GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   There is only one way to have good security on epassporte (https://gfy.com/showthread.php?t=796449)

Klen 01-02-2008 09:37 AM
There is only one way to have good security on epassporte
 
I examined other p2p systems and concluded each of these system can be comprimised if hacker got your username and password.
Some of them have additional protection like requiment of putting birthday info during each send but that info can be founded very easily in most cases and it doesnt help much.
So that means people who blame epass for bad security they blame it without valid reason.
So i conclude there is only way to prevent situation where your money gone:disable p2p send transfer.
In most cases webmasters uses epass so they can get faster withdraw and they dont need to send money to anyone.
Even if someone need to pay hosting and similar things,they can still use virtual visa electron which cannot be abused as p2p send transfer.
So epassporte need to allow their users to disable p2p send option if they want to do it and voila,no more problems with hacked accounts.

scottybuzz 01-02-2008 09:39 AM
Genius. I think you just sovled all the fraud problems in the world there Klentelaris. Complete genius.

dready 01-02-2008 09:42 AM
Not a bad idea. I could get along just fine without that option.

FredIsMe 01-02-2008 09:43 AM
Bump for epassporte folks

buddyjuf 01-02-2008 09:48 AM
Why not have a digital password system that requires you to have a piece of hardware that changes passwords every 10 seconds on you at all times in order to login?

xmas13 01-02-2008 09:51 AM
Epassporte is a one-man show, this, is epassporte's main problem.

dready 01-02-2008 10:07 AM
Quote:
Originally Posted by bdjuf (Post 13591711)
Why not have a digital password system that requires you to have a piece of hardware that changes passwords every 10 seconds on you at all times in order to login?
Good idea also. Paypal will send you an RSA SecurID tag for only $5.

QTbucks_Mark 01-02-2008 11:20 AM
Quote:
Originally Posted by bdjuf (Post 13591711)
Why not have a digital password system that requires you to have a piece of hardware that changes passwords every 10 seconds on you at all times in order to login?
Or use plain old one-time transaction codes like almost every sane banking system.

Actually, why doesn't epassporte do this? Just send a letter with 50 or so one-time codes via mail, charge a dollar or two for the postage fee and advertise it as brand-new-foolproof-and-almost-unbreakable-security-feature or something like that...

Of course someone still could gain access, but getting your username, password, the new security question AND a piece of paper nobody but you has - that's pretty damn hard. Justy my :2 cents:

Klen 01-03-2008 08:24 AM
Quote:
Originally Posted by bdjuf (Post 13591711)
Why not have a digital password system that requires you to have a piece of hardware that changes passwords every 10 seconds on you at all times in order to login?
Or simply token which generates unique pin every time when you need to login(one bank has that and it works fine).Impossible to have unauthorized access.Unless someone have your token and knows pin of token

nico-t 01-03-2008 09:04 AM
well... then they have to secure the option to disable p2p transfers too, otherwise the hacker can simply enable it when he got the good old username and password... i think the best way is just not being a fool when it comes to your pass, and also change it once in a while.

DamageX 01-03-2008 09:08 AM
Disable P2P transfers for me and I drop epassporte faster than you can say drop.


All times are GMT -7. The time now is 10:55 PM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123