SexyFighters.com

[natedogbf]

o/ hi alley, first I want to say I made it this far so clearly I think your the "cats meow" so to speak. All those compliments you hear too often? Yea I'll spare ya.

I just wanted to make a few suggestions to make your website better.

1: allow me to pick my user name and password, or change it later. I work for the government and have a secret clearence. Its hard enough to remember my Sipper password (24 random characters) let alone 20 different passwords for all my sites, and games, I got 2 master user names and 2 master passwords, every single password and user name is one of those two or a slight variation, please make it easier for me to be a member.

2: need more "home buttons" on your gallery section

3: just charge me extra to be a loyal member, If I wasn't partly obsessed with you I don't think I would get a website that featured just 1 woman, who is apparently married, that I am statisticly speaking more likely to win the megabucks then ever get to meet. Let alone get anywhere. My willingness to pay for the membership in the firstplace is pretty "fan-ish" I think.

Is that really a wedding ring? FUCK. Oh well my crazy fantasy was never gonna come true anyway .
take care.

[AlleyBaggett]

Well first off, I'm not married....just taken

Secondly....thank you for your suggestions.

I'll let my webmaster know about the more home buttons in my gallery section.

As for the password... The reason why we have it set up this way....is to lessen password fraud.

I'll let my webmaster know about charging extra to become a loyal member...from the start.

Thanks and glad you're enjoying the site!!

_________________
xoxoxo
ALLEY!

AlleyBaggett.Net - The Official Site
http://www.alleybaggett.net

[natedogbf]

[Ronald]

Just to jump in for a bit.

Letting users pick username and password is often a bad thing as they tend to pick the same username and password they use on other websites.

Obviously, this creates a big security hole. If the database for the otherwebsites the user is on gets leaked or compromised, that list of user/pass is now in the open and anybody can just take it and randomly test it out on other 'adult sites'.

Secondly, users tend to pick retarded easily to guess username and passwords, that password bots end up brute forcing the site with a huge list of guessable user/passwords. Now we could do a strict password creation system, but you'll end up sitting there thinking of something to enter in the box only to be prompted with an ERROR message saying your password didn't meet the requirement for XXX reasons. God, I hate the Intel user management system. I was stuck coming up with a username and password that constantly failed their restrictions.


I've managed to actually find a list of username and password on password boards, and randomly tested some of those on some sites and they work.

ALSO- in the business of 'models' websites, all the models who operate their own website gets an email notification and knows exactly what the username and passwords are of people who signup. They can 'easily' take that and be sneaky and 'checkout their competitor's website using their own members password. It's a competitive business, what can I say, some people do that.

The closest thing, we might be doing is a new login system, that uses the "EMAIL" address as the username.

Blizzard is switching to this new system as part of their Battle.net account system. You can now merge your WoW account username into your battle.net account.


I'm thinking of doing this with all the sites I operate, where members are registered with different sites. I like the idea of "one account" managing each of the other sites/products. With an email address, there is some level of accountabililty. People are less likely to share their email on password sites. The email address is a bit more 'unique' then commonly chosen usernames like "alleyfan" or "pornbadass" or "lonewolf" LOL
_________________
"Every exit is an entrance somewhere else." -Tom Stoppard

http://www.eadultcomics.com/ - for the best in online erotic adult comics
http://www.eadultgames.com/ - adult games, strip poker, strip blackjack, and more.

[natedogbf]

thanks for jumpn dude I learn things when that happens.

so I will to
here is what we do

1. that password requirement system you talked about that is painful (10 character min, 2 upper, 2 lower, 2 numbers 2 symbols, no continuous strings or dictionary words) i.e. $AAzzA11eyBaggett$

- cannot be hacked by human
- hacking software takes months to hack (based on number of characters)

2. must change password every 1-2 months

- hampers the "miss-use" you were talking about
- prevents soft-ware hacking

3. Lan admin attempts to crack users, i.e.
" dear sir you are recieving this email because our system determined that
your password - !1FUCKyou1! - was not acceptable because it was too easy to crack, you are required to change it at next log in."

4. Education regular training is required on phishing, spam, spear fishing, etc. ; it is currently the #1 threat. maybe a sticky thread on this forum ?( I didn't see one maybe I just didn't notice) for the purpose of geeks like us telling people what it is, how to detect it, and people relating stories about victims might make your cunsumers more "resistant" to it.

5. My favorite, we recieved, for free, the gorvernment version of symantec and mcAfee which updates for free, for life (the saved money covers the cost of Alley's website, thanks everyone ).

[natedogbf]

If you want heres a tip on the rediculous passwords that make it a lot easier, use visual ques not verbal ones.

honestly to be iron clad you would have to use PKI certificate system like NMCI does now, and all "assets" are switching to.


thanks for talking Ron

[Kenjamin]

It's understandable. My iMac remembers the username, but not the password. I set it up so the password is never remember for the site. Just in case...