• Breaking News

    Sunday, September 6, 2020

    Clash of Clans Open Recruitment Thread!

    Clash of Clans Open Recruitment Thread!


    Open Recruitment Thread!

    Posted: 06 Sep 2020 09:09 AM PDT

    Hello Reddit Clashers! It's time for an Open Recruitment Thread. All clans, RCS or not are welcome to recruit within this post. This is the only place recruiting is allowed on this subreddit. Just a reminder though, you are welcome to recruit at any time at r/ClashofClansRecruit (max one post per clan per week). You can also view all Verified Reddit Clans on this page. Additional tips on recruiting can be found here. There's also a recruiting channel in our partnered discord!

    Format should be as follows:

    • Clan Name: __________
    • Clan Tag:
    • Clan Level:
    • Clan Entry Reqs: (TH9/ArchersLvl/etc)
    • Additional info:

    Friendly reminder! reddit automatically removes comments that contain compressed links as spam, be sure to include the full link in your post. If you'd like to use some pretty formatting you can find out more here

    submitted by /u/AutoModerator
    [link] [comments]

    [Humor] i legit haven't laughed as much as this in more than a year. Moments like this are why i like this game.

    Posted: 06 Sep 2020 03:05 AM PDT

    [HUMOR] Every single time...

    Posted: 06 Sep 2020 09:04 AM PDT

    just a goblin drawing i did yesterday.. hope you like it [ART]

    Posted: 06 Sep 2020 07:21 AM PDT

    [HUMOR] 2013 was a weird time...

    Posted: 05 Sep 2020 07:31 PM PDT

    [ART] saw this one while demoting to gold

    Posted: 05 Sep 2020 03:25 PM PDT

    [HUMOUR] Relatable.

    Posted: 06 Sep 2020 02:38 AM PDT

    [Humor] Is it only me?

    Posted: 06 Sep 2020 02:04 AM PDT

    Bowler fanart [ART]

    Posted: 06 Sep 2020 10:41 AM PDT

    [HUMOR] When you are so rich that you plate your gold mine with gold

    Posted: 06 Sep 2020 05:00 AM PDT

    [HUMOUR]After every CWL!

    Posted: 06 Sep 2020 12:28 PM PDT

    [WAR] Warden the decider between a 0 and a 2 star.

    Posted: 06 Sep 2020 05:07 AM PDT

    [Humor] Even gold is full..

    Posted: 06 Sep 2020 06:35 AM PDT

    [Humor] When battle day starts in less than an hour and all 30 CC are still empty

    Posted: 06 Sep 2020 09:10 AM PDT

    [HUMOR] Pain.

    Posted: 06 Sep 2020 08:07 AM PDT

    [GOAL] Our clan reached level 20!

    Posted: 06 Sep 2020 02:56 AM PDT

    [IDEA] Suggestions to increase account security in-game

    Posted: 06 Sep 2020 09:54 AM PDT

    To understand why I'm making this post, you first need to understand a couple of things:

    • Account phishing happens when people use supercell support to "recover" accounts that they do not actually own
    • Yes, account phishing can happen as a result of breaking terms of service (account sharing, bst, etc), from using suspicious/fishy/scam websites (free gem scam websites), or from sharing sensitive information about your account

    BUT

    • Phishers can still phish your account even if you have not shared any information about it & phishers do not need the email associated with the supercell ID of an account in order to phish it

    How can I say this is true? I know it is, because that's what happened to me and so many others. I lost 4 of my accounts to a phisher in 2 days despite never sharing any information about my account, never breaking terms of service, and never using any suspicious websites. While recovering my accounts, seeing the process in which account recovery works made it even more evident as to how the recovery function could be abused.

    Here are some possible features that friends and I produced while brainstorming that could help maintain the security of one's account and prevent phishing:

    Toggleable option within settings to enable or disable the ability to change the Supercell ID of one's account through support

    1. What this would do: Allow players to decide whether or not their account has the ability to be recovered through support. This option would be especially useful for players who have very desired or rare accounts (old obstacles, high war stars, records, etc) that would be at a high risk of being targeted. If players are also choosing to recover their account through their email instead of supercell support, it makes less work for support in general.
    2. Why this works: If the ability to recover one's account through support is disabled, then phishers would not be able to steal accounts using support. If the true owner of the account loses access to the supercell ID, they can instead recover the email. If a player does not like this option, they can enable the ability to use support to recover their respective account.
    3. Note: I think it is worth mentioning that such a simple option could prevent having to worry about your account being phished altogether, and phishers wouldn't be able to get around this option because accounts utilizing this option could not be recovered through support regardless of circumstance (If instituted it is very important that this is strictly enforced so phishers can't try to find a way around it)

