Jump to content


Photo

Consider a new security practice!



  • This topic is locked This topic is locked
7 replies to this topic

Posted 25 September 2021 - 06:15 AM #1

Perkamentus
Super Donator

Perkamentus
Posts: 279
Likes: 156
Clan: Order of the Phoenix


  • Member since:
    19 Nov 2018

    • Time spent:
      25d 22h 53m 20s

  • Total level:
    2,277
    Awards

What is your suggestion?:

I would like to suggest a new security practice for when using your account in-game/forum!

The reason here fore is that you're required to change your password every 90-days! But this causes more problems than resolving in my opinion!
Since you need to change your password It keeps hard to keep track of your current PSW even if you use an PSW manager like Google and/or LastPass or such.

Also when requesting a new password, there isn't an email send to the inbox (and/or Spam) to the attached email of the account.

I therefore would like to suggest to use instead Authentication methods through: Google, Facebook, Discords and etc.
This way users can easily login as well by using these Socials alongside the default login method and perhaps makes this easier?

 

Is this in OSRS?:

N/A


Has this suggestion been accepted already?:

N/A


How would this benefit Alora?:

In the way that it makes it more easier to access your user accounts and/or maintain it.
as well as actually receiving an email when requesting a Password Reset


  • 1 likes this

  Yours sincerely,
 

PP1ss1q.png

  Albus Dumbledore
   Deputy Headmaster

 

 


Posted 25 September 2021 - 07:45 AM #2

J boogs
Veteran

J boogs
Posts: 1,198
Likes: 2,156
Clan: Retired
Location: PNW




  • Member since:
    20 Mar 2018

    • Time spent:
      287d 15h 17m 31s

  • Total level:
    2,277
    Awards

I don't see the issue with this security step. Normally what I will do is change my password with one less character then change it right back to my original password.

 

Yes it's annoying but I feel having this in place can be night and day for somethings account staying protected. 


Posted Image

Posted ImageServer Support - 10/13/2019

Posted ImageServer Moderator - 11/10/2019

Posted ImageForum Moderator - 1/18/2020

Posted ImageGlobal Moderator - 2/16/2020

Resigned - 4/3/2020

Posted ImageServer Moderator - 6/7/2020

Posted ImageForum Moderator - 7/17/2020

Posted ImageGlobal Moderator - 10/25/2020

Resigned - 12/22/2020

Community Awards

Spoiler

Posted 25 September 2021 - 08:51 AM #3

Moe
Community Manager

Moe
Posts: 3,431
Likes: 9,527
Clan: Paragon
Location: fbi office







  • Member since:
    05 Jan 2019

    • Time spent:
      246d 8h 7m 40s

  • Previous username:
    IM Moe

  • Total level:
    2,277
    Awards

@Perkamentus We will not be removing this security feature, as it's a safety for the players who refuse to use 2FA (their accounts are more likely to get hacked, as they use the same password for multiple servers that have database leaks).

 

I won't decline the suggestion, in case Omicron would like to add the social media step.


Posted Image

Posted Image


Posted 25 September 2021 - 09:24 AM #4

Perkamentus
Super Donator

Perkamentus
Posts: 279
Likes: 156
Clan: Order of the Phoenix


  • Member since:
    19 Nov 2018

    • Time spent:
      25d 22h 53m 20s

  • Total level:
    2,277
    Awards

Thank you for responding regarding this suggestion.

 

I want to make myself more clear about the 90-Days PSW change... I personally don't see this as an certain issue,
but more as something that should be made optional like the socials I suggested, instead of being forced as an default security practice.
I don't want to combat this practices since I know this is almost fundamental in keeping user safe, and this suggestion is more aiming at discussing the possibilities for making this even more easier.

I hope this has given enough clarity about my opinion about this :)

 

@Perkamentus We will not be removing this security feature, as it's a safety for the players who refuse to use 2FA (their accounts are more likely to get hacked, as they use the same password for multiple servers that have database leaks).

 

I won't decline the suggestion, in case Omicron would like to add the social media step.


  • Moe likes this

  Yours sincerely,
 

PP1ss1q.png

  Albus Dumbledore
   Deputy Headmaster

 

 


Posted 25 September 2021 - 12:40 PM #5

Ivy
Ex-Staff

Ivy
Posts: 698
Likes: 1,735
Clan: ICE
Location: New Zealand





  • Member since:
    25 Aug 2021

    • Time spent:
      81d 21h 6m 5s

  • Previous username:
    Misfit EIM

  • Total level:
    2,277
    Awards
I’m not going to repeat what @Moe and @J boogs have said as they’re get straight to the point.

No support

Posted Image

(っ◔◡◔)っ Community Awards:

Spoiler


Posted 25 September 2021 - 01:37 PM #6

Luka Doncic
Hardcore Ironman

Luka Doncic
Posts: 255
Likes: 234
Location: Behind you ;)




  • Member since:
    24 Jun 2018

    • Time spent:
      32d 21h 47m 42s

  • Total level:
    2,277
    Awards

I feel like most people cycle between 2-3 PW's since you can change back to recent ones. 

 

No support


Posted Image



Posted 25 September 2021 - 08:44 PM #7

Tungus
Extreme Donator

Tungus
Posts: 291
Likes: 88


  • Member since:
    14 Dec 2016

    • Time spent:
      15d 2h 2m 14s

  • Total level:
    2,277
    Awards

Security set-up is qwuite good



Posted 03 March 2024 - 08:49 PM #8

H
Administrator

H
Posts: 343
Likes: 2,261




  • Member since:
    25 Nov 2021

    • Time spent:
      214d 56m 39s

  • Previous username:
    2OO8

  • Total level:
    2,277
    Awards

Your suggestion has been declined, if you feel this was wrongfully done please contact a Forum Moderator+.


Posted Image
Spoiler




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users


This topic has been visited by 64 user(s)