Official Everybody Edits Forums

Do you think I could just leave this part blank and it'd be okay? We're just going to replace the whole thing with a header image anyway, right?

You are not logged in.

#1 2016-12-17 17:45:38, last edited by Anatoly (2016-12-17 17:53:45)

Anatoly
Guest

Password Protection

Login (Password Require)
Password Settings

I have heard many users' accidently made their acount public, and usually changing password is late. Many users have public computers; so Everybody Edits is accessible for strangers, some users' sisters and brother play EE; but it is your acount! Password Protecting your acount could save from being Crews deleted; Gems used/ sold. The point of this could be also useful for videos: You don't always want to show YouTube your gems count, or etc.; If you will change the root password (which is needed to login), the second protect will disappear: Also you could save World & Edit Management: Not even you can edit Worlds without that password (same with commands). You can skip the Alert on the login; but you won't be able to use the features protected by the creator of the acount.

In the 2nd spoiler you see 3 boxes; maybe add categories or something...

What protections i want to present?
  • Gems Management (Use of Gems in Shop; redeeing Gem Codes)

  • Energy Access (Use of Energy in Shop)

  • Crew Management (Can't accept crew invites/ exit crews/ or create manage crews in shop/ or manage crews anyhow.)

  • World Management (Can't manage worlds (clear => save))

  • Friend Management (The managing of your Friend List (invisible, too))

  • Playing Access (The disabling of playing Campaigns or normal Worlds (Open Worlds can be executed))

  • Chat Access (No ability to chat (only PMing Admins and Mods))

  • Liking/ Favourited Lock (Lock the ability to like or favourite others worlds)

  • Super Lock (Locks the entire password from being runned without the Protection password)

*Bold Locks are Ultimate
*Italic Locks are Beta Only (Because it's not really necessary)

Time delay

You could also specify the delay of how long the acount will be unlocked after the password enter (Immediately after leave; 1 hour; 6 hours; 1 day; 3 days; 1 week; ...)

#2 2016-12-17 17:47:24

Jorc
Member
From: Petoria
Joined: 2016-03-20
Posts: 1,351

Re: Password Protection

We have a button called changing passwords, for people can't use his/her account. .-.

Offline

#3 2016-12-17 17:48:56, last edited by drunkbnu (2016-12-24 20:33:25)

drunkbnu
Formerly HG
Joined: 2017-08-16
Posts: 2,306

Re: Password Protection

IamJoranasC wrote:

We have a button called changing passwords, for people can't use his/her account. .-.

Even if you change your password, someone that is still logged in can mess up with it.

This suggestion is about adding an extra security layer. What we need is a 2-factor authorization, a code being sent to your phone or your e-mail.

Offline

Wooted by: (5)

#4 2016-12-17 17:52:30

Anatoly
Guest

Re: Password Protection

Added to my Graphics List

IamJoranasC wrote:

We have a button called changing passwords, for people can't use his/her account. .-.

As HG mentioned above; i accidently posted my acount data (No source for you!!) but any player who had login so far could destroy my acount: That's why we need a 2nd password for super protecting your acount (but if you tell this password; there is nothing to do with you; also i added to Op, that delay after logging should be specified)

#5 2016-12-17 18:45:08

Gosha
Member
From: Russia
Joined: 2015-03-15
Posts: 6,202

Re: Password Protection

z8UbTO9.png

Unlock count pls //forums.everybodyedits.com/img/smilies/sad

Offline

Wooted by: (3)

#6 2016-12-17 18:52:32

TaskManager
Formerly maxi123
From: i really should update this
Joined: 2015-03-01
Posts: 9,457

Re: Password Protection

2-factor authorization you say? i suggest we add a fingerprint scanner or an eye scanner plus a 2048 character passcode stored on a USB stick that has to be plugged in to log into your account
as for a simple 2D flash game it's mandatory for EE to have extremely robust and secure account protection system. who knows what happens if you get hacked! and if someone breaks into your account a SWAT team will be sent to the evildoer's house.

serious talk though,

AnatolyEE wrote:

I have heard many users' accidently made their acount public

how in the world does one make their account public accidentally?

