forum passwords

    This site uses cookies. By continuing to browse this site, you are agreeing to our Cookie Policy.

    • forum passwords

      I just registered for the forum in CoN. I have only one complaint. The password requirements are too stringent!

      When I signed up for CoW's forum a couple years ago, and with all other Bytro games, I never faced having to make a password with both lower and uppercase letters as well as numbers.

      This is only a game forum. Why would anyone want to take it so seriously? If one fears that their precious account needs more security, they can choose to make their password more complex. But let's face it...most people playing this game that actually bother to make a forum account aren't exactly dealing with anything worth protecting. That I'm supposed to create a login that's as secure as a bank account is ridiculous.

      It's a frickin' game, folks!
      Will Swirl ever be freed?
    • Hello

      I disagree with you, every account should be protected with a good password so it doesn't happend that someone gets into your account and starts posting stuff that are agaisnt the rules to get you banned from the forums, Later on for example you will tell us you got hacked, with no proof and we might not be able to help you, depends on the situation.

      I've experienced myself being hacked once on another game, i got banned, luckely just luckely i got unbanned, i had no proof of being hacked or anything like that, after that i've tried to do my passwords better.
      and don't think "That will probably not happend me, just happends to others" i thought that too until i got hacked.
      Have a nice day
      Mathex319

      Conflict of Nations - EN Game Operator
      Conflict of Nations - PL Team Leader
      Call of War - EN Senior Game Operator
      Thirty Kingdoms - PL Main Administrator
    • Diabolical wrote:

      I just registered for the forum in CoN. I have only one complaint. The password requirements are too stringent!

      When I signed up for CoW's forum a couple years ago, and with all other Bytro games, I never faced having to make a password with both lower and uppercase letters as well as numbers.

      This is only a game forum. Why would anyone want to take it so seriously? If one fears that their precious account needs more security, they can choose to make their password more complex. But let's face it...most people playing this game that actually bother to make a forum account aren't exactly dealing with anything worth protecting. That I'm supposed to create a login that's as secure as a bank account is ridiculous.

      It's a frickin' game, folks!
      With today's tech it's become the norm to use uppercase and lowercase characters in a password, as brute force and similar attacks have become computationally affordable given the time. None the less we understand how frustrating this can be and we have removed some restrictions on password verification.

      matmanmax6 wrote:


      An example of a good password is:
      Display Spoiler
      CoNplayer1990

      While I do agree a mix of uppercase and lowercase characters are nice, such a password is still susceptible to a dictionary attack. It is best to avoid dictionary words altogether for maximum security, including birth years. But I do agree, a mix of numerical and uppercase/lowercase characters is the best way to go.
      Dorado Games
      Conflict Of Nations

    • matmanmax6 wrote:

      While password sensitivity can be annoying, i do think it is necessary.
      Since joining the Fire Service and being given access to staff portal's etc, I have actually changed all of my other passwords to be more sensitive. This way I feel comfortable with what im using, and I keep it easy to remember.
      An example of a good password is:
      Display Spoiler
      CoNplayer1990

      That's an OK password, not a really secure one, though. This is an example of a secure password:

      JoHnson.lyNdon265%PrezIs

      Secure for a number of reasons:
      1. Length - 23 characters.
      2. Use of numbers and other signs (%)
      3. Use of punctuation
      4. Random caps spread throughout.
      5. Incorrect order of words (very important!).


      #GoForThe18th
    • All of you clearly fall under the heading of "annoyances are out-weighed by security concerns". Frankly, while I do endorse the idea of not using easy to guess passwords, the idea of high complexity is a novel concept that was disproven long ago with the onset of the key-logger and the brute-force attacks. Both methods make passwords utterly useless in all cases. While there are more novel methods of hacking an account, a brute force attack is usual doable for most non-monetary account access.

      The real purpose of a password is only to prevent casual users from having unauthorized use of their account by other casual users. Hackers and the like are not -- and never were -- deterred by passwords. I use different passwords based on the importance of the account. For some simple accounts, i.e., an a forum account where there is no censoring, I might use a very simple password. Whereas, somewhere I don't want anyone to access without trying really hard, I would employ a more complex password. OK, that's the way it should be, I suppose.

