Back in 2009, 18 January to be more exact, Argent Stonecutter filed issue SVC-6212 in Linden Lab’s JIRA for Second Life, proposing a change in the way SL’s user accounts are handled. Right now, account name and user name are effectively the same – even after the discontinuation of last names and the introduction of the kludgy “Resident” last name in their place. Argent suggested (rightly) that username and account name be separated:
SL security would be better, also, if you separated the account and avatar names… so for example instead of logging in as “Argent Stonecutter”, I’d log in as “Argent007” or something that isn’t actually published… and then picked my “Argent Stonecutter” alt from a pulldown.
- Something else for attackers to have to guess.
- Better account management.
- Fewer name-password combinations for users to remember.
Argent’s point was to make log-ins more secure and account management easier. The discussion in the comments is quite interesting, too. Before I came to sit down and blog about this proposal, Ciaran Laval and Exotix (Inara Pey) blogged about it. So, what is that makes this proposal so special that I’m bothering to revisit it and attempt to draw new attention to it?
First of all, it would increase security. Right now, someone who wants to compromise my Second Life account already has my username (not that newer users are in a better position, mind you). All they need to do is crack my password and it’s not like the tools for this job aren’t readily available. By decoupling my user name (or account name) from my avatar name, an attacker immediately has something extra to guess: OK, the avatar’s name is Mona Eberhardt. But what is the username? Is it Mona003? Is it Mona1986thess? What could it be? That way, it’s obvious that the user account system of Second Life would gain an extra security layer, as attackers would find it more difficult to target specific users.
If Argent Stonecutter’s proposal is implemented (and I can’t help wondering why Linden Lab haven’t gotten around to implementing it yet), the benefits would be manifold. Besides the increased security that would be afforded by the fact that the account name would never be visible by the public at large, it would provide both users and LL with several benefits that would make the extra work of modifying (basically, rewriting) the existing account database more than worthwhile.
Let’s examine the benefits for the users first:
- The user would only need one password for all their alts. Also, hiding the account name from public view would add, as mentioned before, an extra layer of security.
- There could be, as Ceera Murakami mentioned in the JIRA, a shared pool of L$ for all the alts; this would make these funds available to all avatars under a given account name, thus negating the need for L$ transactions between them. Ciaran says this would be similar to a guild bank in World of Warcraft, with the guild consisting only of a certain account holder’s avatars.
- Inventory could be linked to the master account; that way, items (even if they were non-transferable) could be shared by a user’s avatars. What does this mean? Well, let’s say that, under my account name I have my main avatar and two alts. With shared inventory, anything that I bought or created with my main avatar could be used and manipulated by my alts – and anything that I bought or created with any of my alts could be used and manipulated by my other avatars.
- Shared inventory, of course, would mean that there would be a change in the permissions system: the copy/modify/transfer permissions would affect accounts rather than avatars.
- Automatic age and payment verification. Only your main avatar would need to be age- and/or payment-verified (if you wanted, of course). The other alts you’d create under your account would be automatically verified, without any extra steps for you to take.
- It would make it easier for a user to decide to delete unnecessary, redundant alts.
Now, let’s see what the benefits for LL would be:
- The master account feature can be structured in such a way that it would help LL put its “five free alts per ‘household'” limit. Anything beyond that could come at an extra fee.
- Accountability would be finally introduced to Second Life. As things are right now, when a user causes trouble using one of their alts (and many griefers and trolls maintain large armies of alts), the alt gets banned, but the troublemaker can get back and continue causing mayhem in a matter of minutes. With master accounts, if someone’s alt is banned for griefing, trolling, cyberbullying, harassment, fraud, whatever – all the avatars get banned.
- Under a “master account” regime, a user could post in the forums only with one avatar’s name (typically, the master account) and not with any of their other identities. That way, sockpuppetry, a practice that is prohibited and punishable with permanent expulsion in every forum, and sadly extensively used by some on Second Life’s official forums, would be easier to tackle and punish.
- As a consequence, “alt detection” scamware/drama producing systems would become utterly pointless (good riddance; they never really worked to protect their users anyway). As Exotix (Inara Pey) points out, this could be extended into things like estate and land tools, helping land owners ensure, again, that a parcel / sim ban against one avatar is automatically (and invisibly as far as the land owner / sim owner is concerned) applied to the avatar’s master account, thus blocking all alts associated with it.
- It would provide LL with a much simpler and smaller transaction database, as well as a much, much smaller asset system, thanks to the shared inventories and L$ pools. This would result in significant cost savings – and, in our days, finding cheaper ways to get the same results amounts to making money, and could be perhaps be seen as a more important benefit than actually expecting to monetise from people who would want to make a large number of alts (and bots) under their master account.
Of course, I realise that this would require lots of very hard work on behalf of the Lab, but I believe the benefits (in cost savings and improved security, account management and handling of troublemakers) would make this hard work more than worthwhile. Maybe the time has come for this JIRA to get out of limbo and be given priority?
- [#SVC-6212] Create Master Account Name, Linking to Avatar Names – Second Life Bug Tracker
- One Account To Rule Them All – by Ciaran Laval
- Master accounts – by Exotix (Inara Pey)
- Sockpuppet (Internet) – Wikipedia