Second Life Forums Archive - Blog entry: How Secure Is Your Password?

Mo Dryke

Dryke Gallery Owner

Join date: 2 Feb 2007

Posts: 192

06-14-2007 16:18

well. actually I don't really care how secure is my password AS I CAN'T LOG IN !!!!

note that this linden tries to be funny :"

don't give you password to) Pets too, you never know."

do they really have nothing else to post in the blog? any bug to fixe?

_____________________________________________________
don't want pretty skies
don't want voice chat
don't care about sculpties contests

-> want decent support
-> want stable platform

I have a dream.
I have a dream that one day the SL nation will rise up and live out the true meaning of its creed: "We hold these truths to be self-evident: all residents deserve a stable and optimized SL"

Brenda Connolly

Un United Avatar

Join date: 10 Jan 2007

Posts: 25,000

06-14-2007 16:50

They're softening us up for something.....

_____________________

Don't you ever try to look behind my eyes. You don't want to know what they have seen.

http://brenda-connolly.blogspot.com

Farallon Greyskin

Cranky Seal

Join date: 22 Jan 2006

Posts: 491

06-14-2007 17:09

It's kind of amusing to hear LL talk to us about password security...

Using the same password for SL as you do for the support site and the forums or other "external" SL portals BAD NEWS... And they keep adding them, your enver sure if it's an official SL site or not. Makes you WAY to used to typing in your critical SL password everywhere.. like maybe SLexchange? BAD!

Heh, anyway...

Gordon Wendt

404 - User not found

Join date: 10 May 2006

Posts: 1,024

06-14-2007 19:51

From: Brenda Connolly

They're softening us up for something.....

SECOND LIFE IS MADE OUT OF PEOPLE, PEEOOPPLLEE!!!!

_____________________

Twitter: http://www.twitter.com/GWendt
Plurk: http://www.plurk.com/GordonWendt

GW Designs: XStreetSL

Kitty Barnett

Registered User

Join date: 10 May 2006

Posts: 5,586

06-14-2007 19:58

That blog post doesn't come as a big surprise after whatever incident caused them to have to reset the password of anyone who used the support portal.

It also fails to mention the importance of not disclosing the email address you use with SL, and to have a strong password on that. If someone gets to your email account, it won't matter how good your SL password is, it's trivial for them to just reset it to one of their own choice at that point and effectively lock you out.

Sindy Tsure

Will script for shoes

Join date: 18 Sep 2006

Posts: 4,103

06-14-2007 20:21

From: Mo Dryke

do they really have nothing else to post in the blog? any bug to fixe?

So, just curious, what do you think Agent Linden's job is at LL? What bugs do you think he/she should be fixing?

Osgeld Barmy

Registered User

Join date: 22 Mar 2005

Posts: 3,336

06-14-2007 20:38

well the office opens @ 9am so from 9-10:30 he plays pinball with all the other .com holdover employees then heads to the water cooler for post it note feature discussion that takes about 30 min
then he probably wanders the halls for a little bit getting coffee, checking up on the other bug fixing lindens, who are mostly bug checking in "bad girls"

by now its 12 pm time for lunch

returns from lunch about 1:30, checks his messages / email / im's then heads back out to do the post lunch "make sure noone is sleeping" rounds

gets abit more coffee heads back downstairs for the "real media oh how we wished that didnt suck" pingpong semi finals with king phill by now its rounding around 4pm

we all know that last hour of work is usually lite work time, finishing up paperwork chit-chatting ect

[/sarcasm]

Peggy Paperdoll

A Brat

Join date: 15 Apr 2006

Posts: 4,383

06-14-2007 21:10

Sometimes I get so tickled at y'all.

Everyone bitches to high heaven about the blogs being all but useless.........then someone posts something that is rather useful for anyone. It was nothing but a reminder about personal security....no sinester underlying meaning at all.

So, all us "experts" on security have to chime in with sarcastic remarks. It's funny...........it really is.

Kevin Susenko

Voice Mentor

Join date: 11 Jul 2006

Posts: 198

06-14-2007 22:05

I still find it funny that of all of the things they could've posted about: Voice on main grid, new voice viewer (1.17.0.113), new beta viewer (1.18.0), friends list not working (again -_-), group and private voice not working well, voice no longer enabled on beta grid?, what ever happened to verification?, logins slow and buggy, sims going down, etc.

They decided to post something completely irrelevant to anything that's going on now, and something that they've already posted about multiple times in the past.

