Remove Advertisements

So I heard Blizzard is losing customers

Anything, including off-topic posts

Moderators: Fridmarr, Worldie, Aergis, Sabindeus, PsiVen

Re: So I heard Blizzard is losing customers

Postby Skye1013 » Sun Aug 12, 2012 7:21 pm

Yes, but anyone could be behind a computer system. If you have someone on the phone, there is at least a little bit of accountability associated with it. That being said... nothing prevents people from tapping phones (other than illegality... but they're already breeching that by trying to steal identities anyway.)

I went in and changed my password. I'll probably go in today and change my security questions. Beyond that:

1) If my account gets hacked, it's just a game, and it can be restored

2) If I suffer from identity theft, it's mostly just money (could be credit rating issues until it gets cleared up, though even that comes down to money in the long run), and it can be restored

Either way, I don't really blame Blizzard. No matter how in depth your security is, someone will ALWAYS find a way around it. It's simply a matter of time. Blizz is doing everything they can, and have notified people of the issue. If they tried to cover it up, THEN I could possibly see blaming them and cancelling my account.
"me no gay, me friends gay, me no like you call me gay, you dumb dumb" -bldavis
"Here are the values that I stand for: I stand for honesty, equality, kindness, compassion, treating people the way you wanna be treated, and helping those in need. To me, those are traditional values. That’s what I stand for." -Ellen Degeneres
"I'm not going to censor myself to comfort your ignorance." -Jon Stewart
Horde: Clopin Dylon Sharkbait Xiaman Metria Metapriest
Alliance: Schatze Aleks Deegee Baileyi Sotanaht Danfer Shazta Rawrsalot Roobyroo
User avatar
Skye1013
Maintankadonor
 
Posts: 3924
Joined: Tue May 18, 2010 5:47 am
Location: JBPH-Hickam, Hawaii

Re: So I heard Blizzard is losing customers

Postby Koatanga » Sun Aug 12, 2012 7:43 pm

Speaking of security, and not meaning to derail, but just a little rant:

Why the heck do so many password validation processes insist on capitals and numbers in a password? It would take years longer to hack "thisiskoatangassupersecretpassword" than "1Bfq7r!#" by brute force methods. If you ask someone to make a password containing caps and numbers that is at least 8 characters long, most people will stop at 8 characters, because they don't want to remember more gobbledygook. But encouraging a minimum-length password only reduces the time a brute-force method would take to hack it.
Retired. Koatanga, Shapely, Sultry, Doominatrix of Greenstone - Dath'Remar
Koatanga
 
Posts: 1980
Joined: Mon Nov 17, 2008 12:46 pm

Re: So I heard Blizzard is losing customers

Postby Skye1013 » Sun Aug 12, 2012 9:12 pm

There is an XKCD comic about that.

I think this is it, but it's not loading for me, so I'll double check later (if someone else doesn't before I get around to it.) http://xkcd.com/936/
"me no gay, me friends gay, me no like you call me gay, you dumb dumb" -bldavis
"Here are the values that I stand for: I stand for honesty, equality, kindness, compassion, treating people the way you wanna be treated, and helping those in need. To me, those are traditional values. That’s what I stand for." -Ellen Degeneres
"I'm not going to censor myself to comfort your ignorance." -Jon Stewart
Horde: Clopin Dylon Sharkbait Xiaman Metria Metapriest
Alliance: Schatze Aleks Deegee Baileyi Sotanaht Danfer Shazta Rawrsalot Roobyroo
User avatar
Skye1013
Maintankadonor
 
Posts: 3924
Joined: Tue May 18, 2010 5:47 am
Location: JBPH-Hickam, Hawaii

Re: So I heard Blizzard is losing customers

Postby rodos » Mon Aug 13, 2012 12:46 am

Do note that "standard English prose", like thisiskoatangassupersecretpassword, is not necessarily a great password because there's a lot of predictability in word-order and most people will actually choose words from a small subset of their vocabulary.

Using truly random words from a very long list is, however, a good way to come up with a memorable password. Basically, you're chosing a few (4-5) tokens from a very big set (many thousands), rather than a few more (8-10) from a much more limited set (~70 upper case, lower case, numbers and symbols). Because there's less random items, and they're items that you are likely to be able to make a mental image of, such a password is easier to remember than "!;Q7$wNVz".

