Hey guys just wanted to point this out before account security becomes an issue in game.
To successfully get in to someones game account you need 2 pieces of information
1.There "log in" username
2.There password
One of the things to me that is most over looked in this game is how easy it is to get someones log in user name because of the toon name@login name thing in chat and when recruiting for guild when sending mails and tells etcetc
This to me could turn in to a major issue
in other game I specifically keep my toon name different to my log in name to try and prevent people having 1/2 the work of taking an account done for them so why in this game is my login name blatantly given out every time I use the chat box
This to me is a massive over site in security measures on the design end of things and is something that needs to be addressed before account hacks become a major issue
One thing that could be put in let me choose the
@name to make it different to my log in name if its a crit function with no way to work around using it
anyway this is just something ive noticed and am quiet shocked by as it could potentially mean 1/2 the work is done for a hacker
I have allot of ideas for increased security just another one off the top of my head
when logging in i believe the client should disable the keyboard and use its own "on screen" keyboard you hit with your mouse this would make keyloggers void
with an onscreen keyboard it should be randomised as to where it appears this would stop people login the x and y axes of the mouse to determine what you have clicked
theres allot more but for now my biggest concern would be the displaying of the log-in name
Comments
Ah right and where does it let you put something in i havent seen it as of yet?and sorry if theres other threads i forgot to use the search function :-x shoot me now lol i may have missed it in my excitment to create a toon lol
*TRIBBLE gun*
You're the boss
Yeah, it does that NOW, didn't use to.
besides who would want to hack STO ? i can see somebody hacking it, then asking the origional owner to take it back hours later
Hell, I can just see the suicide rate in China going up...
I myself wasn't aware of this until after someone commented on it. I vaguely recall something saying, what do you want to be known as. So I entered Xrystal. Not realising that it must have triggered as both account and forum name at once. My forum/character names have alway been different from account log in with these type of games for this precise reason. Until now of course. And now of course the option isn't changeable. Hopefully Cryptic will allow this option at some point as it is clearly a problem for those of us that were not aware of this.
So, Cryptic, please give us an option to change our account name and known as names with more clear and precise instructions as it seems some of us may have misunderstood your intentions at the time.
And by not give anyone your password I also mean: and keep your virus scan and spy-ware scan software up to date. Don't want to lose that password to keyloggers either.
For both you and the OP, you can contact Billing/Support (I believe - one of the support departments at Cryptic, anyway) and, by all accounts, they're helpful and quick about changing it for you.
Yeah, some of us didn't even get THAT option. However, if you truly feel unsafe, just send them a mail asking for a handle change and give them three options. They'll get back to you eventually.
To be honest, I don't actually see a problem with this. You have my login? So what? Feel free to crack my 9-17 digit alphanumeric CaSe sensitive, p.un-ctu,a=tion filled password.
And yes... Having identical log in and forum handle is a very much valid reason.
It did when I created my account in January.
It didn't when I created mine in September...your point?
This. File a ticket with 'em and they'll get back to you. They took a couple weeks to answer mine, but they WILL change your forum / in-game name this way.
Can't change your account login name though.
After all I like Xrystal as my forum name but I would like my @name in game to be something different so I can call my character in game Xrystal rofl.
After all name@Xrystal doesn't sound quite right. Whereas Xrystal@StarfleetMedicalCenter rofl would be so much better but unlikely to be possible if it is still your account name. And then I could go on with Chantelle@StarfleetEngineeringCore. And my little baby Adelle@StarfleetTacticalSquad. But I digress. Will be wonderful to see how that new change will work though.
I dont reecall seeing it then. Also, if you change it, what happens to your friends list? Will they still be able to contact you? What about mail you sent under the old @(name), but havent picked up before changing it?
Just say you would like to change your @name because if it currently the same as your forum login/account handle and then provide 3 names you would like (in priority order).
The 3 names help expedite the process if the name you would like is already taken.
I did mine back during Champions times so they were pretty quick about it...not sure how long it'll take, but they'll normally send you an email or PM when they do it.
Have seen that work in free to play games - good idea.
Maybe you got to choose a different name - not all of us did. Cryptic are aware of problem and its is mentioned in the engineering reports.
Usually sound advice, but with @Login it may be possible to set up a program to automate log in and try many different codes. Doing so may take a long time, but simple password evaluation rules could be used. Not talented enough or inclined to do that myself, but some one - such as a gold spammer / farmer will be - selling online currency for real cash is big business.
LOL on the password / encryption - kinda puts my last point down - but someone is bound to try it - if they have not already.
As for the advice to put a mail / ticket in, I did that as soon as I realised how @Login worked during open beta and again at launch - still waiting for anything other than a standard 'Your .....' reply.
I do think th OP has a good point. I also know this has been discussed many times on the forums. I'm just glad Cryptic are looking into it.
example my account name is **********
but my handle is @Captain Butters
there different you just need to read carefully when you create a account
the devs have said that if security is a issue you can message them 3 alternate account names to log in with and they will chose one
you can still keep your account handle or @name that players will see
hope this helped
Butters
Again - no offence meant to you.