This is but the first step in replacing all 64digits staff and members with bots.
Seriously, there should be a site where theres calculated intervals of postings based on some kind of news system where all of the characters fit into a role… Also wasnt there a 64RPG being made? Or something…. I dont come around as often as I used to….
So I had this security idea, and figured before implementing it id like
your opinion! Woo!!!1 so anyway:
Username: your username
Password: your somewhat complex and long enough password
Pass phrase: what you will need to type in every time, but it can be simple! (
NOT stored)
Both password and pass phrase go through a double hash.
a) First is so that it cannot be hacked on your computer or over the wire
b) Second is on the server end, so login attempts cannot be made with the request strings
This has a couple advantages: You won't need to remember your secure and complex password
every time, and it is not stored at all so there is no way to grab it unless you have a key logger (in which case I'm not sure how you would NOT be fucked…)
EXPLANATION:This handles the different tiers of security:
1) The password is stored locally, so people without your password (such as over the internet) can't access your account easily.
2) You'll have to make your password a little more complex to avoid hacking, but you only need to enter it once per profile per device.
3) You will
need to remember your simple passphrase, which is NOT stored in the event that something was trying to steal your password. (so malware can't obtain it)
That way your passphrase can be like "steven", and still have a secure entry.
THOUGHTS?
*************************
Also, on a random side-note that I know will be the only discussion on the topic here: What the hell does it mean when a chick writes ">>>>>>>>>" in her tweets? the fuck.
Hmm, okay, I had a feeling the password was a per-device thing, but I wasn't sure. It does fit with the convenience-security tradeoff. I can see how it would probably work well as long as you own all the devices, but if you logged in from a public PC (at a webcafe or whatever) or someone else's, it'd store the password hash on that, which maybe isn't so great – but then you could always avoid that with a good old remember me checkbox.
@F1ak3r: I do have that right now… I think it will depend on how I design the interface to be simple to use.
@GirlWritesWhat: Haha, nice, but it really depends on circumstance. What women like is being able to be confident, protective, but still a "good guy" otherwise@sirxemic: Ha, it was an example, but yeah I think it might seem too complex.
It's not really complex, it just protects your account at the client-side a bit more than conventional methods, but that's pretty much it. It's like a tad more secure "remember me" feature.
:|Anyway, I really don't get the point of having a passphrase. If anything, I would just treat it like a secondary password or a simple to use :OHNOIforgotMYREALPasswordBUTTHISONEISEasyTOREMEBER:and ">>>>>>>" is a social symbol that KKK Wives use to show her Nazi friends what rank their husband is in their Local Branch.>>>>@>>>> is Grand Wizard.For some reason, this blog consistently shows up twice on the activity bar.