Remove Ad, Sign Up
Register to Remove Ad
Register to Remove Ad
Remove Ad, Sign Up
Register to Remove Ad
Register to Remove Ad
Signup for Free!
-More Features-
-Far Less Ads-
About   Users   Help
Users & Guests Online
On Page: 1
Directory: 1 & 93
Entire Site: 10 & 888
Page Staff: pokemon x, pennylessz, Barathemos, tgags123, alexanyways, supercool22, RavusRat,
03-28-24 01:55 PM

Thread Information

Views
1,096
Replies
9
Rating
3
Status
CLOSED
Thread
Creator
Minuano
11-17-13 01:14 AM
Last
Post
UFO
11-18-13 07:55 PM
Additional Thread Details
Views: 292
Today: 0
Users: 1 unique

Thread Actions

Thread Closed
New Thread
New Poll
Order
 

Password security

 

11-17-13 01:14 AM
Minuano is Offline
| ID: 928324 | 109 Words

Minuano
Galacta
Super Davideo7 2
Level: 122


POSTS: 2519/4288
POST EXP: 189733
LVL EXP: 20480010
CP: 14522.8
VIZ: 403725

Likes: 3  Dislikes: 0
I find how easy it is to change your password is distressing- anyone can easily do it as long as you don't logout of that computer. It has actually happened to me a few years back, luckily I knew the person who did it and they eventually gave me what they changed it to.

I think that you should need to enter your current password to change it, and maybe even need to enter it to edit your profile as a whole. It's an extra security measure that I'm sure would come in handy, as I can almost guarantee that I'm not the only one it has happened to.
I find how easy it is to change your password is distressing- anyone can easily do it as long as you don't logout of that computer. It has actually happened to me a few years back, luckily I knew the person who did it and they eventually gave me what they changed it to.

I think that you should need to enter your current password to change it, and maybe even need to enter it to edit your profile as a whole. It's an extra security measure that I'm sure would come in handy, as I can almost guarantee that I'm not the only one it has happened to.
Vizzed Elite
Former Admin


Affected by 'Laziness Syndrome'

Registered: 09-03-09
Location: Kamurocho
Last Post: 256 days
Last Active: 20 days

Post Rating: 3   Liked By: patar4097, Sorinkun, Tails the Fox,

11-17-13 01:34 AM
IgorBird122 is Offline
| ID: 928326 | 127 Words

IgorBird122
The_IB122
Level: 140


POSTS: 2331/6414
POST EXP: 526201
LVL EXP: 32881912
CP: 40905.1
VIZ: 779500

Likes: 0  Dislikes: 0
Galacta : Yeah, I think that would be a really good suggestion, because the reason why, because you can accidentally type something in the "Password" box and you didn't know while you're changing your settings and all of a sudden, you logged out (neither by just logging out like normal, clearing all of your cookies, or a friend/family member pulling a prank on you) and you can't get on when you typed the password you use and you have to click the "Forgot Password" link to get it back.

So, it a way, it should have a "Change Password" button where you click it and it'll have 3 boxes (Current Password, New Password, re-type password), but yeah, good idea to have, I wounder what David thinks about this.
Galacta : Yeah, I think that would be a really good suggestion, because the reason why, because you can accidentally type something in the "Password" box and you didn't know while you're changing your settings and all of a sudden, you logged out (neither by just logging out like normal, clearing all of your cookies, or a friend/family member pulling a prank on you) and you can't get on when you typed the password you use and you have to click the "Forgot Password" link to get it back.

So, it a way, it should have a "Change Password" button where you click it and it'll have 3 boxes (Current Password, New Password, re-type password), but yeah, good idea to have, I wounder what David thinks about this.
Vizzed Elite
The Shadow King


Affected by 'Laziness Syndrome'

Registered: 01-07-13
Location: The Big Easy
Last Post: 1450 days
Last Active: 1435 days

11-17-13 03:31 AM
Sorinkun is Offline
| ID: 928337 | 107 Words

Sorinkun
Level: 47


POSTS: 468/514
POST EXP: 22745
LVL EXP: 722824
CP: 522.9
VIZ: 6071

Likes: 0  Dislikes: 0
Galacta : This would be better instead of changing the pass and having no security.

It should appear an "Enter current password to change your settings" box first, then, if you wish to change the password, do what IgorBird said.

But you can always recover your pass by clicking "Forgot password?". After you clicked it, a box should appear when you must enter your email adress. Then, an email with a random password will come such as "wjr12h". Now, you can use it to log in without any issues or change it to an easier one such as "apples123"!

I hope David will like and implement this feature.
Galacta : This would be better instead of changing the pass and having no security.

It should appear an "Enter current password to change your settings" box first, then, if you wish to change the password, do what IgorBird said.

But you can always recover your pass by clicking "Forgot password?". After you clicked it, a box should appear when you must enter your email adress. Then, an email with a random password will come such as "wjr12h". Now, you can use it to log in without any issues or change it to an easier one such as "apples123"!

I hope David will like and implement this feature.
Member
As awesome as I can, as awesome as you can't!


