Topic: My ideals to improve Yahoo! Account-Security
View Single Post
  #1 (permalink)  
Old 12-19-2004, 11:06 PM
n3td3v n3td3v is offline
Banned
  
Join Date: Aug 2004
Posts: 220
n3td3v can only hope to improve (-50)
My ideals to improve Yahoo! Account-Security
Ban all non-standard Yahoo! ID's from connecting to Yahoo! Chat and Yahoo! Messenger

People are using Yahoo! Chat and Messenger as a trading ground for "illegal" ID's. Malicious users steal accounts, then buy and sell them between peers. Yahoo! Chat and Messenger is used as a market place to promote the account theft scene, and show off ID's to potential buyers. Therefore all "illegals" that do not meet the ideals and consistency of stardard Yahoo! ID's as set by Yahoo!s new-user signup at edit.yahoo.com/config/register should be disallowed from connecting to Yahoo! Chat and Messenger. This step would go a long way to reducing account theft across Yahoo! network. Yahoo! Chat and Yahoo! Messenger is the main reason the majority of Yahoo! account theft occurs. Malicious users love to connect and show off unique "illegal" ID's between peers and enemies alike. Its kind of like a my bar of chocolate is bigger than yours mentality. If they couldn't connect,a nd all ID's on chat and messenger were the same uniqueness, then the novelty factor would ware thin, and malicious users would soon get bored, as they have nothing to fuel the attention they get from unique "illegal" ID's, for the most part no legit users use the old Yahoo! ID's anymore, classed by malicious users as "illegal", and are unobtainable to legitimate Yahoo! users. Legitmate users of Yahoo! Chat and Yahoo! Messenger recognize the association of "illegal" ID's and malicious users, and no longer wish to use an "illegal", because of the bad name they have with the criminal elements of Yahoo! Messenger and Yahoo! Chat. This criminal element of Yahoo! Chat and Messenger has been going on for many years, probably started getting really bad from 1999 onwards.

Seperate login name from actual Yahoo! ID

New users of Yahoo! network at edit.yahoo.com/config/register should be asked to supply a Yahoo! ID, along with a seperate login name for all Yahoo! authentication. A script would also be implemented to disallow users from using words and numbers already supplied in the Yahoo! ID. This prevents malicious users from having any hint from the actual ID, to what the login name might be. Current Yahoo! users would be notified to migrate to the new security system and be requested to choose a login name, seperate from the Yahoo! ID, if they wish to continue using all Yahoo! network, products and services.
Reply With Quote