Forums
First  << 1  2  3  4  5  6 >>  Last
Forum Main>>Announcements>> Save password
Super secret reinforced spam barrier 2.0
Foss

ID: 115302
Level: 63
Posts: 37
Score: 6
Foss [115302]Reply | Quote | Report

Posted on Mon Nov 19, 2007 11:58:08
I can think of many other names to call him, but most people would find a lot of them offensive, cos I've never had ANY of my ID's anywhere hacked before. Therefore I tend to agree with what FP says above, and I am very offended by those stupid people who call me lazy!!

Super secret reinforced spam barrier 2.0

ID:
Level:
Posts:
Score:
 []Edit | Reply | Quote | Report

Posted on Mon Nov 19, 2007 11:58:54
nice one, a bit more secrutity

Super secret reinforced spam barrier 2.0

ID:
Level:
Posts:
Score:
 []Edit | Reply | Quote | Report

Posted on Mon Nov 19, 2007 12:24:08
I can think of many other names to call him, but most people would find a lot of them offensive, cos I've never had ANY of my ID's anywhere hacked before. Therefore I tend to agree with what FP says above, and I am very offended by those stupid people who call me lazy!!






Gotta agree.

Super secret reinforced spam barrier 2.0
233886

ID: 233886
Level: 90
Posts: 802
Score: 250
233886 [233886]Reply | Quote | Report

Posted on Mon Nov 19, 2007 12:37:24
lazy folks? ; )



Super secret reinforced spam barrier 2.0
ginger_snaps
ID: 34572
Level: 38
Posts: 53
Score: 0
ginger_snaps [34572]Reply | Quote | Report

Posted on Mon Nov 19, 2007 12:48:20
can it not save user name as some of us havent used it in three years:p

gingersigfinal.jpg
xbox360owner.jpg
Super secret reinforced spam barrier 2.0
Odomus

ID: 451983
Level: 49
Posts: 203
Score: 4
Odomus [451983]Reply | Quote | Report

Posted on Mon Nov 19, 2007 13:00:30
Actually, Typing it in depending on the Keylogger, if there really is one on the person computer doesnt usually record the ones that are already saved in the encrypted pw file from IE, it will log keystrokes not autocompleted things. Also, still right as of this moment, mine still uato completes it and puts it in. So you really need to correct it, then if this is true for the new people putting it in, cause if it changed already, I am still able to do this. It saves time on typing in my bajillion character PW for myself as somone else pointed out use SSL if you want it more secure, it is safer, and is not hard to implelment at all if you are having problems in this area. Other than that I do no see a need, unless user side the person already has a keylogger infested in their comptuer. If this is true then they need to learn to invest in antivirus software of their choice, not come complaining to the staff here saying their accounts got hacked cause they are to dumb to invest in something that will save their accounts on any service they have an account with.

Super secret reinforced spam barrier 2.0
SoulRanger
ID: 297786
Level: 52
Posts: 11393
Score: 5
SoulRanger [297786]Reply | Quote | Report

Posted on Mon Nov 19, 2007 13:02:14
It doesn't matter at all:)

starsigdm0.png
Super secret reinforced spam barrier 2.0
somedude

ID: 271181
Level: 63
Posts: 209
Score: 28
SUNsomedude [271181]Reply | Quote | Report

Posted on Mon Nov 19, 2007 13:12:05
i use firefox, it still works, yay

Super secret reinforced spam barrier 2.0
MisterX

ID: 260024
Level: 46
Posts: 2477
Score: 6
GA™MisterX [260024]Reply | Quote | Report

Posted on Mon Nov 19, 2007 13:58:06
Save

are you drunk?

policesig.jpg
Super secret reinforced spam barrier 2.0
Vali
ID: 170557
Level: 37
Posts: 55
Score: 0
Vali [170557]Reply | Quote | Report

Posted on Mon Nov 19, 2007 14:01:34
passwords are not case sensitive. this is a problem.

