierce View Post
My question is this:

What's with everything being duck related?
Was wondering about the same. Saw this particular "joke" going in the previous thread on the subject too.
Sith Sorcerer

Tatile's Avatar


Tatile
03.18.2013 , 04:26 PM | #44
Quote: Originally Posted by DarthPierce View Post
My question is this:

What's with everything being duck related?

Shouldn't you be getting all your Jawas in a row?

I've never seen a duck round these parts till you showed up.
Why would you be lining up ducks or Jawas? That doesn't really make any sense.

Glzmo's Avatar


Glzmo
03.18.2013 , 04:29 PM | #45
Quote: Originally Posted by Skodan View Post
i always have to answer my security question every time i log into the launcher and the forums even though i use the same computer.

i know for the forums i always have my browser clear the active logins/cookies and all the jazz so i think thats the reasoning for having to answer my sec questions everytime on the forums but i was wondering why i have to for the launcher as well
My brother has that problem, too. He needs to answer the security question every single time he logs in, even when he does it from the same PC. According to phone support, some accounts are bugged that way and need to answer the question every time and "they are working on it". He was told that back in June, though. Hopefully that won't mean the people that suffer from that bug will get spammed by these new security question e-mails every single time he logs into the game or forums.

AndasKastor's Avatar


AndasKastor
03.18.2013 , 04:35 PM | #46
Quote: Originally Posted by Glzmo View Post
My brother has that problem, too. He needs to answer the security question every single time he logs in, even when he does it from the same PC. According to phone support, some accounts are bugged that way and need to answer the question every time and "they are working on it". He was told that back in June, though. Hopefully that won't mean the people that suffer from that bug will get spammed by these new security question e-mails every single time he logs into the game or forums.
My wife's was bugged that way for awhile. Then one day it stopped asking her the security question each time. It did happen to stop after we called customer support - she couldn't remember one of her answers and it locked up on her.

Andryah's Avatar


Andryah
03.18.2013 , 04:41 PM | #47
Quote: Originally Posted by Jacen_Starsolo View Post
I bet that name is now taken in game if it wasn't already.
LOL.... I bet you are right.

Unless Phillip was already one step ahead and reserved the name on every server.
Forum disputatio ------> est completum ineptias.

WorldSecurities's Avatar


WorldSecurities
03.18.2013 , 06:36 PM | #48
Quote: Originally Posted by Phillip_BW View Post

You can check your own email address at http://pwnedlist.com/ for instance as one of the posts on the previous thread indicated.
One of those little security 'thingies' is not to click on unknown links.

[*]Don't click links you don't know inside emails. Go to the website you think you need to go to and type the url in the hard way. Takes longer, but helps protect you...

It would have been helpful for a security person to explain the link first.

Was Your Email Account Hacked? PwnedList Can Tell You
Feb 2, 2012
http://www.pcworld.com/article/24914..._tell_you.html

Don't click it. Always use Google cache to access articles.

Quote: Originally Posted by Phillip_BW View Post

We are working on a new 'Forum Display Name' capability so that people will at some point in the future be able to change the name used on the forums. Which way we go about that (choose a character name? let you write whatever you want?) is still being decided and that will impact the amount of work required and therefore the 'when'.
Again, this gives the impression of security on the cheap. Where security decisions are based on 'penny wise and pound foolish' cost/risk assessment.

Quote: Originally Posted by Phillip_BW View Post

It is also not something that can be easily implemented in a matter of minutes. Regardless of if the change would be as simple as adding a column in a database, there is still getting that data presented to the website securely, providing the ability to input data into the column itself (again securely), and that is before we have our awesome QA team make sure the functionality works as expected. We won't say 'soon' on this feature, as it is too early to be able to predict when this could be rolled out.
Although the good news is this extra security is likely to be implemented by BioWare/Electronic Arts. Something, I believe, American Express (and other companies) forced on users years back.

My concern, again, are many notable security breaches have occurred through illegal use of high level accounts with high level system access. The 'on the cheap' security philosophy being one of the contributing factors. Again, we'll see if PBW is lulling hackers with misdirection ("don't throw me into the briar patch"), or BioWare is setting itself up to be another Sony.

For the average user, changing ALL your passwords regularly is a good easy security measure.

A good guideline as presented by Authorize.net, a VISA company:
(Did you really click the link??? )
http://support.authorize.net/authkb/...A233&actp=LIST
To strengthen the security of your payment gateway account, you are required to change your password every 60-90 days. This requirement is also necessary for Authorize.Net to maintain compliance with the Payment Card Industry Data Security Standard (PCI DSS), which requires periodic password changes, strong passwords (alpha-numeric combinations, minimum character length, etc.), programmatic memory of previous passwords to prevent reuse, password lockout after invalid attempts, and other password security measures. These standards are detailed in PCI DSS Requirement 8: “Assign a unique ID to each person with computer access.” Requirement 8.5.9 specifically states:

  • 8.5.9 For a sample of system components, obtain and inspect system configuration settings to verify that user password parameters are set to require users to change passwords at least every 90 days.
  • For service providers only, review internal processes and customer/user documentation to verify that customer passwords are required to change periodically and that customers are given guidance as to when, and under what circumstances, passwords must change.

