Love Zhaoying Posted April 17, 2023 Share Posted April 17, 2023 20 minutes ago, Ayashe Ninetails said: yeeted into the sun, etc. I hate it when that happens! 16 minutes ago, CaithLynnSayes said: /me quietly walks by flashing these pages: https://www.csoonline.com/article/3620223/how-to-hack-2fa.html https://blog.knowbe4.com/many-ways-to-hack-mfa https://www.zdnet.com/article/hackers-are-finding-ways-around-multi-factor-authentication-heres-what-to-watch-for/ https://www.amazon.com/Hacking-Multifactor-Authentication-Roger-Grimes/dp/1119650798 ... Now go get your panties twisted in a bunch on those. Almost this whole thread has been on how to take away functionality, and now how to make it more annoying to log in or do a transaction. Yet the blatantly obvious just won't be accepted by the loudest voices here. Do Not Randomly Put Your Passwords In! We just can't have nice things! When I was a cub, before 2FA, for a primitive MFA we used little RSA keyfobs with special numbers, and the "seeds" for those numbers were tied to our personal keyfob! So, someone would have to steal our keyfob to hack us. Get off my lawn! Link to comment Share on other sites More sharing options...
Ayashe Ninetails Posted April 17, 2023 Share Posted April 17, 2023 2 minutes ago, Jaylinbridges said: xPMNg8kT6Ag4il0#l@kA@17dxs@7E8nRa3%k$#DN8IwRNsX63e That's not my password, but mine is like that - so hack that. I can remember the first 4 characters on a good day Main problem is losing where it is stored, so I need multiple backup locations in case my city gets hit by a giant flaming meteor. LOL...are you me?!? Link to comment Share on other sites More sharing options...
Moles Dyna Mole Posted April 17, 2023 Moles Share Posted April 17, 2023 Hey, troops ... It's fine to have a robust discussion, but let's not start throwing things at each other. If you disagree, please do it without using language that is sarcastic, pointedly personal, or intended to pick a fight. Take it off line, if you must. The thread has grown far enough that it's also a good idea to step back and focus on the theme. It's easier to have a constructive conversation if we're all headed in the same direction. 1 Link to comment Share on other sites More sharing options...
Zalificent Corvinus Posted April 17, 2023 Share Posted April 17, 2023 15 minutes ago, Jaylinbridges said: xPMNg8kT6Ag4il0#l@kA@17dxs@7E8nRa3%k$#DN8IwRNsX63e That's not my password, but mine is like that - so hack that. I can remember the first 4 characters on a good day Main problem is losing where it is stored, so I need multiple backup locations in case my city gets hit by a giant flaming meteor. You do know that SL only uses the first 16 characters of the password, right ? 1 Link to comment Share on other sites More sharing options...
CaithLynnSayes Posted April 17, 2023 Share Posted April 17, 2023 20 minutes ago, Dyna Mole said: It's easier to have a constructive conversation if we're all headed in the same direction. I'm sort of lost on what direction that is now if i'm honest. 1 Link to comment Share on other sites More sharing options...
Arielle Popstar Posted April 17, 2023 Share Posted April 17, 2023 12 minutes ago, CaithLynnSayes said: I'm sort of lost on what direction that is now if i'm honest. Downhill 3 Link to comment Share on other sites More sharing options...
Istelathis Posted April 17, 2023 Share Posted April 17, 2023 /me looks at conversation, and tries to choose wisely Oh snap, pick-up sticks! Are we on MFA, Dialogue boxes, Linden Wallets? 1 Link to comment Share on other sites More sharing options...
Love Zhaoying Posted April 17, 2023 Share Posted April 17, 2023 3 minutes ago, Istelathis said: /me looks at conversation, and tries to choose wisely Oh snap, pick-up sticks! Are we on MFA, Dialogue boxes, Linden Wallets? I'm waiting for giant JENGA. 1 Link to comment Share on other sites More sharing options...
Istelathis Posted April 17, 2023 Share Posted April 17, 2023 2 minutes ago, Love Zhaoying said: I'm waiting for giant JENGA. You have to sign in with MFA before you can pull out a piece in this version though, and avoid the pieces that ask for your password 😋 Link to comment Share on other sites More sharing options...
