[286+] Account protection suggestions

Posted 4 years, 2 months ago (Edited 2 years, 1 month ago) by AcneScars

What's your favorite feature?

228 Votes Two Step Authorization

47 Votes Login information log

15 Votes Captcha

81 Votes All

38 Votes None

View Results

Greetings, Toyhou.se!
Toyhou.se is one the very few websites I use that does NOT have any system to protect your account(s). So, today I am here to make my case on why I think Toyhou.se should add more of their resources to changing this.

Suggestion One: Two Step Authorization

Two Step Authorization is one, if not the most common way, websites protect user's accounts. There's many ways to enable Two Step Authorization that is accessible to most users. Adding two or more options so users can pick which Two Step Authorization they want is the best way to go about it. And the best thing about it is it's optional in a majority of cases. If users don't want it, they don't need to have it!

Here's some common Two Step Authorizations:

E-mail: The user gets a code via their e-mail inbox.
SMS: The user gets a code sent via their phone number messaging system.
Third-party App: The user needs a third-party app (typically on their phone) and the app generates the code.

Suggestion Two: Security Questions

Another way that is common is adding security questions. A user will be asked to add the security questions via their Settings page and then the prompt to fill in the answers will be triggered if suspicious activity is found and/or every new login. Personally, I don't suggest this, it's deemed very annoying on the user-end; however, it's one of the easier ways to implement account protection.

Suggestion Three: Login Information Page

Login information, or a list of your login data, is a page to show all of your login activity. Typically within a 30 or 60 day window.

This page can show information such as:

IP addresses / Estimated Location
Device Information
Login Date + Time
Etc, etc.

This information is used so that the user can determine if they notice an unauthorized login. The user can then decide to change their password/e-mail/etc. Sometimes the feature to disconnect a current connection is possible as well. (To boot off users you don't recognize, etc.) (Last sentence inspired by Xen's response.)

Suggestion Four: Captcha

Adding a Captcha at the login page can help prevent password guessers. Data leaks are common, and a lot of people reuse the same password for everything. So password guessing (whether with a machine or manually) is extremely common. Captcha should only be triggered after a few failed login attempts and shouldn't be added for every login attempt in general. (Unless you have a bot problem.)

Suggestion Five: Character Transfer/Deletion Delay

An optional cool-down feature would be neat as well. The user should be able to enable it for a single character or for all of their characters via a Settings page. "For that same reason, maybe have a cooldown option on trades/deletion of certain characters? So that when you have it enabled, the character, when transferred or deleted, will remain pending for a certain amount of time, e.g. seven days, leaving the owner with enough time to react in case the action was not performed by them." (Suggestion by Vuurstern)

Suggestion Six: Link/button Approval Via E-mail

Sometimes a website will send you an e-mail to approve/deny a login attempt. Typically via a generated authorized link. (Suggestion by lophiusdragon & nyan_cat)

Why do you need account protection?

Account protection is very important to protecting things you care about, such as:

Your creations: Artwork credit and/or protecting your ownership tab rights.
- Preventing users from removing your rightful credits.
The characters you're hosting onto your account. (Protecting their images, their bios, their credits, etc.)
- When someone gets into your account, they can delete or transfer the characters.
Your reputation as a user on the site.
- Your credibility you've formed by making sales/commissions, etc.
Etc, etc.

ANYONE CAN BE A VICTIM!

Well-known artists and creators are high-risk for having their accounts be compromised.
Users with plenty of characters or plenty of artwork are also at risk of being compromised. (Highly desired characters or CS)
Someone who was close with someone but it ended sourly could be seeking revenge.
Maybe impersonation of an inactive account.
Maybe it's to get around the invite-only system.
Etc, etc.

You can think of many reasons why someone would want to get the account of another user - any reason is enough.

Vuurstern

Came here to see if this was already suggested. I would love to have 2FA enabled, especially with a few incidents in which users tried to pass off my characters as theirs. I would hate it if they could log in and just transfer my character away, or delete them.

For that same reason, maybe have a cooldown option on trades/deletion of certain characters? So that when you have it enabled, the character, when transferred or deleted, will remain pending for a certain amount of time, e.g. seven days, leaving the owner with enough time to react in case the action was not performed by them.

Lilina

Right now, Toyhouse is currently in beta, but I would love to see 2FA being implemented. I don't mind the other suggestions, but I prefer 2FA since it's definitely more helpful to protect my account imo. It's why I have the Authy app on my phone, so that I can use it just in case.

AcneScars

Vuurstern

That's a pretty good suggestion! I didn't even think about that. I don't know if a cooldown option would be the best option, as it might be annoying for some users who are trying to do the action legitimately.

Another issue with pending transfer requests is some users might send a request after they've sold a character and then roll it back within the 7 days. Assuming by pending, I'm assuming you mean they're not sitting there? If you do mean the request is just sitting there for 7 days, I know I'd avoid doing trades on Toyhou.se if I paid for a character and had to wait 7 days to get the character transferred to me.

But if I had my account stolen, there should be a way to request a rollback by staff, but from my understanding, Toyhou.se tickets are so slow and delayed. It takes up to 2-4 months just to get a response back from them. This in of itself is a security risk if accounts are given to someone else for up to 4 months because the staff is slow on fixing the issue. Counting this person would now have access to displaying their email address, could get their account deleted/terminated, could see all of their message histories, and mess with profile content. & that's not including character deletions (Which cannot be recovered from my understanding, even with staff involvement).

But that's still a pretty good suggestion :0 Maybe adding something similar to it would help reduce risk. I feel like character deletions should 100% take up to 7 or more days before being deleted completely and be stored in an "archive" state until restored or wait until the timer runs out.

historia

I prefer two-step the most! I use it for every website that allows it. Even simple two-step like email two-step is still better than no two-step, in my opinion.

Spaceghostess

2FA costs money to implement/operate and Toyhouse already has issues affording stable servers given its current growth rate. I don't really think 2FA is needed, however if it's a popular request I could see it being something users can opt in to pay for.

Pepperly

Captcha is just for botting; this place will never be a big botting target thanks to the invite system. You can stop bots with failed-entry limits which are easier on users. I agree Captcha is just a pain and mostly useless.

The most common 2FA is using a phone number, which I think would make managing multiple accounts (storage/sales/main, from what I see) difficult. I can see non-US users and minors with no cell phones not being able to use it and causing a ruckus. I know not having 2FA can make people (like the OP) nervous, but there's not a huge need for a website like this to have it. It's basically just image hosting + forums, the latter of which I think the majority of users don't even bother with. There's been polls were something like 2/3rds of the users don't even bother with watermarks, which is where all of the site's security even lies. There's no point in 2FA when you can go through an entire gallery with Save Image As.

Account breaches are due to bad passwords and bad security on large websites. You should be using unique passwords on important accounts (paypal, stripe, your bank accounts, emails, anywhere where you do business, etc) to prevent breaches. Using the same email+password combo everywhere is nothing but carelessness and is asking for trouble. It's also not hard to brute-force simple passwords (like pa55w0rd, a simple string of numbers or letters, or something related to public information like the name of your pet), so having good habits is incredibly important and should be priority. Strong passwords are the first level of security and are the easiest to control on a user level.

Honestly, just having a log-in log like FA and a password-attempt limit would be enough for me. This place doesn't directly handle sales of any sort so there's no money to steal, and all character value is really only within the community itself, so it would be pointless for outsiders. Backups should be made of all your art/characters on something more stable than a server that could shut down or fail at any time, as the characters and art themselves are where the value is and as simple data, they're easily transferable, copy-able, and replaceable.

AcneScars

Stratogeist & Pepperly

Two-step isn't just phone SMS or mobile apps. (Assuming you mean the two big authentication apps such as Authy & Google Authentication)

There are plenty of major websites that do it email-based. Which, you do need an email to create an account Toyhou.se. And it's fairly user-friendly, as I've done something similar to my website as well. Platforms don't have to limit you to one type of two-step, but rather give you a few options to use. If it costs money to have two-step enabled (Which I wasn't aware of, but I guess it makes sense) then there are ways to make simpler versions [without going through an existing company].

I've also stated that there's no need for account security in general [before post revision], counting Toyhou.se isn't that big, and account stealing isn't a current issue. Botting isn't an issue as well, to my understanding. However, there is no reason I can see that users shouldn't have the option to protect their accounts. If someone got in, there is 100% no way of knowing, and that can be scary to some users, to not fully know what would be happening to your account at all.

I use randomly generated passwords for ALL of my websites. I ALSO use two-step on every website that allows it. It might be more of a personal thing for me rather than an objective "This is needed to this platform".

A lot of people won't use the feature, and that's okay! I would personally use it.

The password attempt limit would be better than nothing, so I agree!

Though I don't 100% personally understand the last parts. Just because something can be copied without a login into my account doesn't mean I want no way of protecting myself, if that makes sense? People should always back up their characters in general, but the debate isn't so much of "Will I lose all of my characters?" but rather "I have zero control over who can access my account besides the one thing preventing it, which is my password" which isn't something I like thinking about.

If this doesn't bother a lot of people, that's great! I hope people aren't too worried about losing their stuff, it wouldn't be much fun of being on this website if they're worried about people logining in all the time, right? It's more of "This would be nice to have, I see no reason why we can't have this" kind of suggestion.

Vuurstern

AcneScars I definitely agree with that, I don't think it should be a default feature for any character to have the 7 day wait! I meant to have it as an optional feature, so you can enable it on characters you wouldn't voluntarily trade, to protect them. That's probably not very easy to implement, I just wish there were better ways to protect characters! And yes, for deletion, a pending status would be great in general!

AcneScars

Vuurstern

If it was optional, then I'd see no problem! :o I wish there was a better way to protect characters in general, too! I'm not sure how many developers are working on the site (If there is any, I'm not quite sure) so it might be a hard feature to implement if it was done by one person or a small team. But in general, it's not a bad suggestion :D

lophiusdragon

some websites have a thingy where if u login from a different device u are sent an email that basically asks if u are the one who logged in thru that device

u dont have to do anything if u are the one who logged in so that makes it convenient

i think theres instructions in the email on what to do if u were NOT the one who logged in

AcneScars

lophiusdragon

Oh, you're 100% right! I completely forgot about that. Even something like that would be great! Thanks for reminding me. ^^

Xen

I would love 2fa, I have it enabled for all of my accounts that have that feature. I also agree in terms of a login log, would be fairly helpful in making sure all your logins are accounted for and nothing looks out of place.

I would also like a "Log out all accounts" feature, to log out your accounts on all devices.

I do not however, agree with the captcha each and every time one has to log in. I have some pretty bad visual impairments and captchas, as simple as some are, are absolute hell for me to get through. I rarely log into only of my accounts on sites that always use captchas for this reason. That would be a serious step backwards in accessibility and would alienate a lot of disabled/visually impaired users that don't leave their accounts logged in constantly. A captcha if the login attempt is from a different device/multiple failed password attempts? That's fine, but every time would have to be a no from me.