I could understand the post if there was nothing else to talk about, but, seriously, there are more important things happening in SL at the moment.

_____________________

Peggy Paperdoll

A Brat

Join date: 15 Apr 2006

Posts: 4,383

06-14-2007 22:55

So we need a thread with 9..........no, make that 10 (counting this) replies? Who's bored? Us or them?

Thili Playfair

Registered User

Join date: 18 Aug 2004

Posts: 2,417

06-15-2007 00:30

My old password secure enough?

5zxocu2149v02h4nadof82d2o2

how do i remember that?, O_o , yes im bored

Jeff Kelley

Registered User

Join date: 8 Nov 2006

Posts: 223

06-15-2007 01:24

From: someone

Do not use the same password on 3rd party websites that you use for your Second Life account. Especially if the site is Second Life related.

This especially funny when I see:

<form id="res_form" method="post" action="https://support.secondlife.com/ics/support/security.asp">
<input type="hidden" name="cFname" value="Jeff_Kelley" id="cFname">
<input type="hidden" name="cLname" value="Kelley" id="cLname">
<input type="hidden" name="cUname" value="jeff_kelley" id="cUname">
<input type="hidden" name="cSlaName" value="xxxx" id="cSlaName">
<input type="hidden" name="cEmail" value="MY@EMAIL.HERE" id="cEmail">
<input type="hidden" name="sessID" value="XXXX" id="sessID">
<input type="hidden" name="deptID" value="XXXX" id="deptID">
<input type="hidden" name="sessEmail" value="XXXX@lindenlab.com" id="sessEmail">
<input type="hidden" name="cStatus" value="REGISTERED" id="cStatus">
<input type="hidden" name="CUSTOMER_URL" value="XXXXXX" id="CUSTOMER_URL">
<a href="#" onclick="document.getElementById('res_form').submit();">Log into the support system with Jeff_Kelley Kelley</a>
</form>

