Original Post
The ability to see your own Login History
Ok, what I would like to be done here is not as self explanatory as it first seems.
What I dont want is for everyone to be able to see their login history as a staff member sees it because in the event that their account gets compromised the compromiser can see their IP which for obvious reasons is not ideal.
What could be done however is that the IPs could be labelled in an arbritrary way, IP 1 IP 2 etc. This would allow you to see if a new IP has entered your account without letting everyone se your IP if they happen to get in and you could be notified if there is a new UP.
Now the issue with this is that many people have dynamic IPs (their IPs change quite a lot) so for these people this would he less beneficial, however since many IP tracing websites exist, and generally with dynamic IPs only the last sets of numbers in the IP change. So in this case the user is ONLY notified if a completely new IP enters their account. But they can still chexk out the login history any time.
if this suggestion is poorly written Ill try to give an example for USER A:
Earliest login at the top, !!! Indicates the incident being flagged as suspucious and the user notified by email & pm
1.1.1.1
1.1.1.1
1.1.2.1
1.1.1.2
1.1.1.2
1.1.1.3
1.1.1.1
2.2.3.4 !!!
1.1.1.1
the 1.1.1.1 would be the same for all users of course since the real IP is not being shown just an arbitrary version like this where 1 indicates the 1st entry for that number in the IP
This system would make hacking harder as if there is a single failed attempt (these show up on login history already) from a new IP the user will be motivated or preferably required to make a new password
Note: this was written on my phone so sorry in advance for typos
What I dont want is for everyone to be able to see their login history as a staff member sees it because in the event that their account gets compromised the compromiser can see their IP which for obvious reasons is not ideal.
What could be done however is that the IPs could be labelled in an arbritrary way, IP 1 IP 2 etc. This would allow you to see if a new IP has entered your account without letting everyone se your IP if they happen to get in and you could be notified if there is a new UP.
Now the issue with this is that many people have dynamic IPs (their IPs change quite a lot) so for these people this would he less beneficial, however since many IP tracing websites exist, and generally with dynamic IPs only the last sets of numbers in the IP change. So in this case the user is ONLY notified if a completely new IP enters their account. But they can still chexk out the login history any time.
if this suggestion is poorly written Ill try to give an example for USER A:
Earliest login at the top, !!! Indicates the incident being flagged as suspucious and the user notified by email & pm
1.1.1.1
1.1.1.1
1.1.2.1
1.1.1.2
1.1.1.2
1.1.1.3
1.1.1.1
2.2.3.4 !!!
1.1.1.1
the 1.1.1.1 would be the same for all users of course since the real IP is not being shown just an arbitrary version like this where 1 indicates the 1st entry for that number in the IP
This system would make hacking harder as if there is a single failed attempt (these show up on login history already) from a new IP the user will be motivated or preferably required to make a new password
Note: this was written on my phone so sorry in advance for typos
Don't dm me pictures of bowls that you find attractive.
Very good idea, fairly well explained. I'd like to see this implemented.
If it's not possible for X or Y reason tho, it'd be nice if we could at least be notified if we connect in another country. It's far less reliable and useful, but it'd be "something".
If it's not possible for X or Y reason tho, it'd be nice if we could at least be notified if we connect in another country. It's far less reliable and useful, but it'd be "something".
Sure I agree that login history should be able to be accessed by the person who owns the profile. You would only be able to see YOUR own login history however the IPs and and whatnot should not be traceable.
Last edited by Fates; Apr 6, 2016 at 07:46 PM.
[SIGPIC][/SIGPIC]
[VIBE] 2015~2016 | Team Pokemon | [Origin] 2014~2015 | Team Aikido | [Obey] ~Because Frost Said So...
Alts do not have different IP to mains, whether an account is an alt or not has nothing to do with IP.
IP is denoted by the router it is logged in through.
For the reasons I explained above you should not be able to see any IP in the login including your own. They should instead be indicated in an arbitrary fashion such as the one described in the OP.
The system you described Fates - I cant see any reason for, you can only see the times you logged in through the router you usually use? Why? It doesnt show you failed attempts and hacking or a successful attempt. I.E. it doesnt make hacking detection any easier for the user which is what Ive set out to do here.
IP is denoted by the router it is logged in through.
For the reasons I explained above you should not be able to see any IP in the login including your own. They should instead be indicated in an arbitrary fashion such as the one described in the OP.
The system you described Fates - I cant see any reason for, you can only see the times you logged in through the router you usually use? Why? It doesnt show you failed attempts and hacking or a successful attempt. I.E. it doesnt make hacking detection any easier for the user which is what Ive set out to do here.
Don't dm me pictures of bowls that you find attractive.