Love Zhaoying Posted April 17, 2023 Share Posted April 17, 2023 I think about the only thing we've accomplished in this thread is, making our Forum peers more aware of the general issue of the so-called "scam". The general consensus is that there's no solution except for education, and there is a minority who seems sure even education won't work. So..what's the point of our continued discussion then? 2 1 Link to comment Share on other sites More sharing options...
Istelathis Posted April 17, 2023 Share Posted April 17, 2023 6 minutes ago, Love Zhaoying said: So..what's the point of our continued discussion then? To slowly drive the mods insane with our ramblings, I think 😈. But I do think it serves the purpose of making people aware of the variety of scams out there that, and brainstorming possible solutions to them. I still think the best course of action is mandatory classes, and failure to attend them result in being cast into the cornfields, and to feed them to the volcano. 1 Link to comment Share on other sites More sharing options...
Love Zhaoying Posted April 17, 2023 Share Posted April 17, 2023 29 minutes ago, Istelathis said: To slowly drive the mods insane with our ramblings, I think 😈. But I do think it serves the purpose of making people aware of the variety of scams out there that, and brainstorming possible solutions to them. I still think the best course of action is mandatory classes, and failure to attend them result in being cast into the cornfields, and to feed them to the volcano. I think there were plenty of "viable", if not "good" suggestions. Too bad about all the nattering nabobs of negativity (a phrase only old people will recognize)! 1 Link to comment Share on other sites More sharing options...
Sid Nagy Posted April 17, 2023 Share Posted April 17, 2023 (edited) 2 hours ago, Jaylinbridges said: xPMNg8kT6Ag4il0#l@kA@17dxs@7E8nRa3%k$#DN8IwRNsX63e That's not my password, but mine is like that - so hack that. I can remember the first 4 characters on a good day Main problem is losing where it is stored, so I need multiple backup locations in case my city gets hit by a giant flaming meteor. Just mail them all to me. I'll keep them save for you. Cross my heart and all. 😁 BTW: Did I ever mention to you that I'm actually a Nigerian prince? Edited April 17, 2023 by Sid Nagy 1 1 4 Link to comment Share on other sites More sharing options...
Silent Mistwalker Posted April 17, 2023 Share Posted April 17, 2023 1 hour ago, Istelathis said: To slowly drive the mods insane with our ramblings, I think 😈. But I do think it serves the purpose of making people aware of the variety of scams out there that, and brainstorming possible solutions to them. I still think the best course of action is mandatory classes, and failure to attend them result in being cast into the cornfields, and to feed them to the volcano. You first. 🌋 It was your idea! That means you're just as guilty as anyone else! 😜 2 Link to comment Share on other sites More sharing options...
EliseAnne85 Posted April 18, 2023 Share Posted April 18, 2023 (edited) 6 hours ago, Ayashe Ninetails said: Phone-based 2FA is not secure. Phones can be lost, stolen, sim hacked and hijacked, yeeted into the sun, etc. I would absolutely hate this. It's also not secure, so it's added hassle for nothing. See above. We already have MFA for our accounts and it's entirely opt-in (for now). I can't see needing anything else at the moment. Yeah, but they will find a way around MFA too. I just read one of the links CathLynn put up. Scammers have ways to steal cookies, plus other ways to get around MFA. As far as straight up 2FA, the article said your company (the one you have the 2FA account with) will never ask for the code they sent in your phone, so don't give that out to anyone just the same as our passwords. https://www.zdnet.com/article/hackers-are-finding-ways-around-multi-factor-authentication-heres-what-to-watch-for/ "This is a really important challenge for society right now as we increasingly digitize we've got an incredible opportunity to continue to put technology to really good use. But we've also got to address these challenges when it comes to resilience and the human aspect," says Alashe. Edited April 18, 2023 by EliseAnne85 Link to comment Share on other sites More sharing options...
