*

Author Topic: Please Change Your Display Name  (Read 41540 times)

Offline SaladBadger

  • Gold
  • ***
  • Posts: 602
Re: Please Change Your Display Name
« Reply #30 on: January 08, 2011, 10:18:04 AM »
if it's only displayed after three failed logins you'll probably won't be seeing much of it.

Offline -<WillyP>-

  • Lt. Commander
  • Purple Heart
  • ****
  • Posts: 2375
  • I can haz personal text?
    • My photo gallery
Re: Please Change Your Display Name
« Reply #31 on: January 08, 2011, 10:29:22 AM »
The problem with captcha is that it is not very effective anymore.  More and more spammers are getting methods to break through it. 

There is a mod over at SMF to login with an e-mail address.  What do you guys think of that?  So, instead of logging in with an arbitrary name, use your e-mail address, then use whatever you want for a display name.
Smart people look like crazy people to stupid people.

Offline Pumo

  • Lord PuMo, King of Torbernite
  • Gold
  • ***
  • Posts: 356
  • Fear the Hosakos!
    • Pumo Software
Re: Please Change Your Display Name
« Reply #32 on: January 08, 2011, 11:27:27 AM »
What about an image captcha like the one I use on my forum?
With that captcha system that appears before registering you will be asked to select the pictures of a specific theme, e.g. select just the pictures of cars, that are mixed with a lot of other pictures of any other random theme.

Using that system I get rid of spammers on my forum (and they were a huge lot!!).

And the e-mail login option is not a bad extra either.
Pumo Software main Website
- Pumo Mines current release: v1.1 (12 Levels)
R.a.M. Land official Website

Offline VANGUARD

  • Platinum
  • ****
  • Posts: 1543
Re: Please Change Your Display Name
« Reply #33 on: January 08, 2011, 11:40:57 AM »
The problem with captcha is that it is not very effective anymore.  More and more spammers are getting methods to break through it.  

There is a mod over at SMF to login with an e-mail address.  What do you guys think of that?  So, instead of logging in with an arbitrary name, use your e-mail address, then use whatever you want for a display name.

(being a smart guy all along) hmm... something doesn't seem quite right. I can't quite put my finger on it, hmm.. oh yeah, our email address is in our profiles.  :P  (end being a smart guy)

now can it be hidden though, but still be able to receive such emails we received the night before? and here's my question. some of you raised some interesting question about profile ID names, and how they probably still have our ID names.
My question is this, why hack into our accounts? What benefit could they possibly have that would enable them to do that? All of our information on here could be private if we choose it to be, or public. there certainly isn't any checking account numbers or debit card numbers, social security or anything.
I can think of one, but I don't want them to get a tip, but really, what is the harm, except for this one thing I am thinking.
If they screw up my ID, ban him, and have me open a new. it'd be annoying though.

going back to what WillyP suggests, I am all for it, if the email is private and we can receive emails like this, why not? I am all fine with it. and if one doesn't mind, if he/she feels they want to, set up a poll and see if others are fine with it or not.

What about an image captcha like the one I use on my forum?
With that captcha system that appears before registering you will be asked to select the pictures of a specific theme, e.g. select just the pictures of cars, that are mixed with a lot of other pictures of any other random theme.

Using that system I get rid of spammers on my forum (and they were a huge lot!!).

I've seen that in some places, banks, or other places like that. I suppose it works. I have no idea. But I am for that too. I have a lot stored in my head, passwords and such, and may get something on paper, not file, that shows a list of emails, usernames, etc.
emails logins are nice, granted they aren't used to hack into a system, less to remember.

"now was that, Vanguard-643 to get into that site, or was it vanguard-phonenix-675?"
« Last Edit: January 08, 2011, 11:45:59 AM by JB-COM »

Offline Kaiaatzl

  • An unusual choice for ship's cat
  • Platinum
  • ****
  • Posts: 1918
  • beware of ounce
Re: Please Change Your Display Name
« Reply #34 on: January 08, 2011, 11:55:21 AM »
(being a smart guy all along) hmm... something doesn't seem quite right. I can't quite put my finger on it, hmm.. oh yeah, our email address is in our profiles.  :P  (end being a smart guy)


You can't see anyone's profiles or even the memberlist unless you're logged in.  So the spammer would need to have already stolen someone's ID and logged in as them to find your email.

