Jump to content

Enough!!!

bigwoody

By bigwoody
in Open World RP

 Share

Recommended Posts

bigwoody Newbie

bigwoody

Posted
Posted (edited)

Today, I saw one of these password dumps from this hacker. Seeing some of the passwords you people use, you're all but asking to get hacked.

Have you ever wondered why dictionary passwords are bad? On far too many encryptions, you can work out what the password is you are trying to crack by letter frequency, and if you're working in English, you're vulnerable to this on many encryption methods. Worse is when you use common passwords ("abc123"? REALLY?) even hashes won't save you.

Some of you probably even do universal passwords. This is all but asking for a hacker to go further, like locking you out of your e-mail, going on a shopping spree with your paypal account, or worse.

Now, its easy to do, just follow these steps:
1) Go here for secure, random passwords: https://www.grc.com/passwords.htm
2) At minimum, have a different password for your in-game nation, your "home" forums, the CN forums, and forums you administrate. This is damage control, if one of your passwords is stolen, it cannot then be re-used elsewhere. If you re-use passwords, you should be comfortable with potentially having many of them compromised at once.
3) For $%&@ sake PLEASE don't use the same password for important RL accounts as you do for CN. People can find those accounts via your e-mail and it can lead to huge trouble.

Its that simple, just don't be lazy. Do it now.

Edited by bigwoody
Link to comment
Share on other sites
Jyrinx Newbie

Jyrinx

Posted
Posted

I also recommend having a separate email address just for CN related stuff. This way nobody even knows what your real life email address is and thus there's no risk to your real email address being compromised.

Link to comment
Share on other sites
bigwoody Newbie

bigwoody

Posted
  • Author
Posted

[quote name='theArrowheadian' date='04 March 2010 - 11:40 AM' timestamp='1267724625' post='2213790']
Or maybe people could just not take a game this seriously.
[/quote]
You'd wish. However the steps I listed are sadly a bare minimum, as not following them risks ruining the game for others, or exposing your RL personal info to attack.

Link to comment
Share on other sites
Gorard Newbie

Gorard

Posted
Posted

I recommend using last pass it's a plugin for browsers that stores your passwords and logs you in automatically, you only have to remember one password to open your password store. All of your passwords can be as complex as you like, here is an example of one of my passwords
k_7A7'E=U,R'Dde]}w)f.7Lmp}[LJ<`\oA'.zynT/)1"(TsgYMC[=b/g7=>i!%d
It works with Linux, Mac, Windows, and most smart phones.It supports most browsers, Firefox, Chrome, Safari, IE, I'm not sure about Opera but no one uses that anyway.

Link to comment
Share on other sites
lonewolfe2015 Newbie

lonewolfe2015

Posted
Posted

Couple things of note:

I very much doubt the correct passwords are being hashed everytime someone cracks a forum. Not a lot of people are dumb enough to use abc123 or WordWord or 123456 unless it's a mundane forum they don't care about.

Second, if you use the automatic log in features or a big password repository, don't forget your passwords then... you have to record them somewhere. And when you use services to request new passwords, or store the passwords somewhere, make sure your e-mail or the giant password database have passwords you can easily remember, are different than anything else, and you rotate the passwords often.

CHANGE your passwords every so often. Some places go so far as to give you an automatic password kill now so you are forced to use a new password.

Link to comment
Share on other sites
Hiro Nakara Newbie

Hiro Nakara

Posted
Posted

That is a good website and some handy advice, thanks.

[quote name='bigwoody' date='04 March 2010 - 04:44 PM' timestamp='1267721265' post='2213748']
Today, I saw one of these password dumps from this hacker. Seeing some of the passwords you people use, you're all but asking to get hacked.

Have you ever wondered why dictionary passwords are bad? On far too many encryptions, you can work out what the password is you are trying to crack by letter frequency, and if you're working in English, you're vulnerable to this on many encryption methods. Worse is when you use common passwords ("abc123"? REALLY?) even hashes won't save you.

Some of you probably even do universal passwords. This is all but asking for a hacker to go further, like locking you out of your e-mail, going on a shopping spree with your paypal account, or worse.

Now, its easy to do, just follow these steps:
1) Go here for secure, random passwords: https://www.grc.com/passwords.htm
2) At minimum, have a different password for your in-game nation, your "home" forums, the CN forums, and forums you administrate. This is damage control, if one of your passwords is stolen, it cannot then be re-used elsewhere. If you re-use passwords, you should be comfortable with potentially having many of them compromised at once.
3) For $%&@ sake PLEASE don't use the same password for important RL accounts as you do for CN. People can find those accounts via your e-mail and it can lead to huge trouble.

Its that simple, just don't be lazy. Do it now.
[/quote]

Link to comment
Share on other sites
Cotillion Newbie

Cotillion

Posted
Posted

[quote name='Duncan King' date='04 March 2010 - 06:59 PM' timestamp='1267729361' post='2213855']
I actually just changed all of mine and consequentially, I am now locked out of my facebook account. :(
[/quote]

This happened to me on a couple of things. ;_;

Link to comment
Share on other sites
rabonnobar Explorer

rabonnobar

Posted
Posted

Something else I was thinking about that won't take care of the problem, but will help, is for all alliances to do a member purge where they delete accounts that haven't been used in the past 2 months or something. Thus, decreasing the amount of passwords that can be stolen from each forum.

Link to comment
Share on other sites
bigwoody Newbie

bigwoody

Posted
  • Author
Posted

[quote name='Emperor Marx' date='04 March 2010 - 01:56 PM' timestamp='1267732826' post='2213918']
It's depressing that this actually needed to be said.
[/quote]
Yeah, this is way more difficult than a universal CN password.

Personally my life would go on, as would most peoples, even if all my CN stuff got compromised, HOWEVER there is a chance people could take this too far and go after RL personal stuff (think bank accounts), so this needs to be taken seriously.

Unfortunately.

Link to comment
Share on other sites
Goldie Newbie

Goldie

Posted
Posted

It is actually much smarter to use dumb unique passwords for websites than use a super strong password for all of them. That's what I do, if someone hacks RIA's boards and gets my retarded, easy to remember password, then there is nothing they can gain from it, but if someone took my strong password that I might use elsewhere, then there might be an issue.

Link to comment
Share on other sites
Geoffron X Newbie

Geoffron X

Posted
Posted

[quote name='tamerlane' date='04 March 2010 - 02:13 PM' timestamp='1267730320' post='2213876']
Best method in promoting internet security is giving icecream to nerds wherever you find them.
[/quote]
It's true. Give me ice cream!

But seriously, due to the recent hackings, the NPO about a month ago created guidelines and mandatory password changes for its forums, so even if someone chooses a terrible password the one time, at least it might not be every time...

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...