Rowan Amore Posted April 18, 2023 Share Posted April 18, 2023 17 minutes ago, EliseAnne85 said: Yeah, but they will find a way around MFA too. I just read one of the links CathLynn put up. Scammers have ways to steal cookies, plus other ways to get around MFA. As far as straight up 2FA, the article said your company (the one you have the 2FA account with) will never ask for the code they sent in your phone, so don't give that out to anyone just the same as our passwords. https://www.zdnet.com/article/hackers-are-finding-ways-around-multi-factor-authentication-heres-what-to-watch-for/ "This is a really important challenge for society right now as we increasingly digitize we've got an incredible opportunity to continue to put technology to really good use. But we've also got to address these challenges when it comes to resilience and the human aspect," says Alashe. You forgot to quote the final line which basically sums up the entire problem of this thread... "People are wonderful, they want to be helpful, so they'll get tricked sometimes," he adds. 1 1 Link to comment Share on other sites More sharing options...
Ardy Lay Posted April 18, 2023 Share Posted April 18, 2023 6 hours ago, Love Zhaoying said: When I was a cub, before 2FA, for a primitive MFA we used little RSA keyfobs with special numbers, and the "seeds" for those numbers were tied to our personal keyfob! So, someone would have to steal our keyfob to hack us. Get off my lawn! Those are still in use and beat the moldy butter out of using text messages, email messages, and most of those already-hacked apps. 1 Link to comment Share on other sites More sharing options...
Ayashe Ninetails Posted April 18, 2023 Share Posted April 18, 2023 18 minutes ago, EliseAnne85 said: Yeah, but they will find a way around MFA too. Of course. None of it is 100%. That's why I'm not a fan of adding extra layers of it beyond what we've currently got now at the account level. 1 Link to comment Share on other sites More sharing options...
EliseAnne85 Posted April 18, 2023 Share Posted April 18, 2023 3 minutes ago, Rowan Amore said: You forgot to quote the final line which basically sums up the entire problem of this thread... "People are wonderful, they want to be helpful, so they'll get tricked sometimes," he adds. Yeah, is a good line. It's possible and it happens, they have "tricks" and those tricks are constantly changing. As a matter of fact, somebody just did try a trick. And, it did happen once before. Silent Mistwalker said she remembered. I remembered it vaguely but yet I knew it was familiar. Back in those days, I thought websites used to be attacked, not individuals, and I thought SL was under attack, so I logged out. It sucks. It's like us against them. 1 Link to comment Share on other sites More sharing options...
Jaylinbridges Posted April 18, 2023 Share Posted April 18, 2023 7 hours ago, Zalificent Corvinus said: You do know that SL only uses the first 16 characters of the password, right ? OMG I now feel so insecure. So what is SL doing with the other 34 characters? I bet they are making new "enter your password" boxes with them. Wait - think I see one floating above me now... Logging Off... Link to comment Share on other sites More sharing options...
Krystina Ferraris Posted April 18, 2023 Share Posted April 18, 2023 3 hours ago, Jaylinbridges said: OMG I now feel so insecure. So what is SL doing with the other 34 characters? I bet they are making new "enter your password" boxes with them. Wait - think I see one floating above me now... Logging Off... They save them for later as spares, in case portions of the first 16 get lost or damaged. It cost $L 100 per character to replace damaged ones. 1 2 Link to comment Share on other sites More sharing options...
Lindal Kidd Posted April 21, 2023 Share Posted April 21, 2023 On 4/17/2023 at 4:24 PM, Istelathis said: I still think the best course of action is mandatory classes That would really help the attendance at my weekly Avatar Safety class! *cough* Noon Saturdays, Caledon Oxbridge University *cough* 3 Link to comment Share on other sites More sharing options...
Silent Mistwalker Posted April 21, 2023 Share Posted April 21, 2023 20 minutes ago, Lindal Kidd said: That would really help the attendance at my weekly Avatar Safety class! *cough* Noon Saturdays, Caledon Oxbridge University *cough* You really do not want people like me, who don't need such things even as a reminder, to be forced to attend a class every week. Disruption would be an understatement. 🤬 Link to comment Share on other sites More sharing options...
Recommended Posts
Please take a moment to consider if this thread is worth bumping.
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now