@Scyphi -- http://www.google.ca/images?q=crested+genet&hl=en&client=firefox-a&hs=waf&rls=org.mozilla:en-GB:official&prmd=ivns&source=lnms&tbs=isch:1&ei=1r8oTarwF9XZngfsxfWvAQ&sa=X&oi=mode_link&ct=mode&ved=0CAoQ_AU&biw=1366&bih=586
And now I've ruined N.I.P's alien-ness.
In the Maximum Vertigo (very ambitious Operation Otter sequel) story N.I.P's species actually is an alien (the N.I.P itself doesn't appear but there will be two others who are very important secondary characters -- named Six-Times-Four [female] and Umwaar [male, named as an onomatepia of a sound in the d3 mercenary level 5 music]).

You can probably figure out N.I.P's gender just from the fact that I don't want to divulge it too... It makes it very awkward when I'm playing online and someone wants to know the genders of the players on the server -- it's happened a few times.

Please change either your display name or username.  Spammers are attempting logins using a display name which they found on the forum, and an algorithm to guess the password.

No. No point in kowtowing to fear.
My "password" is now a randomly generated sha1sum, however, with extra characters tacked on. (44 characters).
This wisdom means much from an unknown with 5 posts.


He's not unknown, he just didn't come back to Descent until recently.  If you've played the Lunar Outpost MN0019 mission for Descent 3 you've seen his work.  (MN0012 was D1 btw)
« Last Edit: January 08, 2011, 12:03:10 PM by wazzazzle »

Offline VANGUARD

  • Platinum
  • ****
  • Posts: 1543
Re: Please Change Your Display Name
« Reply #35 on: January 08, 2011, 12:36:40 PM »
You can't see anyone's profiles or even the memberlist unless you're logged in.  So the spammer would need to have already stolen someone's ID and logged in as them to find your email.

Couldn't they just register and then find out?

Offline Kaiaatzl

  • An unusual choice for ship's cat
  • Platinum
  • ****
  • Posts: 1918
  • beware of ounce
Re: Please Change Your Display Name
« Reply #36 on: January 08, 2011, 12:42:30 PM »
I think all registrations have to be admin-approved.

Quote
Pumi Pashuli Omuyi
Vertex9's full name?

Offline -<WillyP>-

  • Lt. Commander
  • Purple Heart
  • ****
  • Posts: 2375
  • I can haz personal text?
    • My photo gallery
Re: Please Change Your Display Name
« Reply #37 on: January 08, 2011, 01:59:37 PM »
Please change either your display name or username.  Spammers are attempting logins using a display name which they found on the forum, and an algorithm to guess the password.
No. No point in kowtowing to fear.
My "password" is now a randomly generated sha1sum, however, with extra characters tacked on. (44 characters).
This wisdom means much from an unknown with 5 posts.

Sky may not have a large post count but he is hardly an unknown in this community.  And he is right, to the extent that a strong password is as good a defense as any, but not every member has a good password, so having a hidden login name is equivalent to having two passwords.  In that two character sequences would have to be guessed.

And as far as what they would have access to, no, they would not have had access to member e-mails or any sensitive data, but they would have been able to do anything a regular member would do, including uploading files, sending pm's etc... It is also possible someone found some vulnerability with a script that could be exploited, who knows?  The fact that they were attempting every 8 minutes with a different ip, tells me it was a purely automated script, and there are numerous reports from others on the SMF site.  We have also been flooded with a massive increase in the number of spam registration attempts, many are blocked automatically, many more are flagged as known spammers, which means an admin must reject it.
« Last Edit: January 08, 2011, 02:01:34 PM by NULLWillyP »
Smart people look like crazy people to stupid people.

