Bots and >>>>>>>

Posted by Alert Games on June 23, 2013, 11:56 p.m.

Quote: flashback
This is but the first step in replacing all 64digits staff and members with bots.
Seriously, there should be a site where theres calculated intervals of postings based on some kind of news system where all of the characters fit into a role… Also wasnt there a 64RPG being made? Or something…. I dont come around as often as I used to….

So I had this security idea, and figured before implementing it id like your opinion! Woo!!!1 so anyway:

Username: your username

Password: your somewhat complex and long enough password

Pass phrase: what you will need to type in every time, but it can be simple! (NOT stored)

Both password and pass phrase go through a double hash.

a) First is so that it cannot be hacked on your computer or over the wire

b) Second is on the server end, so login attempts cannot be made with the request strings

This has a couple advantages: You won't need to remember your secure and complex password every time, and it is not stored at all so there is no way to grab it unless you have a key logger (in which case I'm not sure how you would NOT be fucked…)

EXPLANATION:

This handles the different tiers of security:

1) The password is stored locally, so people without your password (such as over the internet) can't access your account easily.

2) You'll have to make your password a little more complex to avoid hacking, but you only need to enter it once per profile per device.

3) You will need to remember your simple passphrase, which is NOT stored in the event that something was trying to steal your password. (so malware can't obtain it)

That way your passphrase can be like "steven", and still have a secure entry.

THOUGHTS?

*************************

Also, on a random side-note that I know will be the only discussion on the topic here: What the hell does it mean when a chick writes ">>>>>>>>>" in her tweets? the fuck.

Comments

colseed 11 years, 6 months ago

So…how would the user know what pass phrase to use?

Quote:
Also, on a random side-note that I know will be the only discussion on the topic here: What the hell does it mean when a chick writes ">>>>>>>>>" in her tweets? the fuck.
My guess would be either she's shortening ">_>" or ">.>" to ">>" and then repeating it for emphasis, or she went to end a sentence with a period but held down shift and hit "." a whole bunch of times by accident. That, or you've stumbled upon a secret Illuminati code and have now doomed us all to extermination.

princess 11 years, 6 months ago

">>>>>>>>>" literally just means "greater than"

Example: "pink cupcakes >>>>>" means "pink cupcakes are greater than everything"

F1ak3r 11 years, 6 months ago

I don't think I quite understand what you're getting at.

Quote:
You won't need to remember your secure and complex password
Uh… but… huh? What's the point of a password I don't have to remember?

Quote:
and it is not stored at all so there is no way to grab it unless you have a key logger
Isn't that the idea with passwords in general? You make them, they get hashed and stored in that form, and then subsequent logins test the hash of your input against the hash in the db.

Quote:
a) First is so that it cannot be hacked on your computer or over the wire

b) Second is on the server end, so login attempts cannot be made with the request strings
"on the server end" leads me to believe that the first encryption is done client-side, which just doesn't seem like a good idea.

Then how does the pass phrase come in? Would it be the encryption of the password or something? I don't get it. =(

Dynamite 11 years, 6 months ago

It means she's trying to gain more attention than she already has. :)

panzercretin 11 years, 6 months ago

Concatenate the password into two strings, each of which is encrypted in the manners you stated. Nobody likes having to put in two passwords. Nobody.

Alert Games 11 years, 6 months ago

Quote:
Then how does the pass phrase come in? Would it be the encryption of the password or something? I don't get it. =(
I added an explanation to my blog haha.

Basically its like this: Registration Page:

Username: F1ak3r

Password: FlakerIsAFlakySOaB // Secure

Passphrase: f123 // Simple

Then,

{

Username < stored on local storage

sha1(Password+SEEDstuff) < From local storage, only entered once

sha1(Passphrase+SEEDstuff) < Just entered, NOT stored anywhere

timestamp

request hash check

} -> Send to server

Server:

{

user permissions/status check

sha128(hashedPassword) < check

sha128(hashedPassphrase) < check

time allowance check

request hash check

} -> Send Congratulatory regards back!

The end. lol. Secure from internet attacks and spyware attacks, just not keyloggers! And all you ever need to type is "f123" for this user!

Quote:
It means she's trying to gain more attention than she already has. :)
Thanks, GirlWritesWhat, who literally joined just a few moments after this blog was made…

Dynamite 11 years, 6 months ago

Quote:
Thanks, GirlWritesWhat, who literally joined just a few moments after this blog was made…

Don't mention it, random guy! Any insight as to what a girl really thinks and why girls do the things girls do, just ask me!

Alert Games 11 years, 6 months ago

Why do good girls like bad guys?

princess 11 years, 6 months ago

Ask the girl who hates girls and is an advocate for men, interesting….

Dynamite 11 years, 6 months ago

Quote:
Why do good girls like bad guys?

Because girls are repelled by these "good guys" that many guys these days try to be. "Bad guys" can put a girl in her place – a "nice guy" would never dream of raising her voice to a girl.

Girls NEED this kinds of interactions because generally they have no clue what they're doing and hence why they need a GUY to tell them WHAT TO DO.

These guys are usually referred to as "assholes" because they do not give in to a woman's childish ways.