AnatolyEE wrote:

Many users have public computers; so Everybody Edits is accessible for strangers, some users' sisters and brother play EE; but it is your acount!

the solution is simple, just log out and dont use the "remember me" function (im actually not sure if EE login has that because i input my p/w and email once a month at max)


indeed, if you lose your account in some magic way then the "hacker" might do some no-no things to your worlds and your gems
but it is not a reason to implement lots of passwords and time locks or a pentagon-level security system; for this simple game it is just not worth it


i8SwC8p.png
signature by HG, profile picture by bluecloud, thank!!
previous signature by drstereos

Offline

Wooted by:

#7 2016-12-17 19:02:02, last edited by drunkbnu (2016-12-17 19:04:38)

drunkbnu
Formerly HG
Joined: 2017-08-16
Posts: 2,306

Re: Password Protection

maxi123 wrote:

AnatolyEE
I have heard many users' accidently made their acount public
how in the world does one make their account public accidentally?

He accidentally posted his account details in his bot source code which I then stole to clear his worlds and delete his friends.

*jk*

maxi123 wrote:

indeed, if you lose your account in some magic way then the "hacker" might do some no-no things to your worlds and your gems
but it is not a reason to implement lots of passwords and time locks or a pentagon-level security system; for this simple game it is just not worth it

It is not worth it that your account with big spender and diamonds gets permanently banned because a hacker messed up with it

Offline

Wooted by:

#8 2016-12-17 19:50:43, last edited by Anatoly (2016-12-17 19:53:07)

Anatoly
Guest

Re: Password Protection

It's always funny when OP takes his time to do graphics, but 3rd post gets all woots //forums.everybodyedits.com/img/smilies/big_smile

EDIT: Did you see in Login screen, that you can't see the amount of gems?

#9 2016-12-18 02:52:40, last edited by Slabdrill (2016-12-18 03:05:44)

Slabdrill
Formerly 12345678908642
From: canada
Joined: 2015-08-15
Posts: 3,402
Website

Re: Password Protection

I'd just suggest (for that list you made)
changing either password requires use of this second password. this is not disable-able, unless you simply didn't set one.
Gems - Spending of gems/seeing/redeeming gem codes
World Options - Using world options or owner commands in any worlds
Crews - "world management", "user management" (except the immunity to other user managers), and "rank management" (except the immunity to other rank managers) roles in crews, as well as leaving crews.
Friends - Accepting friends, modifying the blocked list, removing friends (declining a pending request is fine), changing if people can send friend requests or not
Favorites - Modifying the favorites list
Chat/Edit - Chat and editing in any worlds, and the "Change Username" option in the shop.
World joining - Joining any worlds.
Visibility - If "Gems" is enabled, gem count being shown. If "Friends" is enabled, friends tab being shown. If "Favorites" is enabled, favorites tab/lit favorites icon in worlds being shown. If "Chat/Edit" is enabled, visibility of chat. If profile is private, appearance of non-lobbytrue worlds.


Nothing else is needed.


suddenly random sig change

Offline

#10 2016-12-18 03:08:41

TaskManager
Formerly maxi123
From: i really should update this
Joined: 2015-03-01
Posts: 9,457

Re: Password Protection

HG wrote:

It is not worth it that your account with big spender and diamonds gets permanently banned because a hacker messed up with it

1) you're an idiot if you spent a lot of money on your account and then somehow gave the password away
2) apparently ban appeals exist or at least should exist if your account can get banned because it has been hacked


i8SwC8p.png
signature by HG, profile picture by bluecloud, thank!!
previous signature by drstereos

Offline

#11 2016-12-18 03:51:49

mrjawapa
Corn Man 🌽
From: Ohio, USA
Joined: 2015-02-15
Posts: 5,840
Website

Re: Password Protection

HG wrote:

What we need is a 2-factor authorization.

Not that security doesn't matter, but y'know... it's just a smiley face game.


Discord: jawp#5123

Offline

#12 2016-12-18 04:10:33

AlphaJon
Member
From: Who knows
Joined: 2015-07-21
Posts: 1,297

Re: Password Protection

How I read the OP (and still do):
Hi, here's this suggestion so that we can make shared accounts while controlling their stuff

Offline

Wooted by:

#13 2016-12-18 05:42:58

Krosis
Formerly Arkonagames
Joined: 2015-06-17
Posts: 2,279
Website

Re: Password Protection

That's too many customization, it would be nice for games like CS:GO where your account can have a value of thousands of dollars
better thing to do would be an option to add a safeguard question like ''what was your first job'' or ''what is your favourite animal'' and a box to answer this, so even if you let your account logged and somebody enters your computer, they would need to type this 2nd password to unlock the account


Krosis.gif

Offline

Wooted by:

#14 2016-12-18 08:14:22

Different55
Forum Admin
Joined: 2015-02-07
Posts: 16,572

Re: Password Protection

maxi123 wrote:

how in the world does one make their account public accidentally?

