Security. In the game of anything tech related, security would be the boss you fight before fighting Lucifer himself. The big question that lies heavy on the minds of the IT guys is: how do you save the consumers, when most of the time their biggest enemy is themselves? People losing their account because their had an easy to guess password, or a keylogger that was not detected due to the lack of properly updated anti-virus software, or the guy who loses his account to the gold farmer he bought power leveling, or the guy who downloaded a rogue cheat application. What about the family member who downloads everything they see on the internet?
Now that MMOs are mainstream, and the black market has hit a point where accounts and items can be worth hundreds if not thousands of dollars online, it’s about time that our developer friends started treating our account security as seriously as our banks do. A simple password doesn’t cut it anymore, and developers must assume that the computer is no longer safe.
You have entered a no dongle zone.
Make Cell Phones, Not Emails.
I voiced my concern for Rift’s Coinlock system out of a simple statement: If Trion admits that 80% of account theft takes place via keyloggers, then allowing your system to be bypassed by the first system to be hacked alongside your account is useless. If you lose your password to a keylogger, odds are your email is lost with it, either through having the same password or by having the separate password logged. As I originally stated, this is akin to having two locks on your door, both opened with the same key. Or, in the latter case, keeping both keys on the same keyring and losing the keyring.
Rather, why not allow the system to go to your cell phone? I’m not talking about smart phones, I don’t have one (although I do own an iPad). I mean simple text messages, which anyone with a cell phone should have. Going by Rift’s coin lock system, rather than having the code be sent to your email address, have the code texted to the phone number linked with your account. Let’s take the system even further, and say that anytime you want to log in from a new computer after the first (I’m a firm believer that the first time after creating your account shouldn’t be a hassle), you would be texted a confirmation key. This would stop someone who has your password from logging in to change your details.
In addition, you will have two separate forms of authentication to send when you log in from a new computer. Public and private. On private setting, the computer is authorized forever. On public setting, for those who use internet cafes, the computer will be authorized until you log out of the account.
In accordance with privacy concerns, the phone number would be treated like your credit card number, and display as (***)***-**46, varying depending on your country. And yes, I understand that there are those of you who don’t have cell phones, or at least cell phones capable of receiving text messages, but those of you with regular phones will also have the option of having a robo-call send you the code as a phone call. Think of how many people, using this method alone, would be protected from their accounts being stolen. Until Trion can give me an exact figure as to how many people also had their cell phones stolen with their Rift account, I’m going to go on a limb and say that (apart from social engineering) there is no way to hack this.
“Speaking of social engineering, what happens if I get drunk and my cell phone decides to take a bath in the punch bowl…that is to say, what happens if I lean over the altar too far in church and my cell phone (which was off because I’d never text in church) breaks against the Jesus statue? Yea…That’s the one.”
Good thing you asked. When you link your phone, you’ll be initially texted a code. If for any reason you have to change your phone number, you text that code from the new cell phone, and your new phone will be automatically set up. Of course, if you don’t want to pay the fee (if you don’t have unlimited texting), your computer should be authorized anyway to change your account details, so you’ll be able to log in and do it from your computer, without the need for the code.
I know what at least one developer would think when they read this. “Omali, setting up these texting services can get expensive.” Which is more expensive, sending texts or having to pay customer service to deal with each person individually when they lose their account, and the people who quit because of your backed up CS department? The texting service is automated, your CS workers require paychecks.
So there you have it. If you are online and carry a cell phone capable of texting, you can secure your account for the low, low price of twenty cents (without a texting plan, I believe that’s how much it costs).
So What Is The Conclusion?
The end result of this project is to create a system that separates the recovery from the PC, which means that email is no longer an option. My idea takes the authenticator system and expands upon it by including everyone who has a phone, not just those who have a smart phone capable of running a compatible app. The texts are 100% optional, and is ultimately a better system than the authenticator, which relies on a static algorithm that, although incredibly difficult, could theoretically be cracked.
I would like to note that this is a very basic draft of my idea, and there is like a workaround that I haven’t thought of. Another factor I’m aware of is using this to grief, such as a group of people finding a person’s account name/password and spamming their cell phone with the aim of racking up a lot of charges or using up their prepaid time. One method to combat would be to require the person to know their phone number in order to send the activation code, but the person would type it in via an onscreen keypad to combat keyloggers.
Ultimately, I posted this up to get feedback, and the sole intention is for you all to puncture holes in my theory. So, go ahead. Give me all you’ve got.