More info: http://www.diceware.com/
User avatar
rodos
 
Posts: 1120
Joined: Mon Sep 24, 2007 8:20 pm

Re: So I heard Blizzard is losing customers

Postby Shoju » Tue Aug 14, 2012 11:07 am

I was actually told by a popular website that my password I was trying to use was TOO LONG.
User avatar
Shoju
 
Posts: 6349
Joined: Mon May 19, 2008 7:15 am

Re: So I heard Blizzard is losing customers

Postby KysenMurrin » Tue Aug 14, 2012 11:10 am

I tried to set a too-long password for WoW a little while ago. Took me a week to realise, because all it does is stop adding letters when you keep typing past the limit.
I don't play WoW any more.
Donnan - Nangun - Kysen - Kysen - Mardun - Timkins

Mostly-Book Blog.
KysenMurrin
 
Posts: 6824
Joined: Thu Jun 26, 2008 6:37 am
Location: UK

Re: So I heard Blizzard is losing customers

Postby mavfin » Tue Aug 14, 2012 11:12 am

KysenMurrin wrote:I tried to set a too-long password for WoW a little while ago. Took me a week to realise, because all it does is stop adding letters when you keep typing past the limit.


Yeah, it stops at 16 chars, I believe, but that's still a nice length that is a bit difficult to brute-force.
--Mav
mavfin
 
Posts: 1789
Joined: Mon Oct 13, 2008 8:33 pm

Re: So I heard Blizzard is losing customers

Postby Flex » Tue Aug 14, 2012 11:14 am

The XKCD comic is pretty good. Key things is to never collapse spaces, if the password doesn't allow spaces replace spaces with another special character.
We live in a society where people born on third base constantly try to steal second, yet we expect people born with two strikes against them to hit a homerun on the first pitch.
User avatar
Flex
 
Posts: 7500
Joined: Tue Jul 10, 2007 7:29 am

Re: So I heard Blizzard is losing customers

Postby Fridmarr » Tue Aug 14, 2012 11:31 am

Koatanga wrote:Speaking of security, and not meaning to derail, but just a little rant:

Why the heck do so many password validation processes insist on capitals and numbers in a password? It would take years longer to hack "thisiskoatangassupersecretpassword" than "1Bfq7r!#" by brute force methods. If you ask someone to make a password containing caps and numbers that is at least 8 characters long, most people will stop at 8 characters, because they don't want to remember more gobbledygook. But encouraging a minimum-length password only reduces the time a brute-force method would take to hack it.

It depends what you are referring to as brute force. In the case of english sentences, standard dictionaries (password specialized) are regularly employed to send various strings at the authenticator. That's by far the more common attack and in that case random characters are far more secure than a sentence. Random characters probably won't be broken by that method at all.

Now in this case, the perps have the password hash on hand, so they can send a set of characters at the hash algorithm until it spits out the same hash. In that case, neither password is secure but as you said longer passwords take much longer to derive than shorter ones. However, for you to gain much of an advantage there, you have to be dealing with someone who has the hashed value, which they only get by breaking in in the first place.

So I think the random character password works better against the vast majority of attacks.
Fridmarr
Global Mod
 
Posts: 9665
Joined: Sun Apr 08, 2007 1:03 am

Re: So I heard Blizzard is losing customers

Postby degre » Wed Aug 15, 2012 6:59 am

You also need to keep in mind that not only the password has to be secure, but you need to remember it.

I employ a number of different passwords and I don't believe I'd be able to remember a bunch of 1Bfq7r!# pass, more likely I'll have to write it down somewhere and what's the point in having a secret password if you have to write it where can be found?