If I had a dollar for every time I've accidentally posted a password on IRC I'd have like 5 dollars.


"Sometimes failing a leap of faith is better than inching forward"
- ShinsukeIto

Offline

#15 2016-12-18 09:11:17

Anatoly
Guest

Re: Password Protection

Different55 wrote:
maxi123 wrote:

how in the world does one make their account public accidentally?

If I had a dollar for every time I've accidentally posted a password on IRC I'd have like 5 dollars.

But in the reality you have 0 dolllars, because nobody spends for you!

#16 2016-12-18 12:15:06

XxAtillaxX
Member
Joined: 2015-11-28
Posts: 4,202

Re: Password Protection

Wow, another completely useless suggestion! If you don't want your sibling(s) to have access to your account, don't give them your password.

HG wrote:

Even if you change your password, someone that is still logged in can mess up with it.

It is the fault of Player.IO that player-tokens do not expire after changing passwords, so this should be suggested on their forums instead.


signature.png
*u stinky*

Offline

Wooted by: (2)

#17 2016-12-22 15:25:42

Anatoly
Guest

Re: Password Protection

Bump
XxAtillaxX wrote:

Wow, another completely useless suggestion! If you don't want your sibling(s) to have access to your account, don't give them your password.

HG wrote:

Even if you change your password, someone that is still logged in can mess up with it.

It is the fault of Player.IO that player-tokens do not expire after changing passwords, so this should be suggested on their forums instead.

^ That's the point to add this.

#18 2018-01-03 17:31:11

LukeM
Member
From: England
Joined: 2016-06-03
Posts: 3,009
Website

Re: Password Protection

For the other people using the same computer thing, theres a remember me button for a reason (although it would probably be best for it to be off by default)

As for the accidentally sharing account thing, I have a rule to never write down / type my password (other than logging in ofc), which means you cant accidentally show it / share it / whatever

Offline

#19 2018-01-03 17:47:33

Slabdrill
Formerly 12345678908642
From: canada
Joined: 2015-08-15
Posts: 3,402
Website

Re: Password Protection

LukeM wrote:

As for the accidentally sharing account thing, I have a rule to never write down / type my password (other than logging in ofc), which means you cant accidentally show it / share it / whatever

sometimes i accidentally type my password in the "username" section (...On a public computer where people could totally see the screen if they wanted to. Good thing they don't I guess)


suddenly random sig change

Offline

#20 2018-01-03 17:57:09

realmaster42
Formerly marcoantonimsantos
From: ̍̍̍̍̍̍̍̍̍̍̍̍̍̍̍̍̍̍̍̍̍̍̍̍̍̍̍̍̍
Joined: 2015-02-20
Posts: 1,380
Website

Re: Password Protection

Why not make log out disconnect all sessions instead? Would be useful in case you can login and know somebody is on your account, even though you changed password.

And why not have some sort of server protection that checks if different IPs are accessing the same account, that then asks the user to verify X IP?


http://i.imgur.com/bjvgH5L.png?1

Offline

#21 2018-01-03 18:06:13

LukeM
Member
From: England
Joined: 2016-06-03
Posts: 3,009
Website

Re: Password Protection

realmaster42 wrote:

Why not make log out disconnect all sessions instead? Would be useful in case you can login and know somebody is on your account, even though you changed password.

And why not have some sort of server protection that checks if different IPs are accessing the same account, that then asks the user to verify X IP?

I dont think EE can do this sort of thing... It would have to be PlayerIO

And if PlayerIO has to do it, they might as well just make changing your password invalidate all other sessions instead

Offline

#22 2018-01-03 19:07:31

Joeyc
Guest

Re: Password Protection

Just add a pin code //forums.everybodyedits.com/img/smilies/tongue

Write it down or something.

Joeyc1515002851690204

Board footer

Powered by FluxBB

[ Started around 1711628615.7029 - Generated in 0.120 seconds, 12 queries executed - Memory usage: 1.78 MiB (Peak: 2.04 MiB) ]