More Account Security Options Needed

AuthorMessage
Petty Officer
Dec 21, 2008
51
I have been reading quite a few threads lately about how people have gotten hacked and, to keep the story short, they're left clueless and banned. At first I thought someone might not be telling the whole story, or that something might have really happened... but after so many of these threads, that'd have to be a lot of coincidences.

I know that both Twitter and Google have implemented features where you must type in your password and then a security code generated each time you log in and sent to your phone. Otherwise, you cannot access the account. This would be very useful for keeping our accounts safer or even for allowing parents to control their children's time in the game.

I believe Google also has another feature that asks your phone if it's okay for a certain IP address to log into your account if they detect it - then the player knows just where it's coming from and can not only block, but properly correct it.

Other services like Yahoo use a photo upload technique - you have a photo specific to your computer that you upload each time you log in. The photo must match for you to be accepted.

I would love a Green-Yellow-Red system that some games use - if we commit an offense (any offense at all, be it a very minor or major one), we are warned. Our "green" account status is changed to yellow. And so on. With each offense, we are permitted to appeal that offense. If an offense is appealed in yellow status, our account returns to green status. If our account lasts a certain number of days (based on the offense) without further offenses, it is changed back to green status. For one, it'd save you all at KI time. The latest thread here reports a string of emails sent over the course of a month that ended in KI stating that they realized that the account in question had been banned. If players don't know what their offenses are, then they can't correct them. By having a system that tells players what they're doing wrong, we're treating the root causes of these infractions - we're educating the people. Without that knowledge, players can't warn us about any it, only leave us confused as to what happened.

To be honest, these are just ideas. I love the concept of connecting the log ins of my account to an external device such as my phone that only I have access to. With the way KI is growing/expanding, and the way people are getting banned and reporting their stories, it has become evident that we need more account security features and a more advanced system for warning players and allowing them to appeal. To me, this trumps anything else in KI gaming right now, because I have made sizable investments of both time and money into KI games, and it's important to me not just to see MY investments protected, but also those of the people I care about and all of the pirates (and wizards) in the community.

Delay the new world! Stop the Test Realm! Whatever it takes is okay by me - just keep our accounts protected. Thanks for all the work you do!

Pirate Overlord
Mar 10, 2009
6079
Swordroll on Dec 9, 2013 wrote:
I have been reading quite a few threads lately about how people have gotten hacked and, to keep the story short, they're left clueless and banned. At first I thought someone might not be telling the whole story, or that something might have really happened... but after so many of these threads, that'd have to be a lot of coincidences.

I know that both Twitter and Google have implemented features where you must type in your password and then a security code generated each time you log in and sent to your phone. Otherwise, you cannot access the account. This would be very useful for keeping our accounts safer or even for allowing parents to control their children's time in the game.

I believe Google also has another feature that asks your phone if it's okay for a certain IP address to log into your account if they detect it - then the player knows just where it's coming from and can not only block, but properly correct it.

Other services like Yahoo use a photo upload technique - you have a photo specific to your computer that you upload each time you log in. The photo must match for you to be accepted.

I would love a Green-Yellow-Red system that some games use - if we commit an offense (any offense at all, be it a very minor or major one), we are warned. Our "green" account status is changed to yellow. And so on. With each offense, we are permitted to appeal that offense. If an offense is appealed in yellow status, our account returns to green status. If our account lasts a certain number of days (based on the offense) without further offenses, it is changed back to green status. For one, it'd save you all at KI time. The latest thread here reports a string of emails sent over the course of a month that ended in KI stating that they realized that the account in question had been banned. If players don't know what their offenses are, then they can't correct them. By having a system that tells players what they're doing wrong, we're treating the root causes of these infractions - we're educating the people. Without that knowledge, players can't warn us about any it, only leave us confused as to what happened.

To be honest, these are just ideas. I love the concept of connecting the log ins of my account to an external device such as my phone that only I have access to. With the way KI is growing/expanding, and the way people are getting banned and reporting their stories, it has become evident that we need more account security features and a more advanced system for warning players and allowing them to appeal. To me, this trumps anything else in KI gaming right now, because I have made sizable investments of both time and money into KI games, and it's important to me not just to see MY investments protected, but also those of the people I care about and all of the pirates (and wizards) in the community.

Delay the new world! Stop the Test Realm! Whatever it takes is okay by me - just keep our accounts protected. Thanks for all the work you do!
You have some really great ideas here. I see some problems though. Some of the players do not have a cell phone. They are either too young or they are an older player that has not made the jump to cell phones yet or they have one that is not internet or text compatible. Perhaps your picture idea would solve that though.
I do know that on the Sanctions part of the FAQ KingsIsle states that they send an email to the offending account to explain just why they are being banned. I have talked to some muted players (they created a new account) and when I asked them why they were banned they would claim they did not know but upon further query they simply did not care enough to check their email to see what the issue was. One person did not do it because he knew he had committed enough offenses that he knew it had to be one of several things he knew he did but he just didn't care enough to look. It was kind of sad that he just didn't care that he lost all the stuff in his other account. Although I suspect that if it happened enough it would begin to bite his budget. As I was one of the people that had recently reported him for his cussing I knew the reason and I did get him to admit that he knew it was his language and that he was going to edit himself after that even though he was talking tough to everyone else, I could tell that his punishment had had a positive effect on his behavior. They know what they have done despite claims that they have no idea why they are muted or banned.
With the hacking issue, I am all for increasing the security, I just don't want it to be too hard on the young kids that play to use it.