Affected by 'Laziness Syndrome'

Registered: 09-15-13
Location: Romania - Europe
Last Post: 3314 days
Last Active: 2847 days

11-17-13 04:50 PM
pacman1755 is Offline
| ID: 928542 | 64 Words

pacman1755
Level: 195


POSTS: 10554/13170
POST EXP: 454212
LVL EXP: 103548284
CP: 30600.2
VIZ: 341152

Likes: 0  Dislikes: 0
This is a really helpful and good idea. It's been said a few times that password security was a main issue when it comes to attacks, like a few years ago. If we can get a password warning e-mail when your password is changed by you or someone else. Maybe you want those other security questions to confirm your identity. I can support this.
This is a really helpful and good idea. It's been said a few times that password security was a main issue when it comes to attacks, like a few years ago. If we can get a password warning e-mail when your password is changed by you or someone else. Maybe you want those other security questions to confirm your identity. I can support this.
Vizzed Elite
Winner of The August VCS 2011, December VCS 2013, and Summer 2014 TDV


Affected by 'Laziness Syndrome'

Registered: 05-22-11
Location: Wisconsin
Last Post: 1553 days
Last Active: 32 days

11-17-13 04:57 PM
Frodlex is Offline
| ID: 928544 | 135 Words

Frodlex
Level: 81


POSTS: 605/1680
POST EXP: 161649
LVL EXP: 4841627
CP: 10857.4
VIZ: 2738

Likes: 0  Dislikes: 0
Davideo7 : Thoughts on this? I personally have always noticed it look a lot easier than it should, especially to certain people who try out just about everything they see like this. I noticed it and decided to stay as far away as possible in order to preserve myself on the site and never really mentioned it at all but Galacta: brings up a good point but apparently didn't summon you. I decided that it may be best to get your opinion on this and send you a summon to see what you have to say on the matter here. Sorry if this post comes as an inconvenience to you, especially the summon seeing as I started this post in the morning and finished at night due to having to leave for most of the day.
Davideo7 : Thoughts on this? I personally have always noticed it look a lot easier than it should, especially to certain people who try out just about everything they see like this. I noticed it and decided to stay as far away as possible in order to preserve myself on the site and never really mentioned it at all but Galacta: brings up a good point but apparently didn't summon you. I decided that it may be best to get your opinion on this and send you a summon to see what you have to say on the matter here. Sorry if this post comes as an inconvenience to you, especially the summon seeing as I started this post in the morning and finished at night due to having to leave for most of the day.
Vizzed Elite
<img src=http://i.imgur.com/1nAsCWD.gif> <font color=


Affected by 'Laziness Syndrome'

Registered: 09-14-10
Last Post: 466 days
Last Active: 379 days

11-17-13 05:10 PM
Mistress is Offline
| ID: 928549 | 25 Words

Mistress
Level: 79


POSTS: 663/1717
POST EXP: 132920
LVL EXP: 4457978
CP: 7444.1
VIZ: 195379

Likes: 0  Dislikes: 0
I never realized how easy it is to change a person's password. 

So I'm all up for this idea for the sake of extra security.
I never realized how easy it is to change a person's password. 

So I'm all up for this idea for the sake of extra security.
Vizzed Elite

Affected by 'Laziness Syndrome'

Registered: 06-28-13
Last Post: 3351 days
Last Active: 3196 days

11-18-13 03:34 PM
Batcake is Offline
| ID: 928891 | 42 Words

Batcake
Black Bot
Level: 105


POSTS: 2308/3246
POST EXP: 146939
LVL EXP: 11956660
CP: 5867.6
VIZ: 3347

Likes: 0  Dislikes: 0
Galacta : I hate when my brother always changes my password on a different device. But luckily I am still logged onto my computer.

This a great suggestion and this should be added soon.

Great suggestion and I hope they change it sometime!
Galacta : I hate when my brother always changes my password on a different device. But luckily I am still logged onto my computer.

This a great suggestion and this should be added soon.

Great suggestion and I hope they change it sometime!
Member
hi


Affected by 'Laziness Syndrome'

Registered: 10-17-12
Location: US
Last Post: 742 days
Last Active: 122 days

11-18-13 04:42 PM
UFO is Offline
| ID: 928915 | 116 Words

UFO
Level: 28

POSTS: 29/153
POST EXP: 2395
LVL EXP: 118497
CP: 120.9
VIZ: 1092

Likes: 0  Dislikes: 0
Honestly, if someone hacks your account its no big deal. This site has enough staff and admins that any issue can be resolved relatively fast. This isn't hacking, just slight stupidity. It's like leaving your facebook open at the local library of course people will go in and mess with it. You cannot have security without common sense.

The idea is good, however it won't fix the problem you are presenting here and that is your friends getting on your computer and using your account cause you never trashed the browser cookies. Sure it would prevent them from changing password but it would not stop them from everything else they could do to damage your account.
Honestly, if someone hacks your account its no big deal. This site has enough staff and admins that any issue can be resolved relatively fast. This isn't hacking, just slight stupidity. It's like leaving your facebook open at the local library of course people will go in and mess with it. You cannot have security without common sense.

