SCSForum ModeratorJoin Date: 2008-06-24
Post Count: 10075 |
I think all administrator and moderator accounts should be placed under a full constraint login. I will explain what I am talking about with a comparison.
A regular user logs into Roblox--only one p . a . s . s . w . . o r d has to be entered upon login, then the person is free to play.
A Volunteer Forum Moderator, A-Team Moderator, Super Moderator, Customer Service Team Member, Community Manager, Artist, or Developer logs in. After completing the regular login, instead of being free to browse Roblox, the user is faced with a full constraint login page--very similar to the one displayed when the site goes offline for maintenance and upgrades. Therefore, the person would have to enter in a p . a . s . s . w . . o r d, press the letter "R" button, enter in a second p . a . s . s . w . . o r d, press the letter "O" button, etc, until all six p . a . s . s . w . . o r d . s have been correctly entered. Each p . a . s . s . w . . o r d must be at least 50 characters long and consist of a mix of upper and lowercase letters, numbers, symbols, and alphanumeric characters. If any of the total of seven p . a . s . s . w . . o r d . s are entered incorrectly, the person is entirely, and irreversibly, locked out of his or her user account for a total of 48 hours, and a warning signal is activated alerting whoever is in charge of responding to crisis situations on the Roblox website.
However, this is not all. When an administrator or moderator wants to access anything contained within the /admi/ directory, no matter what it is--whether it is an administrative/statistics utility, or the abuse report list, or the asset review page, or upon attempting a modification to the word blacklist, etc--an additional thirteen p . a . s . s . w . . o r d must be entered. First, whichever administrator or moderator is trying to access the /admi/ directory must enter in his or her seven p . a . s . s . w . . o r d . s a second time that were required upon login. Then, another administrator or moderator who is online is alerted that someone is attempting to gain access to the /admi/ directory. If the person attempting access has a legitimate reason to be doing so, the second administrator or moderator who is online enters in the necessary thirteen p . a . s . s . w . . o r d . s (I will discuss the additional six in a moment), and then must enter a fourteenth p . a . s . s . w . . o r d to gain access to a button that, upon being clicked, would allow the other administrator or moderator attempting to gain access to the /admi/ directory to be redirected to a full constraint login page. At that page, the administrator or moderator must enter in six more unique p . a . s . s . . w . o . r . d . s. Upon satisfaction of the full constraint, the administrator or moderator would be allowed to gain access to which ever subdirectory of the /admi/ directory he or she was attempting to gain access to.
In addition, a fifteenth unique p . a . s . s . w . . o r d must be entered whenever any major actions are taking place; such as banning a user, updating the site's global shout, accessing any high-risk tool, etc.
Also, if an administrator or moderator is idle for more than 15 minutes on any area of the Roblox website that is not classified under the /admi/ directory, that administrator or moderator is automatically logged out and forced to reenter his or her seven p . a . s . s . w . . o r d . s required for login upon return.
If an administrator or moderator is idle for more than 5 minutes on any area of the Roblox website that is classified under the /admi/ directory, that administrator or moderator is automatically logged out and forced to reenter all necessary p . a . s . s . w . . o r d .s for login and when accessing anything classified under the /admi/ directory upon return.
In addition, there should be a comprehensive list of every moderation or administrative action, as well as a list of the IP a . d. d r . e s .s e . s and any other relevant information of every user who had accessed anything classified under the /admi/ directory.
In my opinion, if these ideas of mine are instated into Roblox's system, the site would be much more secure. Hopefully we can avoid any repeats of April 1st's events.
Thank you for taking the time to read this.
-SCS |
|
DrHaximusJoin Date: 2011-11-22
Post Count: 8410 |
It was an April Fool's joke. Go away. |
|
|
It wasnt a joke, ROBLOX Had to refund my Grim Glow and send me a PM and awarded me 1,000R$ due to the "event of April 1st"/ |
|
SCSForum ModeratorJoin Date: 2008-06-24
Post Count: 10075 |
@DrHaximus
I recommend you do some research. You obviously were not there when this happened if you think this was an April Fools joke. Numerous severe violations of Roblox's Terms of Service were acted out by administrator and moderator accounts. Certain users who were not supposed to have moderation powers were given moderation powers. The site was down almost all night. A certain staff member posted information to his twitter, then later deleted it.
Also, lose the bad attitude. It is very distasteful. |
|
DrHaximusJoin Date: 2011-11-22
Post Count: 8410 |
A bad attitude? I don't have one. I wasn't there, and it was an educated guess having reply a 5 word reply.
I would very much appreciate if you dropped the mini-mod talk, and stop messaging me. Also, I was at camp for four days.
I don't like your attitude. Are you going to reply like this to every person who thinks your wrong?
"It is very distasteful."
Distasteful? I don't even...
PS: This is the internet. And you're only a cog in the works of ROBLOX. You can't tell me to do anything. |
|
SCSForum ModeratorJoin Date: 2008-06-24
Post Count: 10075 |
@DrHaximus
I see you are getting very upset over a small issue. I did not intend to say anything that would illicit such a response, but if I was offensive at all, I apologize.
Also, I am not trying to be a mini-mod. I am simply speaking formally because I think this is a serious issue.
I only messaged you once, because I thought what I had to say was not something that would be polite for me to say where just anyone could read it. But now that I think about it what I said was impolite and unnecessary in general.
I simply overreacted, which was my fault. You are, of course, free to disagree with me. Since you were indeed not there, I can not prove to you that what I claim is true, and therefore, in retrospect, I realize that your assumption was most certainly a reasonable one. |
|
|
SCSForum ModeratorJoin Date: 2008-06-24
Post Count: 10075 |
@ScaryZombie
That's fine, but can you please explain why, in your opinion, my suggestion is not a good one? Thank you for your feedback. |
|
BlusephJoin Date: 2009-09-14
Post Count: 1273 |
@DrHaximus do not antiphon to any matter you do not competently understand. Saying that it was an April Fools joke and Go Away, shows that even before we could reply, that was a vacuous remark. Do research before you post false information, it could be misleading. |
|
DrHaximusJoin Date: 2011-11-22
Post Count: 8410 |
Not upset, just abit annoyed.
Plus, I told you to stop messaging me. I didn't say you messaged me more than once.
Thank you for apologizing. |
|
DrHaximusJoin Date: 2011-11-22
Post Count: 8410 |
@Blue
*Completely
Go back to C&G and OD.
Thank you. |
|
ColteraJoin Date: 2012-04-03
Post Count: 7269 |
Seems Cool.
If you make this configurable for Regular people i will be even more pleased.
~Coltera |
|
mbestJoin Date: 2009-05-09
Post Count: 16523 |
@DrHaximus,
I'm not going to argue with you, since you're obviously too thick to be reached with conversation.
So I'm just going to simply state what most of us are thinking:
You are a narrow-minded idiot. |
|
SCSForum ModeratorJoin Date: 2008-06-24
Post Count: 10075 |
@DrHaximus
:)
@Coltera
Thank you. However, the problem I see with granting regular users with this feature is the complexity, and tediousness, of the process. I do not think it would be fair to expect anyone under 18 to be able to _patiently_ keep track of so many p . a .s . s w. o r d . s. |
|
DrHaximusJoin Date: 2011-11-22
Post Count: 8410 |
I'm not thick headed, and i'm not an idiot. I can create things from scratch that you dream about creating. I would suggest leaving me and other users in the future alone, becuase you don't know anyone here, and it's probably better that way.
-Not mad, just defending myself against the mentally challanged users of this game. |
|
mbestJoin Date: 2009-05-09
Post Count: 16523 |
As I stated, I have no pupose in arguing with you. You prove your own biased, unsupported comments invalid on your own.
Good day. |
|
ColteraJoin Date: 2012-04-03
Post Count: 7269 |
@DrHaximus
"If they give you bricks, build a house"
"If they give you a stamper, build a kingdom" |
|
|
Frankly, you are just adding extra p@ssw0rds. I don't know if this necessarily makes the system more secure (because anyone who can obtain one p@ssw0rd can obtain thirteen), but it can't hurt to implement this.
I suppose I support, but I'm not sure if this will help. |
|
DrHaximusJoin Date: 2011-11-22
Post Count: 8410 |
I know when I've won.
"Good day." |
|
BlusephJoin Date: 2009-09-14
Post Count: 1273 |
Says the one with the 2.0 arms :3 |
|
SCSForum ModeratorJoin Date: 2008-06-24
Post Count: 10075 |
@recruitsoldier
My knowledge of computer science and web security is either nonexistant or highly lacking, depending on the topic. Therefore, this is the best I could come up with. lol. :P
However, something like this could guard against bruteforcers, unless I misunderstand. But, if what happened on April 1st was not a bruteforce, then, as you say, this may not do any good.
Thank you for your feedback.
|
|
BlusephJoin Date: 2009-09-14
Post Count: 1273 |
Besides, Competently is a synonym for "Completely" |
|
|
@DrHaximus
It seems now that, since you are obviously a person who likes to argue (not a problem, I'm the same way), you are just replying to everyone who includes one negative thing about you, whilst it may be completely irrelevant to the thread.
It also seems that you lose structure per post - defending yourself against the mentally challenged?
However, the thread author has backed down now. That's your sign to follow suit. Otherwise you'll look like a real idiot, spamming a bunch of insults while the person these are directed to is ignoring you. |
|
BlusephJoin Date: 2009-09-14
Post Count: 1273 |
Agreed with Recruit. |
|
SCSForum ModeratorJoin Date: 2008-06-24
Post Count: 10075 |
It is my fault this entire argument started. I allowed myself to be offended too easily, and I overreacted. Mbest and bluejays1236 are friends of mine. I posted the link to this in a group I own to the shout, hoping that more people would read my idea, and they may have attempted to try to stand up for me.
I take full responsibility for this argument, so let's please be peaceful towards one another now. |
|