Second Life Forums Archive - Account protection

Welcome to the Second Life Forums Archive

These forums are CLOSED. Please visit the new forums HERE

Second Life Forums Archive > Previous Forums Archive > Linden Answers

Account protection
Limpen Lumpen Registered User Join date: 5 Jun 2006 Posts: 6	08-18-2006 12:20 In light of recent events where SL resident(s) have had their accounts abducted by third parties to steal money and content, I am putting this here instead of making a feature suggestion ( at the moment ) as I believe such an option should be given a high level of consideration. The option. I know that MAC addresses and IP addresses are fairly easy to change, but could some sort of option be added to each user account where they are given a check box ( on the forum part of the account ) allowing them to "lock" their account to the current IP or MAC address ? ( possibly with a system generated password required to unlock it ) This would enable people to effectively say "I use this machine and no other - it uses this IP address and no other - if my account attempts to log-in from anywhere else - do not allow it" This protects both the user from theft, and Linden Labs from fraudulent claims of account abduction. Yes there are accounts that do log in from multiple addresses and multiple machines - but short of a whole new password system being introduced I can see no way of safe guarding those accounts. If the Technical people at Linden can confirm that this is doable ( and fairly rapidly ) I will raise a feature suggestion for it and the populace can decide whether they feel they need this level of protection or not. Thanks in advance.
Torley Linden Enlightenment! Join date: 15 Sep 2004 Posts: 16,530	08-21-2006 12:28 Hey Limpen! First, we can never overemphasize never giving out your password to anyone or anything: http://blog.secondlife.com/2006/08/18/dont-give-your-password-to-anyone-or-anything/ Second, I think we can actually technically do this currently from the backend, but there isn't a Resident-configurable way to change this in your account settings. Doesn't seem practical either... problem also is this isn't an option for all; as you know, there are those with dynamic/shared IPs. Not to mention IPs and MAC addresses can be spoofed, or confusion for those who go on a trip and forget why they can't get in from a hotel. What it often comes down to is the human element. So there should be a clear benefit to new account protection methods that couldn't be covered via other means, and being aware of social engineering always helps. Nevertheless, if there was sufficient demand for your suggestion from the community, certainly it'd encourage us to look at it closer, so please feel free to garner support! _____________________