The idea is good, however it won't fix the problem you are presenting here and that is your friends getting on your computer and using your account cause you never trashed the browser cookies. Sure it would prevent them from changing password but it would not stop them from everything else they could do to damage your account.
Perma Banned

Affected by 'Laziness Syndrome'

Registered: 07-04-13
Last Post: 3771 days
Last Active: 3771 days

11-18-13 06:24 PM
Minuano is Offline
| ID: 928958 | 195 Words

Minuano
Galacta
Super Davideo7 2
Level: 122


POSTS: 2521/4288
POST EXP: 189733
LVL EXP: 20480010
CP: 14522.8
VIZ: 403725

Likes: 0  Dislikes: 0
UFO : The problem presented in this thread is not about somebody hacking into your account and changing everything, but rather them changing your password, and then you are unable to log back in. Vizzed automatically keeps you logged in unless you manually log out, or clear your cookies. Facebook will log you out when you close the browser unless you check "Remember me".

I don't think that you could "damage" an account on Vizzed. And even if you did, what would you do? Waste all their viz? Big deal. No point in spamming because I believe Globals can track IPs, so they know it wasn't the user who did it. This is something that you would report, and problem solved.

All I'm saying in the original post is that password changing seems a bit too easy. Somebody can change your password, and then what? You don't know it and can't log back in, especially if they logged you out (which common sense would say to do if they did that). And yes, I realize this is something you would report, but wouldn't it be much easier if people just couldn't do it at all?

UFO : The problem presented in this thread is not about somebody hacking into your account and changing everything, but rather them changing your password, and then you are unable to log back in. Vizzed automatically keeps you logged in unless you manually log out, or clear your cookies. Facebook will log you out when you close the browser unless you check "Remember me".

I don't think that you could "damage" an account on Vizzed. And even if you did, what would you do? Waste all their viz? Big deal. No point in spamming because I believe Globals can track IPs, so they know it wasn't the user who did it. This is something that you would report, and problem solved.

All I'm saying in the original post is that password changing seems a bit too easy. Somebody can change your password, and then what? You don't know it and can't log back in, especially if they logged you out (which common sense would say to do if they did that). And yes, I realize this is something you would report, but wouldn't it be much easier if people just couldn't do it at all?

Vizzed Elite
Former Admin


Affected by 'Laziness Syndrome'

Registered: 09-03-09
Location: Kamurocho
Last Post: 256 days
Last Active: 20 days

(edited by Galacta on 11-18-13 06:25 PM)    

11-18-13 07:55 PM
UFO is Offline
| ID: 928997 | 196 Words

UFO
Level: 28

POSTS: 30/153
POST EXP: 2395
LVL EXP: 118497
CP: 120.9
VIZ: 1092

Likes: 0  Dislikes: 0
Galacta : We should also add third party verification through email which adds two layers of security instead of one. Another problem is the email field. You can still delete email addresses on accounts, change password then really mess up an account. If I were attacker I'd erase your email and change your password so that you would be blocked out of vizzed for life. The forgot password page would be useless cause it would not know what email to send it to.

Password security isn't as big of a problem though as the email security at this point in time on Vizzed. If the email field is not fixed and you were to "add password security updates" I could easily bypass it by swapping the email on your account then go to forgot password page and set up a new password using your username and the new email I have injected onto the account. This of course would only work in the case of a friend who has your current login info or a random user who just happens to have access to ones account cause the previous user forgot to dump cookies by logging out.
Galacta : We should also add third party verification through email which adds two layers of security instead of one. Another problem is the email field. You can still delete email addresses on accounts, change password then really mess up an account. If I were attacker I'd erase your email and change your password so that you would be blocked out of vizzed for life. The forgot password page would be useless cause it would not know what email to send it to.

Password security isn't as big of a problem though as the email security at this point in time on Vizzed. If the email field is not fixed and you were to "add password security updates" I could easily bypass it by swapping the email on your account then go to forgot password page and set up a new password using your username and the new email I have injected onto the account. This of course would only work in the case of a friend who has your current login info or a random user who just happens to have access to ones account cause the previous user forgot to dump cookies by logging out.
Perma Banned

Affected by 'Laziness Syndrome'

Registered: 07-04-13
Last Post: 3771 days
Last Active: 3771 days

Links

Page Comments


This page has no comments

Adblocker detected!

Vizzed.com is very expensive to keep alive! The Ads pay for the servers.

Vizzed has 3 TB worth of games and 1 TB worth of music.  This site is free to use but the ads barely pay for the monthly server fees.  If too many more people use ad block, the site cannot survive.

We prioritize the community over the site profits.  This is why we avoid using annoying (but high paying) ads like most other sites which include popups, obnoxious sounds and animations, malware, and other forms of intrusiveness.  We'll do our part to never resort to these types of ads, please do your part by helping support this site by adding Vizzed.com to your ad blocking whitelist.

×