PCI DSS requires compliance with this standard for both service providers like Authorize.Net and all merchants who process credit card transactions. To learn more, please visit: https://www.pcisecuritystandards.org/index.shtml.

If you have difficulty remembering strong passwords without writing them down, you might try one of the following tips to create strong passwords that are easy to remember:
  • String several words together to produce a passphrase, and make an acronym from it. You can create acronyms from the words in a song, a poem, or other sequence of words that you can easily remember. For example, “Stopping by woods on a snowy evening” becomes “sbwoase.” Then apply the other strong password requirements—capital letters, numbers, special characters—to create a strong password. By applying the other strong password measures you can make this acronym into a password, for example, “sBw0@se1922.”
  • Deliberately misspell a word, and then add a number or substitute special characters to create a password. For example, if you respell “security” phonetically as “sekooritee,” you can then turn the word into the password “seky00r1T.” Note: Do not choose a common misspelling such as “mispelling”or the word “misspelling.”
  • Combine a number of facts, such as dates and events, and add a number or substitute a special character. For example, you can turn the words “Pearl Harbor” and the date “December 7, 1941” into “pe@rL12741HArb0r.” Another example would be to take a holiday (such as Boxing Day) and its date (December 26) to make “12b0x1ng26d@Y.”
  • Shift a word up or down one row, or left or right one character on the keyboard. For example, if you shift the word “security” by one character to the left, you obtain “awxyeurt.” Once you apply the other strong password requirements you would have a strong password such as “aW3yeur+.”
  • Shift letters in a word a certain number of letters up or down the alphabet. For example, if you shift the Ts in the word “thirty-three” back four letters, you would get “phirpy-phree.” Applying additional strong password requirements would give you the password, “phiRpy#phrE5.”

Important: Do not use any of the example passwords shown above. Since these examples have been published, they can be used fraudulently. These are only examples to show you possibilities for strong yet memorable passwords.

And:
Password Policy
http://www.authorize.net/files/PasswordPolicy.pdf

It is imperative that you implement adequate security to
protect your payment gateway account from unauthorized
activity. One key way to protect your account is to change
your account password on a regular basis. The following
Authorize.Net Password Security Policy will help you select
strong new passwords.

+ Your password must be at least eight characters long. Longer passwords may be
even stronger.
+ Your password must include a combination of upper and lower case letters,
numbers, AND non-alphanumeric symbols.
+ Your password may not be a standard dictionary word, even if it is spelled
backwards.
+ Your password may not use common symbol substitutions for letters, such as $ for s.
+ Your password may not be the same as your user login ID.
+ Your password may not be blank.

Please also consider the following guidelines for safeguarding your password and
increasing the security of your payment gateway account.

+ Your password should not contain any information about you that can be easily
discovered, such as a spouse or child’s name, a license plate or street address
number.
+ Do not share your password with anyone. If you have reason to believe that your
password may have become compromised, change it immediately.
+ Do not write your password down. Keep it in memory only. If you absolutely must
write your password down, store it in a secure location accessible only to you.
+ Do not enable settings that allow your Web browser to “remember” your password.
+ If for any reason you need to share your password, do so only in person or over a
live phone call with an authorized person. Never share your password via e-mail or
voice mail.
+ Never display or transmit your password in any communication or online
transmission (other than when logging into your account).
+ Never share your user login ID and password in the same communication.

/*

"the code is more what you'd call "guidelines" than actual rules"
Pirates of the Caribbean: The Curse of the Black Pearl

Leonalis's Avatar


Leonalis
03.19.2013 , 12:23 AM | #49
Dear Phillip from Bioware.

When I read your text I'm getting really pissed. You are not only arrogant, no you're also totally intolerant to the community regarding their questions. Instead of that you would take the user name for the question, no you take a duckface, an alibi face.

Your writing style is overbearing and I think you like to read yourself.

If i were your boss, I'd love to move you away from the community and send you back to the servers because that is not way to to communicate with the community. Maybe you speak with your friends or staff, assistant in Texas but not with the community! For the most of the german community you are faildet with your way.

But hey, there is a vacancy. I'm sure since you fits in well.

This is my opinion. Maybe a bit harsh but this is how I interpret you.
But i'm still a german sub with bad english. What we are already value
  • More then twice Stickys in Germand and French Forum.
  • Missing translation of your text
  • MIssing presence of CM's in German/French Forum.

chuixupu's Avatar


chuixupu
03.19.2013 , 12:58 AM | #50
Dear Leonalis,

Maybe this is a cultural divide, but, please lighten up.

Phillip's posts have been some of the more interesting, friendly, and overall fun yellow posts that I've seen on this forum since the early days. He's not a customer service representative. He's the security guy.
Wardens of Fate / Alea Iacta Est
The Tarkus Legacy ~ The Harbinger/Jedi Covenant