      However, think about how many dozens of accounts a casual user may have throughout the Internet. Besides using something very complex for online banking, they are being forced to make unique passwords for many of their sites. And everyone knows that the so-called experts say never to use the same password for different sites. That, of course, is the most useless advice one could give anyone that has more than a handful of different accounts for things out there.

      Most people who try to have unique accounts usually wind up forgetting half of them and anytime they try to access their account they wind up having to have the password reset. And many sites out there now try to make you not reuse old passwords...a good thing and yet a disastrous thing. You see, the more you have to change your passwords, the harder it is to remember them. And if you write them down somewhere and someone gets ahold of that, then you've basically given away the store.

      That is why I make a completely different recommendation concerning password security. Given my decades of experience in the industry, I tell others that they should only keep a very short list of passwords. Each password is not site-unique, however, each is site-type-unique. In other words, use a simple password for casual stuff, a more complex password for important stuff, and a very complex password for bio-metrics and banking stuff. Perhaps have more than one of the very complex passwords. However, in the case of all of your passwords, it is helpful to create a pattern that only you know.

      For example, a pattern for a medium-level password may include the following requirements:

      1. Always use the same core word, e.g., "irony".
      2. Always use the same key combo of special characters before (or after) the core word, e.g., "&&%"; i.e., "irony&&%"
      3. Always use the same series of numbers, e.g., "321"; i.e., "irony&&%321", "irony&&%322:, "irony&&%323", etc., such that if you forget your password because of some forced reset, you can always test another in the same sequence (e.g., "56" vs. "55").

      If you want to mix up the rules to something you like, vary the special characters instead of the numbers, maybe, e.g., "%^&" (which is SHIFT+567), then the next set would be "^&*" (which is SHIFT+678), etc.

      If one stays to this type of password reasoning and usage, they can keep their accounts secured against most attacks (except brute-force). I've been using the Internet and had accounts throughout since the early nineties, and after years of experience, I came up with this general mentality and I maintain a formula for all my passwords. As of yet, except where special requirements are made by the site, I have very rarely had need to change any of my passwords or forgotten how to recover them since using my own personal passwords formula.

      Also, since there are some sites out there that do have very stringent password requirements (justifiably, I suppose), it may help to make your password formula one that includes a way to remember the ridiculously-long passwords.

      On a side-note. The only time I have every had any of my accounts hacked in all these years was due to a brute-force attack from someone in Russia who routed their attack through a mid-western USA server. The attack was on my Steam account and it literally took me two years of on-again-off-again attempts to convince Steam to reset the password and recognize me. Frankly, the original password was indeed too lowly secure. That is because, at the time I created the account (when Steam was new), I never dreamed that a website that I only used for multi-player access of some of my store-bought games would become the monstrosity that it is today with everything being routed through them, including software purchases.

      Even though it took a long while to secure my account, the person that originally hacked it gave it up a long time before I regained it since I had never made any purchases through it and so he couldn't get any free stuff. (I used to hate Steam and only tolerated it for the multi-player access.)

      So, moral of the story is that you should only secure your accounts to a reasonable level and not worry about getting kicked or something. If someone does hack your gaming account, you can just make another, no big deal, and then track down the moron that got into your original account and show the game operators how they are using the wrong IP address to make their submissions or plays.

      Believe it or not, if you read all the way down to hear, you can get the super short summation which is this: account recovery in a Bytro/Dorado game is super easy to do IF you have a reputation and/or more than a few weeks of playing history (thanks to your IP address).
      Will Swirl ever be freed?
    • Diabolical wrote:

      I was shocked to find out that the forum editor actually censors words. I thought that was the job of the moderators.

      Yet again, I am deeply disappointed in the dev team.
      We do have some censored words, yes.
      If you find any that you think shouldn't be there, you're welcome to contact a staff member, and we'll see if it needs to be removed.
      Aeblemost
      Community Coordinator
      Conflict Of Nations | Dorado Games