Offline Kaiaatzl

  • An unusual choice for ship's cat
  • Platinum
  • ****
  • Posts: 1918
  • beware of ounce
Re: Please Change Your Display Name
« Reply #38 on: January 08, 2011, 02:01:28 PM »
Well this is one of the most successfully spam-free forums I've ever seen, I have no doubt we can keep it up.

Offline Pumo

  • Lord PuMo, King of Torbernite
  • Gold
  • ***
  • Posts: 356
  • Fear the Hosakos!
    • Pumo Software
Re: Please Change Your Display Name
« Reply #39 on: January 08, 2011, 02:47:41 PM »
Quote
Pumi Pashuli Omuyi
Vertex9's full name?

Exactly. ;)
Pumo Software main Website
- Pumo Mines current release: v1.1 (12 Levels)
R.a.M. Land official Website

Offline Scyphi

  • Purple Heart
  • *****
  • Posts: 2386
  • TechPro Jr.
Re: Please Change Your Display Name
« Reply #40 on: January 09, 2011, 08:07:50 AM »
@ wazzazzle: Ah! Yes! That's it! That's what animal it was, I thought I knew it! :D

I'm getting very curious about this storyplot for Operation Otter...how close is it to being released so I can learn all the details?

Quote from: WillyP
There is a mod over at SMF to login with an e-mail address.  What do you guys think of that?  So, instead of logging in with an arbitrary name, use your e-mail address, then use whatever you want for a display name.

I'm a-okay with this. :)
"I thought I had a great idea, but it never really took off. In fact, it didn't even get on the runway. I guess you could say it exploded in the hanger." -Calvin and Hobbes
Check out my deviantART

Offline Kaiaatzl

  • An unusual choice for ship's cat
  • Platinum
  • ****
  • Posts: 1918
  • beware of ounce
Re: Please Change Your Display Name
« Reply #41 on: January 09, 2011, 08:38:13 AM »
Operation Otter is not very close, but the prequel is very close.
It's really just like a normal Descent mission with a twist in the middle and near the end.
I have a few bugs to iron out of the prequel though, some of the matcens are corrupted and spawning boss robots.  If I can't fix it, I'll just add hxms that turn all the bosses into class 1 drones :P.
« Last Edit: January 09, 2011, 03:03:47 PM by wazzazzle »

Offline TechPro

  • Lt. Commander
  • Platinum
  • ****
  • Posts: 1107
  • Where was I?
Re: Please Change Your Display Name
« Reply #42 on: January 09, 2011, 12:27:39 PM »
There is a mod over at SMF to login with an e-mail address.  What do you guys think of that?  So, instead of logging in with an arbitrary name, use your e-mail address, then use whatever you want for a display name.

More and more of the online resources I use as part of my job (computer tech with extra specialty in printers and MFP copiers) ... have been switching to using the email address to login.   While it seems to be working/helping the spam issues (at least for some) ... it's sometimes a pain for people like me.  I have over 15 different email addresses (for me, myself, and I) and over 8 of them are actively used frequently.  Sometimes I have to stop and think a minute about what email address I use with which site.

But I suppose most users of this forum won't have to deal with that.  In all honesty, the email address I use with this site is not a problem to remember, ever.

Offline VANGUARD

  • Platinum
  • ****
  • Posts: 1543
Re: Please Change Your Display Name
« Reply #43 on: January 09, 2011, 08:15:18 PM »
I have three. One for friends, one for companies like amazon, planetdescent, bank etc and one in case I don't trust the sites

Offline Scyphi

  • Purple Heart
  • *****
  • Posts: 2386
  • TechPro Jr.
Re: Please Change Your Display Name
« Reply #44 on: January 10, 2011, 09:36:13 AM »
I have...one.

No, I take that back, I have two!

But I hardly ever use the other one.

So...really just one. :P
"I thought I had a great idea, but it never really took off. In fact, it didn't even get on the runway. I guess you could say it exploded in the hanger." -Calvin and Hobbes
Check out my deviantART

 

An Error Has Occurred!

Cannot create references to/from string offsets