Super secret reinforced spam barrier 2.0
JaXC-1911
ID: 313786
Level: 36
Posts: 355
Score: 18
JaXC-1911 [313786]Reply | Quote | Report

Posted on Mon Nov 19, 2007 14:01:50
atleast now wen i log in at skool i dont hav 2 worry about accidently savin my password

space-1.gif
Super secret reinforced spam barrier 2.0
-RickJames
ID: 339896
Level: 22
Posts: 40
Score: 0
-RickJames [339896]Reply | Quote | Report

Posted on Mon Nov 19, 2007 14:25:37
IE security issues


Familiar much?
Use FireFox

Super secret reinforced spam barrier 2.0
aurigus
ID: 37524
Level: 45
Posts: 921
Score: 231
aurigus [37524]Reply | Quote | Report

Posted on Mon Nov 19, 2007 14:51:40
Hello,

I just wanted to address a few of these issues and what they may have been. I have a lot of time invested in IT Security and issues relating to this.

For those who are curious, there are 2 password saving methods at work here.

The first is the browser saving the username/password in the form fields. This is browser dependent and there is no way TornCity can turn this off. Firefox saves this, as does IE (if you have not turned this feature off).

The second is the cookie session based method. This method stores a browser based cookie which in effect says you are currently "logged in" on the site. This is still saved on your PC even now, because it is what validates you are logged in.

The problem with the current authentication method is that your password is stored in PLAIN TEXT within this cookie. This normally does not mean anything, but if your cookie session is available to other users, such as in a shared system, then your TornCity username and password is viewable to anyone with access to your cookie folder.

Also, this also leaves the problem of cookie stealing. Cookies can only be read from TornCity.com. This is not typically a problem but if TornCity would ever allow javascript or flash to be served from its domain, then it would effectively allow stealing of this password.

The solution? The login system needs a few small changes.

To the programmers (is0, ched, Davz, etc...)

Never pass the password in plain text, especially over an unencrypted HTTP connection!

This password should be hashed before it is sent to the server. MD5 hash will work fine. The password should be hashed to MD5 before it is placed in your database. If it is not stored in an encrypted form, please change that

The MD5 password sent from the browser to the server, and saved in the cookie, will not be able to be converted to a password. It does make it brute-forcible but it makes it much harder to guess it. To make it even harder, add a HASH to the password before it is MD5summed. This encrypted string is then compared to the encrypted password string in the database. You can then grant login/cookie storage.

Anyway... sorry for the geekiness but I wanted to provide a solution to the problems you are likely having

And again, I am just taking an educated guess at how the authentication method works on TornCity, so feel free to ignore this post if I am totally off base. Feel free to MSG me with any questions.


Edited by: aurigus on 19/11/07 at 3:01:40 PM



Super secret reinforced spam barrier 2.0
Rolo
ID: 370000
Level: 33
Posts: 3769
Score: -4
420Rolo [370000]Reply | Quote | Report

Posted on Mon Nov 19, 2007 15:20:30
O well i guess it will only take me a little bit longer!!!

Super secret reinforced spam barrier 2.0
Hell_Unleasher

ID: 281516
Level: 50
Posts: 530
Score: 11
Hell_Unleasher [281516]Reply | Quote | Report

Posted on Mon Nov 19, 2007 15:24:53
Once again, due to IE security issues the save password option has been removed. We feel it is too much of a risk to your accounts.

I'm afraid the lazy folks will have to type their own passwords in. You may be able to use your browser to save your details.

Maybe it will return - When we can find a safe way to do this.

Thanks.


Edited by: Chedburn on 19/11/07 at 9:46:39 AM


Sorry Ched but this has already been talked about.
I only use my PC and my CELLPHONE, specially on the cellphone it's a horrible to re-write my password..

Assinatura.jpg
Super secret reinforced spam barrier 2.0
MrJohnnyTorrio

ID: 88497
Level: 55
Posts: 1015
Score: 380
TuS™MrJohnnyTorrio [88497]Reply | Quote | Report

Posted on Mon Nov 19, 2007 15:34:41
well alright

but could you maybe at least let it remember/save just the username so all I have to type in is mah password?

moneypitmrjidyq3.jpg
Super secret reinforced spam barrier 2.0
ChihayaKisaragi
ID: 533752
Level: 39
Posts: 27
Score: 2
ChihayaKisaragi [533752]Reply | Quote | Report

Posted on Mon Nov 19, 2007 15:50:04
Yeah i like it

Super secret reinforced spam barrier 2.0
Eliott

ID: 493481
Level: 55
Posts: 8392
Score: 2222
Eliott [493481]Reply | Quote | Report

Posted on Mon Nov 19, 2007 15:56:08
no problem for my PC with FF but its a right pain in the arse with my phone. Especially as I have to press a number of buttons first before I can enter text in English with it.

