Jump to content
EN
Winter Festival 2026
1/8
«Tanki and The Snow Trap» mini-game 2025
2/8
Magnum IC
3/8
Tanki Online V-LOG: Episode 540
4/8
Tanki Classic mass test
5/8
Helpers of the Year 2025
6/8
Festive season Wishes
7/8
Festive season in Tanki Online!
8/8
Play

Forum

More Tank Security (IP logger & Mobile authenticator)

By MSI,
in Archive

Recommended Posts

MSI 1,926

Posted
Posted

I would be taking Discord as an example for this article as currently, I've never seen any other application provide the amount of security discord does.

Currently the only security we have is the email attached to your accounts but still, there is accounts being hacked everyday and I think it's not enough.

 

IP Logger

I'm pretty sure Tanki already has one of these but I would like to add one other useful feature to it. Let's say an account plays from one location everyday, that locations's IP is taken and recorded. The next day the account tries to login at another location. The system denies the log in and sends a message as such:

 

Screenshot-1.png

 

Means that the system sent a verification link to the email linked to the account. If the user wishes to enter the account, he has to check the verification link first.

 

Mobile Authentication

Since TO mobile is already released on android maybe we can start by having that feature on android itself. Tanki Gives a barcode which we must scan using an authenticator app such as Google authenticator or authy, then, a code appears we take the code and paste it on our account. Like this our account is connected to our mobile. Also, by doing so, the system gives us some special codes which we must use every time we log into a new location, attempt to make an important purchase or when trying to change the email and password of the account.

 

SMS authentication is also a good idea, having linked our phone number to our account, maybe we can get verification messages or special codes send to us via mobile for different useful actions.

Share this post

Link to post
Share on other sites

r_Given6 859

Posted
Posted

Why?

I would like to access my account whenever I like and on whatever device I want to. It's already a big pain to play such games where you need to do this when you buy a new device, because not only do you have to authenticate yourself by using the email confirmation stuff, but also have to authenticate the email itself (since it's a new device). It's like punishing everyone just because some people get careless and have their accounts hacked.

 

There probably are other ways to prevent hacking that are not as troublesome.

Share this post

Link to post
Share on other sites

MSI 1,926

Posted
Posted

I do agree that it would be quite uncomfortable but the amount of security this method provides is unquestionable. I guess if someone would really like his account, it wouldn't be considered as a "pain"  :)

Share this post

Link to post
Share on other sites

r_Given6 859

Posted
Posted

I do agree that it would be quite uncomfortable but the amount of security this method provides is unquestionable. I guess if someone would really like his account, it wouldn't be considered as a "pain" :)

Then that person would probably begin to dislike their account after this and probably Tanki as a whole...

Maybe securing accounts is needed, but this definitely isn't the right way. The only use of this kind of email verification is probably to confirm purchases of more than 10 or 20k from a new IP address. As that's what most hackers do if they manage to hack into your account.

Share this post

Link to post
Share on other sites

ILiveOnTheChatBox123 936

Posted
Posted

So if you can't buy anything from another IP, do you think that would be fair?

You can just play the game-and hackers won't be able to do anything negative-unless they try to ruin your k/d (although they can't really do that since already 0.74, and you don't own an Isida)

Share this post

Link to post
Share on other sites

r_Given6 859

Posted
Posted

So if you can't buy anything from another IP, do you think that would be fair?

What you meant was:

So if you can't buy anything from another IP without proving it's really you, do you think that would be fair?

Yup.

Share this post

Link to post
Share on other sites
Benefactor

Benefactor 6,889

Posted
Posted

Or they could use something like PingID. It only activates when the correct password is entered. It sends a message to your phone that your Tanki account is being accessed elsewhere than on your home/registered PC/IP address. If it is you logging in, you simply "accept" on your phone. If it not you logging in, you can simply "decline" and lock the account for a time determined by you, say from 1 to 24 hours. 

 

Tanki's current login system is fine. It makes it a hassle if you keep on entering the wrong password.

Share this post

Link to post
Share on other sites

MSI 1,926

Posted
Posted

Or they could use something like PingID. It only activates when the correct password is entered. It sends a message to your phone that your Tanki account is being accessed elsewhere than on your home/registered PC/IP address. If it is you logging in, you simply "accept" on your phone. If it not you logging in, you can simply "decline" and lock the account for a time determined by you, say from 1 to 24 hours. 

 

Tanki's current login system is fine. It makes it a hassle if you keep on entering the wrong password.

Oh like google does if you linked your email to your phone? Good idea.

Share this post

Link to post
Share on other sites

ILiveOnTheChatBox123 936

Posted
Posted

What you meant was:

So if you can't buy anything from another IP without proving it's really you, do you think that would be fair?

Yup.

You mean it would be worth whatever headache they want to do to verify you are not a hacker-to just make a purchase.

Everything else is accessible from any IP address.

 

What do you think?

 

I do agree ... it wouldn't be considered as a "pain"  :)

Sorry for taking this quote out of context-but after I wrote my post I realized it fit in so good!

Share this post

Link to post
Share on other sites

jelly_beans 35

Posted
Posted

Something like the IP logger happened to me but  i was actually just using a VPN but it blocked me from my account and took 2 days to get it back. This is a better idea, more convenient.

Share this post

Link to post
Share on other sites

MCM 26

Posted
Posted

IP addresses are the fabric of the Internet— they are the “To” and “From” stamps that make delivering messages between computers possible. While they are necessary to route information from computer to computer, they can -- in many cases -- be traced to a human or, at least, a household.

With this being said Through their client working this out would be a hassle. tackling Encryption etc. It'll be difficult to Implement these security Updates within an already existing exe.

It's a very good idea though. 

Share this post

Link to post
Share on other sites

ILiveOnTheChatBox123 936

Posted
Posted

But if you can simply play, and not chat or make purchases-why would you need to be verified. I don't think it would be that bad if someone was able to play on my account. Maybe the supplies might be used. I am an Isida so my k/d is already bad-but maybe it would get worse. To have to go through a hassle for just playing is not worth it.

For purchases-I agree.

Share this post

Link to post
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
© 2010-2026 Alternativa Game Ltd. All rights reserved. Published by APL Publishing Ltd.
×
×
  • Create New...