Staff Account Security Issues
Due to recent compromises of Graal's databases there appears to be a strategic effort to gain access to playerworld staff accounts, for example on Classic there has been unauthorised access to two staff accounts in the space of one week (fortunately no RC logins or damage caused).
I would suggest that all playerworlds:
(if they haven't already) |
Gee, so this wasn't just a UN problem. Who would have guessed?
Also, for the record, the last UN staff member who got their account stolen claims he was using the client computer lock system, so I'm not sure if that's not working or what. |
Quote:
Quote:
|
Quote:
|
It's crazy how people of this community have to take lead here to keep people and servers safe, rather than the actual "Graal Administrators" taking time to make these logical suggestions.
|
Quote:
|
Quote:
It wasn't really announced but there is a system in place now that requires you to setup 2FA (Google Authenticator) in order to use RC and approve IP range additions which should prevent compromised active staff accounts from gaining access. This was implemented after the whole UN ****-storm though. |
Quote:
|
Quote:
|
Quote:
|
Quote:
|
Quote:
|
honestly what if the PWA's accounts have been compromised just sayin its possible most of the globals are inactive these days there accounts are probably easy targets by now
|
Quote:
It's a valid point though, it wasn't so long ago where a former higher-up account was compromised in an unpredictable capacity. Luckily the culprit had no malicious intentions. |
Just discovered that a compromised account was disabled after the owner changed their password :oo:.
|
All times are GMT +2. The time now is 12:54 AM. |
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.
Copyright (C) 1998-2019 Toonslab All Rights Reserved.