72b2b06e-63c4-5447-493481.gif
Super secret reinforced spam barrier 2.0
mooseisloose
ID: 98758
Level: 25
Posts: 1328
Score: 1
mooseisloose [98758]Reply | Quote | Report

Posted on Mon Nov 19, 2007 16:17:44
surely a coder.... or ALL of them, can add a safe way to do it right now within minutes? its sooooooooo frustrating for those of us that have a superlong password and login loads and loads everyday



Super secret reinforced spam barrier 2.0
aurigus
ID: 37524
Level: 45
Posts: 921
Score: 231
aurigus [37524]Reply | Quote | Report

Posted on Mon Nov 19, 2007 16:23:17
You can still have your browser save your password so that it will be auto filled when you visit the page. You just have to hit "login"
Firefox, IE, and Opera all have this feature.



Super secret reinforced spam barrier 2.0
Addicted_
ID: 166423
Level: 53
Posts: 1208
Score: 65
Addicted_ [166423]Reply | Quote | Report

Posted on Mon Nov 19, 2007 16:34:57
good that u take care for us lol

http://yakushiji.mybrute.com
Super secret reinforced spam barrier 2.0
pwdrin
ID: 73624
Level: 28
Posts: 225
Score: 0
pwdrin [73624]Reply | Quote | Report

Posted on Mon Nov 19, 2007 16:47:19
Thank god to firefox!!

Super secret reinforced spam barrier 2.0
Greenfingers

ID: 44394
Level: 74
Posts: 2125
Score: 43
 JFRGreenfingers [44394]Reply | Quote | Report

Posted on Mon Nov 19, 2007 17:15:08
Its not 'lazy people' - its people like me who can only play during the day from a mobile phone. Its a PITA having to resubmit a username and password every time then.

Anyway who still uses IE?! Firefox on the PC and Opera on my mobile phone!


TC_Green3.jpg
Super secret reinforced spam barrier 2.0
llama
ID: 570987
Level: 40
Posts: 263
Score: -43
llama [570987]Reply | Quote | Report

Posted on Mon Nov 19, 2007 17:16:21
long live fire fox

xTCANNONx.png
Super secret reinforced spam barrier 2.0
Shaolin

ID: 2764
Level: 56
Posts: 1292
Score: 110
    Shaolin [2764]Reply | Quote | Report

Posted on Mon Nov 19, 2007 17:23:41
No biggy, at least it is safer

Forever remember the good times Cydnee.

24_slash.jpg
Super secret reinforced spam barrier 2.0

ID:
Level:
Posts:
Score:
 []Edit | Reply | Quote | Report

Posted on Mon Nov 19, 2007 17:29:35
Us lazy folks hate you now.

Super secret reinforced spam barrier 2.0
fazi000000

ID: 189986
Level: 61
Posts: 149
Score: 20
-UR-fazi000000 [189986]Reply | Quote | Report

Posted on Mon Nov 19, 2007 17:45:50
surely a coder.... or ALL of them, can add a safe way to do it right now within minutes? its sooooooooo frustrating for those of us that have a superlong password and login loads and loads everyday

all you have to do is turn on auto cmplete in IE and you dont have to tipe to much.

Super secret reinforced spam barrier 2.0

ID:
Level:
Posts:
Score:
 []Edit | Reply | Quote | Report

Posted on Mon Nov 19, 2007 17:51:11
:( im one of the lazy people!!!!

Super secret reinforced spam barrier 2.0
Woof
ID: 422142
Level: 40
Posts: 230
Score: 1
GA™Woof [422142]Reply | Quote | Report

Posted on Mon Nov 19, 2007 17:59:14
" ie security issues" LOL

i use firefox to save my passwords anyway

Super secret reinforced spam barrier 2.0
LOOMAMEES

ID: 455926
Level: 40
Posts: 571
Score: 139
LOOMAMEES [455926]Reply | Quote | Report

Posted on Mon Nov 19, 2007 18:05:47
HEHEE mozzila saved it and i am one of those lazy ppl

2e0obkh.jpg
Forum Main>>Announcements>> Save password
First  << 1  2  3  4  5  6 >>  Last

This thread has been locked.