Identity Control

C.S.J
C.S.J
in General talk

bitdefender need to find an easier way to add an exception when a website is blocked.


ive tried to add different variations for gamespot, and it still blocks my login because of my 'email' identity control.


ive tried adding "http://uk.gamespot.com/" and "www.gamespot.com" and still, it does not load up.


any help, for now... so i can at least log in, and maybe bitdefender can work out something better with this.

Comments

  • Niels
    Niels

    Hello C.S.J


    Try to make this exception for not sharing your mail address *.gamespot.com Normally that is the way to allow each subdomain of gamespot.com.


    Regards


    Niels

  • jagent59
    jagent59
    edited October 2007

    Can you use a placeholder/wildcard character (e.g. "*") to create an identity control rule. For example, if one's SSN was 123456789, would *****6789 be the correct format to represent the SSN?


    OR, do you just specify a minimum of three contiguous characters in an SSN, credit card, etc. and leave out placeholder characters?


    Thanks for clarifying.

  • alexcrist
    alexcrist

    Hi jaggernaut,


    No, you don't need to add placeholders. Even mre, if you add them, Identity Control won't work correclty.


    But you have to know that if you don't type the full string, you have to un-check the option Hole words.


    Cris.

  • jagent59
    jagent59
    Hi jaggernaut,


    No, you don't need to add placeholders. Even mre, if you add them, Identity Control won't work correclty.


    But you have to know that if you don't type the full string, you have to un-check the option Hole words.


    Cris.


    Cris,


    Still need a bit more clarity, I need a good example of an SSN identity control rule. Let's say the FULL SSN ("123456789") is used, I would expose it to potential compromise (as advised by BitDefender) even though the data is encrypted (128-bit key encryption?), correct?


    Does the SSN rule imply any validation check on any of the components of the SSN number (i.e. 999-99-9999) where 999 is area number, 99 is group number and 9999 is serial number? So, for optimum security, I should specify 4 or 5 contiguous numbers in the SSN meaning that "3456" or "45678" or "6789" would all be valid partial strings, correct? with "2468" or "12567" or "5679" all being invalid strings.


    In the attached screenshot, I'm creating an SSN identity control rule with 3456 as my rule data. Is this a good example?

    post-5496-1192309239_thumb.jpg

  • alexcrist
    alexcrist

    Yes, jaggernaut, everything you said is correct. You have to type contiguous numbers/letters of the words you want to protects (whatever rule type you choose).


    The more characters you type, the more you reduce the risk of false positives (when you type something else that contains that certain string, and BD blocks it), but you increase the risk in case someone succeeds in breaking into your PC and cracking the encryption.


    I don't know what's the optimal length that you should use, but 4-5 should be enough.


    Cris.

All Time Leaders

Categories

Defenders of the month