and knows that support.secondlife.com is a CNAME on d3.parature.com

Blog entry: How Secure Is Your Password?
Mo Dryke Dryke Gallery Owner Join date: 2 Feb 2007 Posts: 192	06-14-2007 16:18 well. actually I don't really care how secure is my password AS I CAN'T LOG IN !!!! note that this linden tries to be funny :"don't give you password to) Pets too, you never know." do they really have nothing else to post in the blog? any bug to fixe? _____________________________________________________ don't want pretty skies don't want voice chat don't care about sculpties contests -> want decent support -> want stable platform I have a dream. I have a dream that one day the SL nation will rise up and live out the true meaning of its creed: "We hold these truths to be self-evident: all residents deserve a stable and optimized SL"
Brenda Connolly Un United Avatar Join date: 10 Jan 2007 Posts: 25,000	06-14-2007 16:50 They're softening us up for something..... _____________________ Don't you ever try to look behind my eyes. You don't want to know what they have seen. http://brenda-connolly.blogspot.com
Farallon Greyskin Cranky Seal Join date: 22 Jan 2006 Posts: 491	06-14-2007 17:09 It's kind of amusing to hear LL talk to us about password security... Using the same password for SL as you do for the support site and the forums or other "external" SL portals BAD NEWS... And they keep adding them, your enver sure if it's an official SL site or not. Makes you WAY to used to typing in your critical SL password everywhere.. like maybe SLexchange? BAD! Heh, anyway...
Gordon Wendt 404 - User not found Join date: 10 May 2006 Posts: 1,024	06-14-2007 19:51 From: Brenda Connolly They're softening us up for something..... SECOND LIFE IS MADE OUT OF PEOPLE, PEEOOPPLLEE!!!! _____________________ Twitter: http://www.twitter.com/GWendt Plurk: http://www.plurk.com/GordonWendt GW Designs: XStreetSL
Kitty Barnett Registered User Join date: 10 May 2006 Posts: 5,586	06-14-2007 19:58 That blog post doesn't come as a big surprise after whatever incident caused them to have to reset the password of anyone who used the support portal. It also fails to mention the importance of not disclosing the email address you use with SL, and to have a strong password on that. If someone gets to your email account, it won't matter how good your SL password is, it's trivial for them to just reset it to one of their own choice at that point and effectively lock you out.
Sindy Tsure Will script for shoes Join date: 18 Sep 2006 Posts: 4,103	06-14-2007 20:21 From: Mo Dryke do they really have nothing else to post in the blog? any bug to fixe? So, just curious, what do you think Agent Linden's job is at LL? What bugs do you think he/she should be fixing?
Osgeld Barmy Registered User Join date: 22 Mar 2005 Posts: 3,336	06-14-2007 20:38 well the office opens @ 9am so from 9-10:30 he plays pinball with all the other .com holdover employees then heads to the water cooler for post it note feature discussion that takes about 30 min then he probably wanders the halls for a little bit getting coffee, checking up on the other bug fixing lindens, who are mostly bug checking in "bad girls" by now its 12 pm time for lunch returns from lunch about 1:30, checks his messages / email / im's then heads back out to do the post lunch "make sure noone is sleeping" rounds gets abit more coffee heads back downstairs for the "real media oh how we wished that didnt suck" pingpong semi finals with king phill by now its rounding around 4pm we all know that last hour of work is usually lite work time, finishing up paperwork chit-chatting ect [/sarcasm]
Peggy Paperdoll A Brat Join date: 15 Apr 2006 Posts: 4,383	06-14-2007 21:10 Sometimes I get so tickled at y'all. Everyone bitches to high heaven about the blogs being all but useless.........then someone posts something that is rather useful for anyone. It was nothing but a reminder about personal security....no sinester underlying meaning at all. So, all us "experts" on security have to chime in with sarcastic remarks. It's funny...........it really is.
Kevin Susenko Voice Mentor Join date: 11 Jul 2006 Posts: 198	06-14-2007 22:05 I still find it funny that of all of the things they could've posted about: Voice on main grid, new voice viewer (1.17.0.113), new beta viewer (1.18.0), friends list not working (again -_-), group and private voice not working well, voice no longer enabled on beta grid?, what ever happened to verification?, logins slow and buggy, sims going down, etc. They decided to post something completely irrelevant to anything that's going on now, and something that they've already posted about multiple times in the past. I could understand the post if there was nothing else to talk about, but, seriously, there are more important things happening in SL at the moment. _____________________ CPU: Intel Core 2 Duo E6400 (Overclocked - 2.8GHz) \| Mobo: EVGA nForce 680i SLI \| GPU: XFX nVidia GeForce 8800 GTX 768mb GDDR3 \| Memory: 4gb DDR2 PC5300 667MHz Dual Channel \| PSU: Antec Neo HE 550w \| Sound: SoundBlaster X-Fi Xtrememusic \| HDD: 950gb total SATA3 \| OS: Windows Vista Ultimate 64-bit
Peggy Paperdoll A Brat Join date: 15 Apr 2006 Posts: 4,383	06-14-2007 22:55 So we need a thread with 9..........no, make that 10 (counting this) replies? Who's bored? Us or them?
Thili Playfair Registered User Join date: 18 Aug 2004 Posts: 2,417	06-15-2007 00:30 My old password secure enough? 5zxocu2149v02h4nadof82d2o2 how do i remember that?, O_o , yes im bored
Jeff Kelley Registered User Join date: 8 Nov 2006 Posts: 223	06-15-2007 01:24 From: someone Do not use the same password on 3rd party websites that you use for your Second Life account. Especially if the site is Second Life related. This especially funny when I see: <form id="res_form" method="post" action="https://support.secondlife.com/ics/support/security.asp"> <input type="hidden" name="cFname" value="Jeff_Kelley" id="cFname"> <input type="hidden" name="cLname" value="Kelley" id="cLname"> <input type="hidden" name="cUname" value="jeff_kelley" id="cUname"> <input type="hidden" name="cSlaName" value="xxxx" id="cSlaName"> <input type="hidden" name="cEmail" value="MY@EMAIL.HERE" id="cEmail"> <input type="hidden" name="sessID" value="XXXX" id="sessID"> <input type="hidden" name="deptID" value="XXXX" id="deptID"> <input type="hidden" name="sessEmail" value="XXXX@lindenlab.com" id="sessEmail"> <input type="hidden" name="cStatus" value="REGISTERED" id="cStatus"> <input type="hidden" name="CUSTOMER_URL" value="XXXXXX" id="CUSTOMER_URL"> <a href="#" onclick="document.getElementById('res_form').submit();">Log into the support system with Jeff_Kelley Kelley</a> </form> and knows that support.secondlife.com is a CNAME on d3.parature.com

Welcome to the Second Life Forums Archive

Blog entry: How Secure Is Your Password?