| . : News : . | . : Message of the Week : . |
You are currently viewing an archive of the Wilderness Guardians clan's IPB1 forums.
These forums were used by WG from 2008 to 2011, and now exist for historical and achival purposes only. For the clan's current forums, CLICK HERE. |
"You are a Wilderness Guardian. That northern wasteland; that land of blood, desolation and death is your dominion. Tonight we are going home." ~His Lordship |
|---|---|---|
| War Alert: OFF | Raid Alert: OFF | |
PM a WG Official |
||
Posted: March 6, 2009 11:43 pm  | |||||
      IRC Nickname: Rage|Mike Group: Clan Friend Posts: 1948 Member No.: 1238 Joined: July 29, 2008 Total Events Attended: 132    | Right so basically there is an anti spying technique used to combat Brute force and related password guessing programs. It's very simple: Making log-in names unique while keeping display names the same. Lots of clans started doing this lately (Some did it in the past, but more than ever now). I suggest we make it mandatory for every WG member rank on these forums to ensure better security, and we should also ask the new apps to PM a council a new login name they choose instead of their RSN. --------------------  MSN: [email protected] IRC: Rage|Mike at SwiftIRC and SeersIRC Drop me a comment, click to view my RSC profile! Proud to be ex-Wilderness Guardian.  | ||||
Posted: March 6, 2009 11:45 pm | |||||
 IRC Nickname: Gorgemaster Group: Elite Guardian Posts: 9840 Member No.: 3 Joined: December 26, 2007 Total Events Attended: 540 | How would you do this? Sorry, i'm confused- isn't the log in name the same as the display name. Or can you change that setting? --------------------    | ||||
Posted: March 6, 2009 11:45 pm | |||||
| IRC Nickname: Rage|Mike Group: Clan Friend Posts: 1948 Member No.: 1238 Joined: July 29, 2008 Total Events Attended: 132 |
Trying logging out and clicking the register button, you'll see what I mean  -------------------- MSN: [email protected] IRC: Rage|Mike at SwiftIRC and SeersIRC Drop me a comment, click to view my RSC profile! Proud to be ex-Wilderness Guardian. | ||||
Posted: March 6, 2009 11:47 pm | |||||
 IRC Nickname: Mtoise Group: Ex-Member Posts: 715 Member No.: 1691 Joined: February 5, 2009 Total Events Attended: 60 | IPB board allows for differing Display and Log in names. For example: Person A Login name as ABCHDF122121 The display name on posts is David etc... -------------------- "Do not believe everything that is written on the internet; for it may just be a bag of lies" - George Washington 1873 - On the long winding road to 99 slayer. 98 to 99 Slay without killing a thing. 22/28 effigy's PM me if you can assist Construction Effigy's | ||||
Posted: March 6, 2009 11:47 pm | |||||
| IRC Nickname: ``Aaron Group: Ex-Member Posts: 1055 Member No.: 149 Joined: January 21, 2008 Total Events Attended: 34 | Completely agree. This would be a huge blow to spying. Thanks Mike  --------------------    | ||||
Posted: March 7, 2009 12:22 am | |||||
 IRC Nickname: Ranma344 Group: Emeritus Posts: 759 Member No.: 78 Joined: January 1, 2008 Total Events Attended: 24 | I like my name how it is. Thanks though. --------------------  R.I.P. Lucy ! | ||||
Posted: March 7, 2009 02:00 am | |||||
 IRC Nickname: Indivi2you Group: Elite Guardian Posts: 5361 Member No.: 43 Joined: December 30, 2007 Total Events Attended: 623 |
Sorry to say, me too. -------------------- The First, The Last, and the Only ~FLO Never say never, because limits, like fears, are often just an illusion. ~Michael Jordan      | ||||
Posted: March 7, 2009 02:27 am | |||||
 IRC Nickname: rachellove Group: Council Posts: 6955 Member No.: 173 Joined: January 31, 2008 Total Events Attended: 305 | sure I'll do whatever to help make us secure. --------------------  Thank you Garrett and Dallar. “The day soldiers stop bringing you their problems is the day you have stopped leading them. They have either lost confidence that you can help them or concluded that you do not care. Either case is a failure of leadership.” ~~Colin Powell ~~  | ||||
Posted: March 7, 2009 03:01 am | |||||
 IRC Nickname: Ret[Keith] Group: Emeritus Posts: 2049 Member No.: 86 Joined: January 1, 2008 Total Events Attended: 82 |
