Recently, there have been a number of people who claim to have been "hacked", had their account stolen, etc.
While the security of your account is, for the most part, your responsibility by keeping your account credentials secret and only known by you, as well as have different emails and passwords for each website you have an account for, ourWorld should also help protect your account alongside any protections you have in place.
I have played a lot of different games from different developers, so here are just a few suggestions that ourWorld could adapt into making the game that much more secure.
- This is purely my opinion on what ourWorld should include to further protect its playerbase. I will not be stating anything that has or hasn't happened in the past in regards to players, the oW server, or oW as a whole.
- This post does not intend to exploit any flaws within oW whatsoever. This post is merely here to be a discussion topic on what oW could include.
- "Did you just log in?"
This first one is a pretty basic security feature that, if your account logs in anywhere where the game doesn't expect you to sign in from, you will get either an e-mail, text or both, depending on user preference. If you choose that, yes, it is in fact you signing in, the game will auto-allow further sign-ins for that location. If not, ourWorld will immediately sign the account out, and blocks any further log-in attempts until the block is lifted, and will suggest you to change your account password.
- Two-Step Authentication
These are pretty much a staple in regards to account safety across numerous online games and game launchers, such as Steam. If set up, anytime you sign into the account, you will either be asked to verify a certain authentication keyphrase (something like Google Authenticator or Steam Guard), verify a randomly generated text string sent to either your phone or via e-mail, or by some other means. This will greatly increase the security of one's account on oW.
- Native HTTPS support (dropping HTTP protocol)
One of ourWorld's biggest flaws is that it natively does not support the HTTPS protocol. Anytime you go to visit ourWorld normally, you will be using the non-secure webpage, unless you manually type in that protocol in the web address link. I feel this should be rectified as soon as possible to make sure ourWorld constantly uses a safe, secured connection at all times and any connections using the HTTP protocol get automatically transferred to using HTTPS.
- Temporary Chat Mutes
AQW (Adventure Quest Worlds) is one of those games that I played religiously back in the day, and every now and then these days. One of the biggest chat-related features this game had was temporary chat muting. What is this, you may ask? If a player were to quickly spam the chat, their account will be temporarily muted from chat for a few minutes, after which the account will be able to speak. This timer slowly increases the more times in the same session the account is on, and does not time out if the player logs off, unless it is over a certain amount of time before the player signs back in.
I feel this can greatly improve oW by effectively canceling out the accounts that seem to spam crash players. Essentially, take the mute mechanic that ourWorld comments have, and apply that to normal chat and whisper chat.
There are most likely other features that ourWorld could incorporate into the game to make it that much more secure, however these four are ones that really stand out to me.
Have any other ideas? Discuss down below what security features ourWorld should include.