Results 1 to 6 of 6

Thread: cold down timer

  1. #1

    Default cold down timer

    an easy fix against multi-account us.
    must be to put some kind of lock on the system,that if you log-out of youre account on web3/web4/ios. you cannot log in again the next 30 minuts.
    most who has 1 account do never log out anyway. they just close the game on phone and keep been log in.
    so this will only have effect on those that play by switching account.

  2. #2
    Join Date
    Dec 2009
    Location
    Finland
    Posts
    6,927

    Default

    Sometimes you want to log out and log back in to prevent session timeout at inconvenient time (eg. during 10v10 battle), so having login cooldown would actually hamper legit players.

    Also, you can be logged in on multiple devices at the same time, so this wouldn't have any effect on multiple players accessing same account. They don't need to log out to allow for another to log in. Not to mention that I very much would like to retain the ability to log in on app, desktop browser, and mobile browser easily.

    If you want to limit multiple concurrent players on single account, a limit of one active session only at a time would be more effective. That would mean that if you want to access the account with another device/browser, you need to log in on that one causing automatic logout of the previous one. There wouldn't be any real effect on legit players who can handle logging in when switching to another device (eg. leaving desktop, logging in mobile browser or app), and likely not much on multiplayer accounts either (probably one player at a time anyway), but on server side some things would become easier and some would become possible. Which could help with lag while also limiting speedy scripts (and button mashing players) to speeds more customary to players who click on things manually.
    WARNING: THE POST ABOVE MAY OR MAY NOT CONTAIN SARCASM AND/OR IRONY!

    Elandal [FIN] ΛĢ 8218DD

  3. #3

    Default

    i have never had the first problem you are talking about with sesson timeout.an i have been playing as long as you.even if it acturally happen to a legit player that log out by mistake. it is a small price to pay to make it harder to cheat.
    and to my understanding as long as it is 1 account per devices it is ok,with more account.
    do not think think the biggest problem is more players using the same account at the same time.
    but yes pws is also a problem
    the biggest problem is the switching around from account to accounts in web3/web4/ios from one player

  4. #4

    Default

    Quote Originally Posted by hansa View Post
    i have never had the first problem you are talking about with sesson timeout.an i have been playing as long as you.
    Are you playing on Facebook?

    I believe the session timeout only happens on web3 (and probably web4).

  5. #5
    Join Date
    Dec 2009
    Location
    Finland
    Posts
    6,927

    Default

    Quote Originally Posted by hansa View Post
    i have never had the first problem you are talking about with sesson timeout.
    I play almost only on web3/4. Session timeout has been 24 hours since the third party addon issue when session key got exposed. So session will time out every day. And because it's 24 hours from login, it means it'll be a bit later every day, change depending on whether I'm playing at the very moment it happens. Thus, it eventually ends up happening when 10v10 battle begins, which is very inconvenient. To avoid that happening again, I will logout after the battle, login again, and will now have my session last until over same 10v10 battle next day.

    Quote Originally Posted by hansa View Post
    the biggest problem is the switching around from account to accounts in web3/web4/ios from one player
    So you mean there should be 30min cooldown after logging out before you can log in a different account? Trouble with that is that there's no way to reliably detect that happening. I guess you could use browser fingerprinting, but I'm not sure if that works well enough to really rely on. Also, assuming you do have legit multiple accounts given iOS devices, there would be legit reason to allow logging in different accounts on single browser.


    I think limiting accounts to single active session per account and then working on eg. rate limiting and otherwise optimising performance based on knowing there's only single session is really a fruitful way to improve performance. And that it's not big inconvenience to legit players while possibly adding small inconvenience to less legit ones. Put together, no negatives and potentially rather meaningful positives.

    Also, I do understand that not all less than legit players use setups some people assume of them. Thus I don't think there's need to target setups that are the bread and butter of legit players while only addressing some less than legit ones.
    WARNING: THE POST ABOVE MAY OR MAY NOT CONTAIN SARCASM AND/OR IRONY!

    Elandal [FIN] ΛĢ 8218DD

  6. #6

    Default

    gogoo. i play my old fb account yes. but not on fb,i use web3 on my android phone.
    basically always log in. only if devs have made some update i have to log in again.
    Last edited by hansa; 11-28-2018 at 04:26 PM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •