My ideals to improve Yahoo! Account-Security

[n3td3v]

Ban all non-standard Yahoo! ID's from connecting to Yahoo! Chat and Yahoo! Messenger

People are using Yahoo! Chat and Messenger as a trading ground for "illegal" ID's. Malicious users steal accounts, then buy and sell them between peers. Yahoo! Chat and Messenger is used as a market place to promote the account theft scene, and show off ID's to potential buyers. Therefore all "illegals" that do not meet the ideals and consistency of stardard Yahoo! ID's as set by Yahoo!s new-user signup at edit.yahoo.com/config/register should be disallowed from connecting to Yahoo! Chat and Messenger. This step would go a long way to reducing account theft across Yahoo! network. Yahoo! Chat and Yahoo! Messenger is the main reason the majority of Yahoo! account theft occurs. Malicious users love to connect and show off unique "illegal" ID's between peers and enemies alike. Its kind of like a my bar of chocolate is bigger than yours mentality. If they couldn't connect,a nd all ID's on chat and messenger were the same uniqueness, then the novelty factor would ware thin, and malicious users would soon get bored, as they have nothing to fuel the attention they get from unique "illegal" ID's, for the most part no legit users use the old Yahoo! ID's anymore, classed by malicious users as "illegal", and are unobtainable to legitimate Yahoo! users. Legitmate users of Yahoo! Chat and Yahoo! Messenger recognize the association of "illegal" ID's and malicious users, and no longer wish to use an "illegal", because of the bad name they have with the criminal elements of Yahoo! Messenger and Yahoo! Chat. This criminal element of Yahoo! Chat and Messenger has been going on for many years, probably started getting really bad from 1999 onwards.

Seperate login name from actual Yahoo! ID

New users of Yahoo! network at edit.yahoo.com/config/register should be asked to supply a Yahoo! ID, along with a seperate login name for all Yahoo! authentication. A script would also be implemented to disallow users from using words and numbers already supplied in the Yahoo! ID. This prevents malicious users from having any hint from the actual ID, to what the login name might be. Current Yahoo! users would be notified to migrate to the new security system and be requested to choose a login name, seperate from the Yahoo! ID, if they wish to continue using all Yahoo! network, products and services.

[UnSaKreD]

Or you could make it easier, than a seperate ID, and have an S.I.D. built into messengers window.

Its worked for AOL(sorta)

[n3td3v]

Turn "Ignore anyone not on my friends list" on by default on Yahoo! Messenger

This would solves lots of problems, like spam, phishing, malicious code and harrassment and stalkers.

or, even better disallow anyone not on a friends list to contact a user *ever*.

[___j0k3r___]

Hey n3td3v if you couldnt messege anyone not on your friend list alot of people would be agrivated and couldnt get to meet many people plus if you hade to add somebody to messege them they could get your ip so I dont like that idea

sorry but I hade to put my 2 cents in

[n3td3v]

Quote:

quote:Originally posted by ___j0k3r___

Hey n3td3v if you couldnt messege anyone not on your friend list alot of people would be agrivated and couldnt get to meet many people plus if you hade to add somebody to messege them they could get your ip so I dont like that idea

sorry but I hade to put my 2 cents in

If you're talking about Yahoo! Chat via Yahoo! Messenger:

Yahoo! Chat Option 1:
Have IM from none friends list users off by default, (this can be turned on manually by the consumer).

Yahoo! Chat Option 2:
Have a small alert dialog or on the XML chat screen itsself saying "incoming message from non-friend, do you want to read or discard this message", and if the user wishes to read the message, he or she clicks on a "+" or "read" to expand the message, or simply click discard to discard the message, or ignore to perm ignore.

XML Example:

*** Incoming IM from non-friend "n3td3v". [read], [discard], [permanently ignore n3td3v]

Yahoo! Messenger only:
While you are not using Yahoo! Chat on Yahoo! Messenger, no incoming message alerts should appear from non-friends. While a user is just on Yahoo! Messenger, is usually a time a consumer wishes peace with his or hers friends list, and doesn't really want uninvited IM, which alot of the time is spam, phishing, or malicious code, or harssment and stalkers. (this default IM off to non-friends on Yahoo! Messenger only can also be changed manually by the consumer).

OK, so scraping non-friends altogether wasn't a popular idea but yeah.. the above should work fine.

Its all about giving a consumer maximum control and flexibility over non-friend based incoming IM.

Perhaps even, Yahoo! Messenger could have a "trusted non-friends list". A consumer can add trusted non-friends to a list to recieve incoming IM, and perhaps if the consumer messages the non-friend first, then the non-friend is automatically added to the non-friend trusted list. You would be able to add users to the trusted list, in the same way as you add people to the ignore list, but would be a "trusted non-friends list", rather than an ignore list.

[___j0k3r___]

Mutch better post than the previos one sounds great but you know yahoo there a bunch of ...... ok well I wont go there but yea there not on my good list this year

Merry christmas

[n3td3v]

Quote:

quote:Originally posted by ___j0k3r___

Mutch better post than the previos one sounds great but you know yahoo there a bunch of ...... ok well I wont go there but yea there not on my good list this year

Merry christmas

Yeah, Yahoo! are -very- stubborn.

Merry X (i'm not a christian) -Mas.

[takoda70]

I think it would help the situation if Yahoo actually enforced the rules it makes and maybe they should have people monitoring the chat rooms for violations.

[Netti]

Well I have to disagree with you there n3td3v. In your original post, you're saying that just because people take name, that I should be penalized by being blocked out of my name that I made 10 years ago, and not be able to use it? Was it my fault that 10 years ago you could put spaces in your name, or use caps? No... you cannot penalize all yahoo users, because of what some individuals do. I have had my name for so long in chat, and I'll be damned if anyone is going to take it away from me. LOL

I think that offence is the better defense. People need to take a little responsibility on themselves, and protect what they have and what they want to keep. For example, change your password often, and when you do, use characters, numbers, letter and the best one yet, is SPACES!!!! So many people out there think that just because it says pick a password, they sub subconsciously think things like (connie, or texas, or yahoo). They think only one particular word. However even if you use nothing else, the best you can do is to put in a phrase (i.e. my dog ate my homework, I rode a pony home yesterday). These types of passwords are very hard to crack. The cracking programs are just not made to try spaced combinations. But the programmers also know that people think small. So a password like ball (or any word in the dictionary) will be very easy to cracked, more so then 5t6y&U*I9o(o.

On another note - people have to remember that Yahoo is a free service. Thus yahoo is not going to put an overabundance into it. To them it's an advertising tool and they keep it up to the minimum standards so that we don't all just leave at once.

The only way to demand from them is to pay for it.

It's chat and it's only what you make of it. If you let it piss you off, then it will. If you laugh at it, then you'll have a great time.

[cpowers53]

Why can't we all live that God given freedom that we are suppose to have? Why does all of this have to have security. Like Ben Franklin said, "If you give up freedom for security, you don't deserves neither freedom or security"