All times are UTC - 5 hours [ DST ]


Post new topic This topic is locked, you cannot edit posts or make further replies.  [ 3 posts ] 
Author Message
 Post subject: Account Security, Deletion and Hacking
PostPosted: Thu Apr 24, 2008 7:09 pm 
Offline
User avatar
User Rep: Trustworthy
Trustworthy
 WWW  ICQ  Profile

Joined: Thu Dec 13, 2007 7:49 pm
Posts: 9002
Location: Cove
The purpose of this post is to specifically inform you of our policy regarding Account and Character deletion.

We will never delete your characters or accounts.

Beyond that, the security of your account, characters and items is entirely your responsibility. If your account is hacked, or your characters deleted we will be unable to restore it to it's previous state.

Just a heads up, this is not a new policy and precedence for this was set long ago.

It is especially ill-advised to ever use your account information for Second Age on any other shard, especially your password even if used in conjunction with another username.

Second Age stores all passwords encrypted, and no staff here have access to your passwords; however this may not be the case for all freeshards; it is advisable to always use a strong and unique password for any login on the Internet.

Good advice:
First and foremost, NEVER give your password to anyone. ``Anyone'' means your coworkers, your spouse, your systems administrator. In the event of an emergency, the sysadmin can change your password. Your system administrator never has a need to know your personal password. ....


We will never ask for your password, and we also ask that you do not provide your password to any of our staff. if you need to change your password in game, use the [password command, the syntax is:
[password <new pass> <new pass>
(Do include the [ do not include the <>)

If you have a registered account, an email will be sent to you with a code that allows you to complete the password change yourself. In this case our staff including me never see your password change request.

If you use the password command with an unregistered account, and if you are not on the same IP Address that created the account, your password request can be seen by staff. This is very much less than desirable, and something we intend to disable. It would be our preference that all password management be done unassisted.

Other Potentially helpful information:
How to Choose a Secure Password
How to Pick a Safe Password

To reiterate, to log on to another freeshard or anywhere using your UOSA account username and/or password is probably not a good idea. We will not be able to compensate anyone for losses due to account infiltration, no matter the cause.


This topic is locked because it is not meant to be a list of people who have had their accounts looted (no this has not been something that is widespread). The advice above is sufficient to protect you. Apart from wiretapping, or trojans in your system, accounts cannot be infiltrated on Second Age if you use a strong password, and do not share it with others.


Top
 
These Support SecondAge
Links open a new window.
UOSA Donors & Subscribers do not receive these ads.

 Post subject: Re: Account Security, Deletion and Hacking
PostPosted: Tue Aug 24, 2010 6:06 pm 
Offline
User avatar
User Rep: Trustworthy
Trustworthy
 WWW  ICQ  Profile

Joined: Thu Dec 13, 2007 7:49 pm
Posts: 9002
Location: Cove
Bump on this as a reminder.

_________________
Image
"The text in this article or section may be incoherent or very hard to understand, and should be reworded if the intended meaning can be determined."


Top
 

 Post subject: Re: Account Security, Deletion and Hacking
PostPosted: Tue Sep 13, 2011 1:45 pm 
Offline
User avatar
User Rep: Trustworthy
Post Rep: 1
Trustworthy
 WWW  ICQ  Profile

Joined: Thu Dec 13, 2007 7:49 pm
Posts: 9002
Location: Cove
Here's another intersting yet kind of technical "article" on password strength that I thought might be worth sharing. I learned from this.
Attachment:
File comment: from [url]http://xkcd.org/936/[/url]
password_strength.png
password_strength.png [ 90.85 KiB | Viewed 5976 times ]

i.e., password length can be stronger than complexity, especially when your complexity involves common substitutions (because they seem easier to remember).

As far as UOSA passwords go though, you cannot brute force your way into an account with these speeds due to login throttling (that is, it's more like 0.5 guesses per second, not 1000); but a good password is still your best defense, everywhere.

Thanks to Batlin for sharing this.

Original source: http://xkcd.org/936

_________________
Image
"The text in this article or section may be incoherent or very hard to understand, and should be reworded if the intended meaning can be determined."


Top
 

Display posts from previous:  Sort by  
Post new topic This topic is locked, you cannot edit posts or make further replies.  [ 3 posts ] 

All times are UTC - 5 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 17 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Support Second Age: These links Open in a New Window

Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group  
Extended by Karma MOD © 2007—2012 m157y