As for myself, I use acronyms and they've served me well for years, I take a sentence easy to remember and use the first letter of each word, I usually end up with a 9/10 characters password which is as random as 1Bfq7r!#, but I can actually remember and I don't need to write it down or reset my pass every other use cause I've forgot it.
On EU-Kadghar: Degre | Beldegre | Degrotto | Koshien
User avatar
degre
 
Posts: 1106
Joined: Thu Oct 11, 2007 7:11 pm
Location: Oxford, UK

Re: So I heard Blizzard is losing customers

Postby Worldie » Wed Aug 15, 2012 8:42 am

I have used the same password for everything for over 15 years and I only got hacked once (i was stupid enough to be keylogged, i suck). I think if you are able to just keep your computer secure any password would do.
theckhd wrote:Fuck no, we've seen what you do to guilds. Just imagine what you could do to an entire country. Just visiting the US might be enough to make the southern states try to secede again.

halabar wrote:Noo.. you don't realize the problem. Worldie was to negative guild breaking energy like Bolvar is to the Scourge. If Worldie is removed, than someone must pick up that mantle, otherwise that negative guild breaking energy will run rampant, destroying all the servers.
User avatar
Worldie
Global Mod
 
Posts: 13341
Joined: Sun Sep 02, 2007 1:49 pm
Location: Italy

Re: So I heard Blizzard is losing customers

Postby degre » Wed Aug 15, 2012 9:34 am

Not any, but I sort of agree, my first password did get hacked eventually, but that was stupidly easy and I'm impressed myself that was able to last for 7 years, and I'm still not sure if it was cracked or was an internal breach.
On EU-Kadghar: Degre | Beldegre | Degrotto | Koshien
User avatar
degre
 
Posts: 1106
Joined: Thu Oct 11, 2007 7:11 pm
Location: Oxford, UK

Re: So I heard Blizzard is losing customers

Postby fuzzygeek » Wed Aug 15, 2012 9:42 am

I tend to tell people to use a system to generate passwords, instead of using the same password everywhere.

Like, take the first four letters of the domain, reverse them, and add a word (or word salad) to the end. So a password at failsafedesign.com might be liafC@ts1!, while the battle.net password would be ttabC@ts1!

(this is, obviously, not the algorithm I use, but you get the idea)

Nothing to write down, and easy to remember a site's password years later.
Image
User avatar
fuzzygeek
Maintankadonor
 
Posts: 5130
Joined: Wed Aug 01, 2007 1:58 pm

Re: So I heard Blizzard is losing customers

Postby bldavis » Wed Aug 15, 2012 10:47 am

i use a variation of the same password for almsot everything, but different capitalization and symbol placement for each service
if you are going to brute force, ok gratz on bruteforcing a9 digit long pw
if you are going to guess, you better know me back in HS when i was taking french
Image

Brekkie:Tanks are like shitty DPS. And healers are like REALLY distracted DPS
Amirya:Why yes, your penis is longer than his because you hit 30k dps in the first 10 seconds. But guess what? That raid boss has a dick bigger than your ego.
Flex:I don't make mistakes. I execute carefully planned strategic group wipes.
Levie:(in /g) It's weird, I have a collar and I dont know where I got it from, Worgen are kinky!
Levie:Drunk Lev goes and does what he pleases just to annoy sober Lev.
Sagara:You see, you need to *spread* the bun before you insert the hot dog.
User avatar
bldavis
 
Posts: 7347
Joined: Mon Sep 07, 2009 12:04 pm
Location: Searching for myself. If i get back before I return, please have me stop and wait for myself.

Re: So I heard Blizzard is losing customers

Postby KysenMurrin » Wed Aug 15, 2012 10:54 am

I have two basic passwords that I use several variations on for most things (one I made up in school, the other was an alphanumeric automatically generated for an email account). For WoW I stopped using those and instead come up with a phrase (either at random or by association with a previous password) then mess about with the spelling and characters.

I never use one that means anything in particular to me.
I don't play WoW any more.
Donnan - Nangun - Kysen - Kysen - Mardun - Timkins

Mostly-Book Blog.
KysenMurrin
 
Posts: 6824
Joined: Thu Jun 26, 2008 6:37 am
Location: UK

PreviousNext

Return to General

Who is online

Users browsing this forum: No registered users and 1 guest


Remove Advertisements

Who is online

In total there is 1 user online :: 0 registered, 0 hidden and 1 guest (based on users active over the past 5 minutes)
Most users ever online was 380 on Tue Oct 14, 2008 6:28 pm

Users browsing this forum: No registered users and 1 guest