Guild Database RIFT Dev Tracker RIFT Combat Parser
Become a Premium Junkie!
+ Reply to Thread
Results 1 to 5 of 5
  1. #1
    Rifter
    Join Date
    Feb 2011
    Posts
    25

    Rift hacked, new password policy fail.

    Your new password must:
    Have at least 1 alphabetic character – A-Z
    Have at least 1 number – 0-9
    Have at least 1 special character – punctuation, spaces, symbols, etc.
    Have between 8 and 512 characters – long strings and sentences are fully supported!
    Passwords must match.
    What's this? I need to have a number, a special character, but you also support passphrases? But what if I don't want a passphrase like:

    I saw a horse taking a number 2!

    Obligatory: xkcd: Password Strength

    I'm not sure what the hell they were thinking with this. The policy is not the problem. If someone was able to discover passwords from what they store in the database, it's a Trion fail, not a password fail. If all you do is store an MD5, you fail. If you store it in a reversible encryption (as their message implies), YOU SHOULD BE FIRED AND BANNED FROM IT WORLDWIDE FOR INCREDIBLE INCOMPETENCE. An unnecessary change that can only be described as stupid.
    Last edited by jMerliN; 01-05-2012 at 08:56 PM.

  2. #2
    Rifter
    Join Date
    May 2011
    Location
    Louisiana
    Posts
    408
    Main Character
    Puremallace
    Shard
    Wolfsbane
    No the problem was giving a 3rd party Russian publisher full access to their servers. The people posting IP's of people trying to login into their hotmail account is sort of a give-a-away of what happened here.

    I am not a big fan of the silent mode Trion has gone into here lately, but they are handling it pretty good.

  3. #3
    Rifter
    Join Date
    Jun 2011
    Posts
    1
    Guild
    No guild.
    Fail rant is fail.

  4. #4
    Rifter
    Join Date
    Feb 2011
    Posts
    25
    Quote Originally Posted by Puremallace View Post
    No the problem was giving a 3rd party Russian publisher full access to their servers. The people posting IP's of people trying to login into their hotmail account is sort of a give-a-away of what happened here.

    I am not a big fan of the silent mode Trion has gone into here lately, but they are handling it pretty good.
    I don't think that happened. User dbs tend to be sold for big $$ on the black market, and often to Russian groups. In any case, it's Trion's problem, forcing more stupid policies on users isn't a solution.

  5. #5
    Premium Junkie Errn's Avatar
    Join Date
    Feb 2011
    Location
    Michigan
    Posts
    454
    Main Character
    Errn
    Shard
    Shatterbone
    Guild
    Get In The Van

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts