UIF - United Islands Freeroam Forum

Please login or register.

Login with username, password and session length
Advanced search  

News:

UIF updated to SA-MP 0.3.7

Pages: [1] 2 3 4   Go Down

Author Topic: UIF Security Account Management  (Read 6380 times)

0 Members and 1 Guest are viewing this topic.

Jazz

  • Staff Supervisor
  • Sr. Member
  • ********
  • Posts: 6179
UIF Security Account Management
« on: July 29, 2016, 11:57:24 am »

Dear UIF community,

I am writing this topic in relation to the amount of problems that people seem to be facing with their accounts these days, those problems are focusing on "hacked accounts" or "forgetting your password. Myself and other higher level staff have been responding to many topics relating to these cases and I feel it's being repetitive, therefor this topic will clarify and explain fully what you can do and what we can do for you, so please refer to this topic if you are one of those victims, also to the rest of the community feel free to re-direct topics that are to do with those two mentioned problems above to this topic.

Forgot Password
> First and foremost is a really common problem that most people face and this problem actually does occur way more than hacked accounts, since it's very easy to forget what your password is, especially if you go inactive and not play for a long time. As of one of our recent builds this server has introduced a new security feature that is used for people to reset their passwords, in the event that you forgot it for whatever reason that may be. Below is a quote from the owner, which specifically explains what you must do in the event of you forgetting your password.
How to recover your account password?

The recovery process is very easy and user friendly. There are only a few simple steps that need to be completed.

1. Join the UIF server with your correct account name.

2. Click on the Forgot Password button when being asked to log in.

3. Check the email address you linked to your account.

4. Log in with the password found in the email.

Important

- Your email address must have been linked to your account before you lost your account password. If you have not linked your email address to your account, the procedure explained above will not work and you will not be able to recover your account password. Command /email when ingame to link your email address to your account.

- As of 01/05/2016 account password reset requests are no longer processed. You need to use the automated procedure explained above.

Questions?

Leave a reply on this topic.

It is absolutely vital that you immediately assign a valid working email address to your account, as soon as you can. This is important to recover your account and if you fail to attach the email before the event takes place, then there will not be a way to recover it.

What solutions can be done to avoid losing or forgetting your password?
That's a really simple question, all you need to do is ensure basic security over it, that can be done through several ways, for example making a discreet note of it somewhere that you know it will be safe and you won't be able to lose it, people often tend to create a text document on their PC, or even on their phone in a notepad app, however keep in mind about other people being able to access your devices and if that is the case, then you'll need to choose another place. Other ways can include using a password that has some sort is significance to you, by this I mean it's something you know you can't forget, because it holds a value and is special to you in some way, this actually helps people remember it a lot more easier than something that is random.

Do some basic checks before you decide to go ahead and try the recovery system
You might not even need to use this system, because the issue is just something small and minor, for example let's start off with the basics. Did you spell the password and Name correctly? Often people would make small mistakes like that and go to the extent of requesting a password reset, when they don't really need it.

The last thing to do with "forgetting your password" that I would like to mention is always take full responsibility over your possessions, because from my experience I've encountered players that go inactive and later return saying it's been so long and they don't remember their password, those solutions I mentioned above will solve this and if you do things like what I stated above, you will not be in a situation that involves you forgetting your password.

Account Hacked
> Moving on to the second subject of this topic is related to hacked accounts. Account hacking occurs everywhere and not just this server alone, however the amount of times we tell players what they need to do to ensure that doesn't happen to them is sometimes not made clear, therefor this topic should give those principles thoroughly.


> Account sharing or trading.
> Being promised rewards in exchange for account information, this can include but is not limited to just VIP status.
> Clicking on false replications of the official UIF forums or on a false website (phishing).


Of course those are not the only ways, but in my book those appear to be the common ways it happens, especially on this server. It's very unlikely your account would get hacked if you are cautious and manage it well, multiple stories can range from people using the same password for multiple sources, including the forums and game, that's something you do not want to do, so make sure it's something unrelated and has several complications, for example the use of upper case/lower case, numbers/letters and special characters too.

If you can effectively mantain your two accounts both in-game and forums well, then there's no reason for you to have to worry about things and trust me, nearly every single time hacked accounts are situations caused by the user.

Regards
Jazz


The quote above briefly summaries the key points of what common ways people do get hacked and it's not only that way now, we have another way people have been getting hacked recently and it's a problem that seems to be growing even to this day. The other problem I'd like to address relating to hacked accounts is the use of social media, that's right the majority of players here including admins,  I'd imagine are using social media and that is not a problem, we will not stop you, nor will we tell you that you can't use things like Facebook or Twitter, but we will advise you on the dangers and potential threats that can be around those places. As most of the community are aware, we do have certain individuals that use to be around UIF, but are no longer here, due to the fact they have been hostile in some way to the server. Specifically mentioning Facebook is a place in which most of them hostile parties are known to be at and we encourage you to not get in contact with them, nor is it a good idea to speak to admins especially there, since we can't be sure it is a actual official admin, rather than a impersonator. I'd like to make it clear that if you have a problem within UIF, such as a report, game problem, ban problem or something else to do with UIF, then please contact staff on official UIF resources, that being the server In-game or here on the server forums.

What to do when you come across a link sent by someone?
Well, first and foremost you do not straight away click on that link, because you dont know where it would re-direct you, double check who the sender is and see if it is a impersonator or an actual person you know. Run a few security checks and scans to see if the link has anything discrepancies and lastly think logically of what it leads to, because if it's something like "Free VIP", then straight away it should give off a strange vibe that it is dodgy and possibly a misleading link into something bad.

How to avoid being hacked in the first place?
I've mostly stated above what you need to do in order to not get hacked  (e.g like not sharing accounts, phishing links etc..), however when it comes hacked accounts, things take place behind the scenes of UIF resources nearly all the time, what I mean by this? Most past players (hostiles/Ex admins) tend to trick the community through things like social media, false copy of the forums (which supposedly replicates the basic looks and visuals, not to mention a similar name), but if you don't use social media, there is a better chance that you will not get hacked by one of these people, therefor this leads me on to say if you don't use social media it's even less likely to get hacked or tricked by one of these people that standby in those places to send requests and start false posts.

What should I do if I do get hacked?
Firstly, posting topics about it in the forums is not going to help the situation, nor will it get you anywhere, since it's really just spamming at the end of the day. As far as we can say for this when you do actually get hacked, there is currently no way to return your account, the current password recovery system was only made and intended for forgetting passwords and not getting hacked, therefor once you fall victim to being hacked it's a very slim chance to get it back, since it's basically out of our reach in someone else's possession. You will have no choice but to start over again with a new account, but taking in all the advise and knowledge that we provide you for next time and future reference.

Lastly I'd like to sum up and say that your account is purely your responsibility, being the owner and user of it, therefor should anything happen like your account falling into someone else's possession, then you would be to blame ultimately. Please keep in mind it is tremendously hard to recover accounts that are hacked, which is realistically why no services no longer exist for such cases, putting out awareness and topics like this will hopefully be a eye opener and prevent it from happening to you in the first place.

« Last Edit: July 30, 2016, 07:45:00 pm by ⚜UIFJazz »
Logged


branz

  • Sr. Member
  • ****
  • Posts: 1790
Re: UIF Security Account Management
« Reply #1 on: July 31, 2016, 07:02:27 am »

Logged

Michonne

  • Sr. Member
  • ****
  • Posts: 568
  • SA-MP Name: HenchDelta / DeltaTheAsshole
  • Bloody criMinal outlaWz
Re: UIF Security Account Management
« Reply #2 on: July 31, 2016, 07:25:16 am »

Great work!
Logged
cya cunts

Venzo

  • Full Member
  • ***
  • Posts: 202
  • SA-MP Name: [DrunkS]Venzo
  • Left, too busy irl.
Re: UIF Security Account Management
« Reply #3 on: July 31, 2016, 07:56:28 am »

That's awesome Jazz, thanks for the information.

From my perspective, using the same password for multiple stuff isn't a good idea, I mean it'd be better if you use 2 different passwords for in-game and/or forum.
Logged
Retired Admin LVL5

Some people are like clo-
-uds when they go away
it's a brighter day
*Since 2010*

DragonSoul

  • Sr. Member
  • ****
  • Posts: 724
  • ayy
Re: UIF Security Account Management
« Reply #4 on: July 31, 2016, 09:01:12 am »

Great one!
Logged
~TA~
~kwS~

Spektrem

  • Sr. Member
  • ****
  • Posts: 1312
  • SA-MP Name: Spektrem
  • Losers visualize the penalties of failure
Re: UIF Security Account Management
« Reply #5 on: July 31, 2016, 09:50:41 am »

Good job, this topic is really useful and especially for the people who are being victims under account hackers
Logged
The Infamous Crew

Easqυez

  • Sr. Member
  • ****
  • Posts: 3826
  • bmw / drunks fsc
Re: UIF Security Account Management
« Reply #6 on: July 31, 2016, 12:05:00 pm »

Cool!
Thanks a lot sir.

Weich

  • Full Member
  • ***
  • Posts: 220
  • SA-MP Name: Weich
Re: UIF Security Account Management
« Reply #7 on: July 31, 2016, 12:05:50 pm »

Great article as always.
I would like to add a few things as well. You should NEVER share passwords across any accounts anywhere. This also means you should not use the same password for your recovery email, forum account email, and ingame account email. I personally recommend generating random passwords at a place like random.org and saving them in a "password safe" program like KeePass so you have them in a relatively safe ENCRYPTED file. I also highly suggest you store a copy of the encrypted file elsewhere in case of hard drive or machine failure. By the way do not go the lazy route and simply stick a text file in an encrypted zip file, breaking zip encryption is rather trivial with numerous programs found on the internet. Keeping your password in a plain text file is a very bad idea, just in case your computer is compromised. I go through some rather elaborate lengths to protect my passwords that I will not document here, but I recommend writing down any important passwords on sheets of paper that you keep in a locked box hidden somewhere away from your computer (so anyone who breaks into your house does not think that is what it is for). Less important but frequently used passwords should be stored in a "password safe" or encrypted file. Obviously you still will have to have a memorable password for the encrypted file, so choose carefully. It is actually possible to go even beyond this, but it is not really necessary for the average internet user.

Of course you can follow only some of these suggestions and still be relatively safe so long as you follow the really important ones.
Obviously you should avoid using any "memorable" passwords in this list and any other list you find on the internet:
http://www.passwordrandom.com/most-popular-passwords
Keeping every password unique is also very important, especially if you tend to use the same name across "things", which itself is a problem from a security point of view.
Everything else is mostly optional depending on your level of technical skill (although it is not hard) and access to paper and a locked box.

Here's a funny webcomic that is related to make up for the text above, just because :D:

As PowerslidePrincess said , this way is very good for players, this is how they'll remember their pw and they don't need that email system

And i want to add somethings would be helpful

Choose a favorite passage out of a book and use a word from the passage. For example, if your favorite book is "The Eye of the World", by Robert Jordan, and your favorite passage is the second paragraph on page 168, use a word from that passage. You can use the word Draghkar. So you would put 2Draghkar168. 2 is the paragraph number and 168 is the page number.


Or

Shift your fingers one key out of your normal typing position

WITHOUT SPACE

And

Consider doubling an easier password. Length can help the strength of a password, so if you want to use the doubling method, you may be able to choose a slightly easier word and then double it. You'll have less to remember and your password will still be strong!
« Last Edit: July 31, 2016, 05:17:42 pm by Weich »
Logged
I take things like honor and loyalty seriously. It's more important to me than any other materialistic thing or any fame could have

£xtRem£ K!lleR§™

Supporting
Sons of Anarchy™

Stai0.

  • Sr. Member
  • ****
  • Posts: 888
  • SA-MP Name: [LEFT]
  • Since Build 82 - Serbia
Re: UIF Security Account Management
« Reply #8 on: July 31, 2016, 12:16:08 pm »

Nice that will be helpful for players who lost password.
Logged
Vaske/OMGitsVaske/BLaZzo/BLaZE/Stai0

Nightmare Forever <3
~ No Mercy ~
2012-2018 †
PERM INACTIVE

Jatin_Singh

  • Newbie
  • *
  • Posts: 3
  • SA-MP Name: [India]Jatin_Jes
  • Nothing To Say, Just Ask Me If You Want To Know
Re: UIF Security Account Management
« Reply #9 on: July 31, 2016, 12:36:46 pm »

Which means m fu**ed up badly cuz i was not active from a long time so i don't know whats going on in UIF, so i did not assigned email address with my account and when i tried to open my account its not opening cuz password was incorrect, i tried so many times but failed.. i tried forgot password but no email verification came ... just bcoz of i don't know there is a new security has come 'email assigned'

i can only request you please help me, i seriously want my account back.. i spent a lot of time on that, ..
please understand the situation..

(sorry for bad english) :(
Logged

iAbdullah

  • Sr. Member
  • ****
  • Posts: 1357
  • SA-MP Name: [Res]iAbdullah
  • "Dont count the Days, make the Days count"
Re: UIF Security Account Management
« Reply #10 on: July 31, 2016, 12:40:48 pm »

Very Nice Jazz!
Helpful for new players.
Logged

Supporting:
BMW - eK - DrunkS

Username

  • Full Member
  • ***
  • Posts: 197
  • Left The UIF
Re: UIF Security Account Management
« Reply #11 on: July 31, 2016, 02:20:53 pm »

Helpfully Jazz, Especially helpful to the beginners. :D !!!
Logged

Mustafa_

  • Sr. Member
  • ****
  • Posts: 914
  • SA-MP Name: 2628382
  • Humne toh dene ka waada' kyaa hai
Re: UIF Security Account Management
« Reply #12 on: July 31, 2016, 03:20:29 pm »

It's Very Helpfull to the Newbies... Great Work!
Logged


The Triumvirate

PowerslidePrincess

  • Sr. Member
  • ****
  • Posts: 426
  • SA-MP Name: PowerslidePrincess
  • Pentium 4 Master Race reporting in!
Re: UIF Security Account Management
« Reply #13 on: July 31, 2016, 04:40:15 pm »

Great article as always.
I would like to add a few things as well. You should NEVER share passwords across any accounts anywhere. This also means you should not use the same password for your recovery email, forum account email, and ingame account email. I personally recommend generating random passwords at a place like random.org and saving them in a "password safe" program like KeePass so you have them in a relatively safe ENCRYPTED file. I also highly suggest you store a copy of the encrypted file elsewhere in case of hard drive or machine failure. By the way do not go the lazy route and simply stick a text file in an encrypted zip file, breaking zip encryption is rather trivial with numerous programs found on the internet. Keeping your password in a plain text file is a very bad idea, just in case your computer is compromised. I go through some rather elaborate lengths to protect my passwords that I will not document here, but I recommend writing down any important passwords on sheets of paper that you keep in a locked box hidden somewhere away from your computer (so anyone who breaks into your house does not think that is what it is for). Less important but frequently used passwords should be stored in a "password safe" or encrypted file. Obviously you still will have to have a memorable password for the encrypted file, so choose carefully. It is actually possible to go even beyond this, but it is not really necessary for the average internet user.

Of course you can follow only some of these suggestions and still be relatively safe so long as you follow the really important ones.
Obviously you should avoid using any "memorable" passwords in this list and any other list you find on the internet:
http://www.passwordrandom.com/most-popular-passwords
Keeping every password unique is also very important, especially if you tend to use the same name across "things", which itself is a problem from a security point of view.
Everything else is mostly optional depending on your level of technical skill (although it is not hard) and access to paper and a locked box.

Here's a funny webcomic that is related to make up for the text above, just because :D:


Logged
Windows XP users are an oppressed minority.
May the truth set you free:
https://spyware.neocities.org/articles/discord.html

Max characters: 300; characters remaining: 66
Images in your signature must be no greater than 300x300 pixels

Easqυez

  • Sr. Member
  • ****
  • Posts: 3826
  • bmw / drunks fsc
Re: UIF Security Account Management
« Reply #14 on: July 31, 2016, 05:48:09 pm »

As PowerslidePrincess said , this way is very good for players, this is how they'll remember their pw and they don't need that email system

And i want to add somethings would be helpful

Choose a favorite passage out of a book and use a word from the passage. For example, if your favorite book is "The Eye of the World", by Robert Jordan, and your favorite passage is the second paragraph on page 168, use a word from that passage. You can use the word Draghkar. So you would put 2Draghkar168. 2 is the paragraph number and 168 is the page number.


Or

Shift your fingers one key out of your normal typing position

WITHOUT SPACE

And

Consider doubling an easier password. Length can help the strength of a password, so if you want to use the doubling method, you may be able to choose a slightly easier word and then double it. You'll have less to remember and your password will still be strong!

Read this for a stranger password.
http://forum.uifserver.net/index.php?topic=93872.0
Pages: [1] 2 3 4   Go Up
 

Page created in 0.115 seconds with 20 queries.