Community Leader
Having more options is not a bad thing.

However IMO most of the indescretions of concern here would not have been curtailed at all with additional security measures, as most are due to users sharing information they are warned not to at the very beginning. I think most claims of outright hacking situations are fiction created to spare ones feelings.

Another interesting aspect is that those most vulnerable to such circumstances probably would not have the resources to utilize the proposed security additions in the first place.

Dr Zeppers (aka Silent Sam Stern)
Piratey parodies I like to make.
I be a crazy pirate for goodness sake!
Artist & Admin of Skull Island TV
Bosun
Oct 26, 2012
374
My Email Security Ideas:
-Every time a "delete player" button is pressed, a message will be sent via email confriming wheter the delete should happen or not. Typing YOHOHO all the time barely has any effect. Email system applies to cancellation of membership as well
-Excessive lost of commonly worn items will also trigger an email.
-Unnatural spending habits will be tracked and emailed to user every 3 months or so.

Pin Per Player idea:
So um many users have brothers and sisters who may tamper with thier personal account, whether it be the curious 6 year old or the raged up sibling. My idea is in order to access a specfic pirate, a PIN or Seperate password should be created in order to acess that account. So lets say in my account I have two pirates: "Scurvy Sister" and "Brawling Brother". Brawling brother does not want Scurvy Sister to play in his account. Therefore he sets a seprate password or pin to activate the account.

3 password system*:
Instead of one password, accounts will now have 2 or 3 passwords. All passwords must be activated in order to play. All passwords cant be similar or exactly the same as the other password.
*Optional feature

Dread Pirate
Jun 17, 2013
2699
Golden Guardian on Dec 11, 2013 wrote:
My Email Security Ideas:
-Every time a "delete player" button is pressed, a message will be sent via email confriming wheter the delete should happen or not. Typing YOHOHO all the time barely has any effect. Email system applies to cancellation of membership as well
-Excessive lost of commonly worn items will also trigger an email.
-Unnatural spending habits will be tracked and emailed to user every 3 months or so.

Pin Per Player idea:
So um many users have brothers and sisters who may tamper with thier personal account, whether it be the curious 6 year old or the raged up sibling. My idea is in order to access a specfic pirate, a PIN or Seperate password should be created in order to acess that account. So lets say in my account I have two pirates: "Scurvy Sister" and "Brawling Brother". Brawling brother does not want Scurvy Sister to play in his account. Therefore he sets a seprate password or pin to activate the account.

3 password system*:
Instead of one password, accounts will now have 2 or 3 passwords. All passwords must be activated in order to play. All passwords cant be similar or exactly the same as the other password.
*Optional feature
I really like the pin per player idea. I have a few different people ,varying in different ages, in my house that use different pirates. The pin would help each player feel secure that fellow family members/residents wouldn't be tampering with their pirates.

In addition to the pin and due to the fact that there may be different aged players in one household (on the same account of course), I believe it should also be possible for the parent or account holder to set the parental controls and text chat options for each individual pirate. This way the individual that is older and allowed to openly chat can do so and the younger players can still have menu chat only or no chat/gifting.

There would be no need to constantly go online and log in, enter master password and set the parental control options for one player and then go back and change the options for the other player. The parent or account holder could go to the options online and individually set each players chat options. This way, for example, a younger player who should have opent chat turned off wouldn't be affected if an older account holder, who had open chat, was the last player logged on (and wasn't there to turn off open chat).

I know this may cause complications at the pirate selection and 'build new pirate' screen but maybe KI could have you enter master password or pin at this screen every time a new pirate is made or an existing pirate is deleted and as you stated- whenever logging on as well. After creating a new pirate a prompt could come up with choice of parental controls for that individual pirate (after confirming master password and/or pin of course). Or maybe by default any new pirates created would have all parental control security features turned on until account holder made changes to them online.

** I think I even just confused myself- hope this made some sense**

Just an early-stage idea of course in addition to yours!

Pirate Overlord
Mar 10, 2009
6079
I really like these ideas. I have a suspicion that they are probably giving the programmers nightmares because we don't really know what we are asking for but our desire to keep each of us safe is a good thing. I just hope it doesn't leave the guys that do the nitty gritty programing with shocked expressions and twitching in their chairs.

Dread Pirate
Jun 17, 2013
2699
Chrissy Th'Blesser on Dec 12, 2013 wrote:
I really like these ideas. I have a suspicion that they are probably giving the programmers nightmares because we don't really know what we are asking for but our desire to keep each of us safe is a good thing. I just hope it doesn't leave the guys that do the nitty gritty programing with shocked expressions and twitching in their chairs.
Yeah, it is far easier for us to say "hey KI, just add this or that to make us feel more secure", as if they don't have enough on there plate already. You paint a vivid portrait- I can just picture them in there chairs now!