Original post by janoside That does not seem like a reasonable solution to me. I understand the intent, but a lot of people use such an account as their primary account and such people should not be banned. Especially because such services often provide better features (more storage, searching, etc) than many local ISP and university accounts.
The same can be said for requiring a credit card ( even for just validation ). Not all people have a credit card. Even if something like yahoo is their primary that infers that they have a secondary which would be accepted. Again, like I said, it's one possible method that I know some games have used ( mostly web based ones ). Again it's not a method that we use but it could be a solution if you notice that a lot of cheaters are using a particular email provider. Even a temporary restriction on those emails might be enough to make a greifer/hacker/cheater loose interest.
One addition i've recently made to secure account registration is to implement a CAPTCHA system. This will hopefully make it a little bit trickier for anyone who wants to write a bot to register half of the dictionary as accounts. I don't expect it to be infallible though as nothing really is when dealing with Internet games - as the Wikipedia entry says a sweatshop could circumvent this protection - but the more protection I add the better I feel about the security of my system.
There's an elegant game design way to solve this: removes NPC buyers. People will need to get inventive to grab some money, because if everyone mines says, charcoal, the charcoal price will suddenly drop, and mining charcoal will not be viable anymore.
Well, I would use a serial key that comes with the game. Allow X amount of account or characters with that serial key and if they cheat or abuse the system block that key. Have the player create a log-in that is tied to that key so they can use it from any computer. There are a lot of ways to get the job done, it just depends on how protected you want it to become.
Charging money for Accounts or some key to an account? Don't know if this works or not, just giving you some ideas. But charging money for account can greatly reduce duplicated accounts.
All my posts are based on a setting of Medival Fantasy, unless stated in the post otherwise
Original post by lightblade Charging money for Accounts or some key to an account? Don't know if this works or not, just giving you some ideas. But charging money for account can greatly reduce duplicated accounts.
First, remove all static ip adresses. (grab the first 'segment' of the host name (everything before the first dot), and block any that that don't contain any numbers)
ie. For Random.com, random doesn't contain numbers so its static, so block it. For be71.skynet.com, be71 contains numbers, so its dynamic, so you let it in.
You then remove the first segment of the host name, and look only at the remaining part. (dynamic ip's change the first segment, rarely anything else).
next, look up a list of "banned" hostmasks. (this makes most bans stick, unless they use a proxy.)
In the case of a proxy (this is for web based stuff), you check to see if it will accept connections on port 80, 8080, ect. (i'd get another computer to portscan anybody coming in, start off with the major ports, then scan as many other random ports as you have time for.)
If they do, then block it, and add that range to the block list. (Its a proxy, RUN!)
Then you check for more then one user with the same ip, ect. (enforce a one range, one account policy. and when you ban a range, ban every account that falls in those ranges.)
Then you have moderators, with a nice shiny "Ban" button.
[lol]
Few people ever get to the moderation stage.
(as another thing you can do, per account, require email activation. not foolproof, just annoying. esp if you ban free/unknown email hosts).
Click here to patch the mozilla IDN exploit, or click Here then type in Network.enableidn and set its value to false. Restart the browser for the patches to work.
