Session

EVE Online: Defending our players from hackers and the evolution of account security

In this session I will walk you through the history of account security in EVE Online, the uniquely player-driven spaceship MMO game set in a vast online sci-fi sandbox, running for more than 15 years. With EVE being a single-shard universe known for it's huge battles, it is a big target for hackers who want to break into and steal player accounts for various purposes. I will show you what methods we have used to prevent and counter online attacks against our players, the challenges we've faced in doing so with minimal impact to user experience, where we've failed and succeeded and how we've had to constantly evolve in the process. By sharing our experiences and methods, we hope you can take advantage of them to increase the security of your own systems.

This session is a walk through 10 years of development work battling account takeovers and brute force attempts against the MMO EVE Online and it's websites, through success and failure alike. It's not heavy on programming specifics but rather explains methodologies used to prevent hacking and takeover attempts. It goes over the most important scenarios we hit during several changes in the game, and how we had to tackle them before things such as 2FA really existed. Towards the end we will show several statistics on recent changes that have been made and how they have affected user security in a positive way through integrations such as Have I Been Pwned and 2FA. The session is around 1 hour long.

Stefán Jökull Sigurðarson

Microsoft MVP / Code Wrangler @ Have I Been Pwned

Reykjavík, Iceland

Actions

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top