11-08-2005, 05:17 AM
|
Registered User
|
|
Join Date: Dec 2002
Posts: 978
|
|
I think it would be prudent to add a security check at log in, that ran on the server. Basically, if one IP and/or client app ID logs in to 3 or more accounts within a short interval, the server would scan the three accessed accounts for that IP in their log histories. If the IP is new, then it should email staff of a possible abuse. It wouldn't have taken staff very long to realize the activity (going from many to no items in short time of play) was more than a little suspicious.
Also, it should be very easy for the server to recognize when one IP address is attempting and failing to log into multiple different accounts. That should be an easy red flag to raise.
It is not really graal's responsibility - graal security verified the correct account/passwords afterall, and safeguarding the password is the user's responsibility - but it would be a nice added level of security, and discourage people from attempting phishing in the future. |
__________________
Woodsman Padren Talisan Sagesun (Dustari)
Graal Kingdoms
"Uh, Professor, are we even allowed in the Forbidden Zone?"
"Why, of course! It's just a name, like the Death Zone or the Zone of No Return. All the zones have names like that in the Galaxy of Terror."
|
|
|