Dummies, you will be seen as what your rsn is, but you just log in under "dickballs69" or something. You don't even have to type it in all the time, set comp to remember. Example: I change my loginname to "lulglenlyksdapns", but everyone still sees my name as "Reticked." -------------------- Best Firemaker in WG no lie   <--- rofl1st joined WG: October 18th, 2005. Ex-WG mod, OPH winner  ^My original idea (U GOIN DOWN TWIZ)^ 189th person to get "100" firemaking Hash Unit, Tun Unit, C-Unit    | ||||
Posted: March 7, 2009 05:06 am | |||||
 IRC Nickname: RobbieThe1st Group: Founder Posts: 770 Member No.: 2 Joined: December 26, 2007 Total Events Attended: 49 | Um... We are using IPB 1.3. I don't believe this is supported under our version. Also, brute-force algorithms won't work if you have the least bit decent password: 5 lower case letters: 26^5 = 11,881,376 possible combinations(@ 10 a second = 13 days, 18 hours) 5 mixed-case letters: 54^5 = 459,165,024 possible combinations(@ 10 a second = 1 year, 171 days, 11 hours) 5 characters consisting of lowercase letters, uppercase letters, numbers and "uppercase letters": 74^5 = 2,219,006,624 possible combinations(@ 10 a second = 7 years, 48 days, 7 hours) And that's just with 5 characters. If you use 16 character long passwords consisting of uppercase, lowercase, numbers and 'uppercase letters': 74^16 = 808,551,180,810,136,214,718,004,658,176 possible combinations(@ 10 a second = 2599508683160160155343 years) Of course, it may not take nearly that long if your password is a word in a dictionary somewhere. Now, even the weakest password can't be brute-forced on a properly set up webserver like this - After not too long the server will think it a brute-force/DOS attack and ban you either temporarily or permanently. Really, the only cases where a "brute force" attack works is where either A, you have direct access to the password-protected subject, B, you have some idea of the password that the person used(like if you knew the letters, even if not the cases or order - Remember National Treasure?) or C, the password is susceptible to a dictionary attack. What I *might* do is see about making a password-strength checker and building it into the change-password form, then deleting everyone's password and making them recover/create a new one. -Robbie -------------------- Old Avatar - Paypal donation link  I am left handed, and proud of it! Retired from RuneScape. Old forum posts: 2275(s4+s10+wg.com)+1759(z6 old account)+474(z6 new account) Total: 4508 Join date: 4/16/05 | Get Firefox 3.5 now: http://www.getfirefox.com | RobbieSwich for Firefox | ||||
Posted: March 7, 2009 07:10 pm | |||||
| IRC Nickname: Rage|Mike Group: Clan Friend Posts: 1948 Member No.: 1238 Joined: July 29, 2008 Total Events Attended: 132 |
Don't legit owners of IPB get free IPB updates however? Or am I mistaken? Not sure :S -------------------- MSN: [email protected] IRC: Rage|Mike at SwiftIRC and SeersIRC Drop me a comment, click to view my RSC profile! Proud to be ex-Wilderness Guardian. | ||||
Posted: March 8, 2009 12:20 am | |||||
| IRC Nickname: Mtoise Group: Ex-Member Posts: 715 Member No.: 1691 Joined: February 5, 2009 Total Events Attended: 60 | I sincerely hope your using more than 1.3 since 2.3 was introed over 6 months ago... It is possible to change the narrative though. -------------------- "Do not believe everything that is written on the internet; for it may just be a bag of lies" - George Washington 1873 - On the long winding road to 99 slayer. 98 to 99 Slay without killing a thing. 22/28 effigy's PM me if you can assist Construction Effigy's | ||||
Posted: March 8, 2009 06:10 am | |||||
| IRC Nickname: Group: Banned Posts: 2447 Member No.: 114 Joined: January 8, 2008 Total Events Attended: 149 | But... I know my pass is secure... Yeah, it's definitely something that would take a while to crack. -------------------- | ||||
Posted: March 8, 2009 06:10 pm | |||||
 IRC Nickname: Kwaichi Group: Ex-Member Posts: 1827 Member No.: 65 Joined: December 31, 2007 Total Events Attended: 119 | could it be possible to make it so: always when you log in from a different computer you have to lon in on forums again; so if you play just from your computer and someone hack your account you woud find it out because you must to log in on forums if someone from a dufferent computer use your account ... it same on the game BiteFight if you know this game. --------------------  | ||||
Mandatory Log-In name change