    Toggleable option to make your base & profile public or private

    1. What this entails: Would prevent players that aren't on your friend's list from viewing your base or profile for security reasons. The most important feature of this private mode would be the ability to hide your tag from people who aren't on your friend's list. This would be a toggleable option, so if players didn't want to use it they wouldn't have to.
    2. What this would do: When an account is set to private mode, it would prevent players from viewing an account's obstacles (so that players could not use obstacles to determine approximate creation date). With the hidden tag, phishers would not be able to even attempt phishing the account because they wouldn't have the tag to request to "recover" it. If an account is set to private and the account's true owner needs to recover their account but has forgotten the tag, they can simply ask a friend on their friend's list for the tag or check it if they have an alternate account also on the friend's list.
    3. Why this works: If an individual is using private mode and is careful with their friend's list, their account can be a lot more secure than it once was and a lot more difficult for phishers to attempt to target.
    4. But what would happen if a player were to try and view a player with a private profile within a clan?: This could work similarly to how other games have streamer modes where if toggled on the name is replaced with random words/ letters (for ex: ToasterMuffin). This option could be a separate toggle or a part of the public/private toggle. Additionally, this would be included in wars as well so the enemy clan would only be able to see your base and not your name.
    5. Note: If this change was applied, accounts made before this update would already have their tags known. To allow for these players to benefit from the security of having a hidden tag, accounts made before this possible change could be given the option of a one-time free tag change.
    6. Tldr: Private/public toggle would: hide tag (from unwanted players), hide village (from unwanted players), hide name (from unwanted players) & hide profile (from unwanted players).

    Sending an email to the email address associated with the supercell ID when an attempt is made to change the supercell ID of an account through support

    1. What this would entail: If an individual tried to recover an account using supercell ID through support, an email would be sent to the email address associated with the account's supercell ID. The email would detail how a recovery attempt was made on the account and instruct the recipient to ignore the email if they had, in fact, tried to change the supercell ID (If the individual no longer has access to the email, they would be ignoring the email regardless as they wouldn't be able to see it, but this would also reinforce the reason for needing to attempt to recover, to begin with). Now if an individual received the email informing that a recovery attempt was made on the account even though they never made an attempt to recover their account, it becomes evident that a phishing attempt was made. In this scenario when the individual receives the email that someone else tried to "recover" their account, they can click a link contained within the email. Ideally, there would be a link that would redirect the individual to in-game support where they would then be able to cancel the attempt to change the supercell ID.
    2. How this would work: After an individual messages support attempting to recover an account and answer the security questions for that account, the email would be sent to the email address associated with that account's respective supercell ID. If the email goes without response for 24 hours, then and only then the individual would be able to proceed with recovering the account. If support is messaged using the link within the email within these 24 hours, the remaining response time would freeze while the true owner of the account works with support. This 24 hour period would be crucial for making sure the rightful owner of the account is the individual attempting to recover said account. If the rightful owner of the account notices the email and that someone else is trying to steal their account, this 24 hour period would also make sure that the true owner could inform supercell support about the apparent phishing attempt so that support can deal with the phisher accordingly.
    3. Note: The 24 hour waiting period would make it take longer for phishers to attempt to steal accounts which may serve as somewhat of a deterrent. The security of one's account is very important, taking 24 hours to rule out attempted phishing is well worth it to keep the account safe.
    4. Tldr: After attempting to recover an account an email would be sent to the email address associated with the account's supercell ID before it could be changed, lack of response to email after 24 hours allows the individual to proceed with recovery OR link redirect within email utilized within the 24 hour period by the true owner brings them to support where they can cancel the "recovery" attempt and report the phishing attempt.

    Make a security question a password set by the owner of the account

    1. Note: A password requirement to change supercell ID (the password can be set by the player when the account is first connected to Supercell ID) could be a very secure addition to security questions. A password would also add another layer of difficulty for phishers. Any accounts already connected to Supercell ID can be given the option to add a password within their security questions.

    A text message verification code can be enabled as an additional requirement for changing the supercell ID on an account

    1. Note: It is highly unlikely that a player would lose access to both an email and a phone number associated with an account if this idea were to be introduced. This text message verification could be required in addition to the security questions if a player chooses to enable this option. Simply serves as another way of making it significantly more difficult for phishers to attempt and abuse support.
    submitted by /u/RegularMineral
    [link] [comments]

    [HUMOR] Say it again y’all

    Posted: 06 Sep 2020 11:29 AM PDT

    [MISC] Level 10 Crusher?!

    Posted: 05 Sep 2020 08:20 PM PDT

    [HUMOR]She got Eye Brows

    Posted: 06 Sep 2020 06:58 AM PDT

    [Humour]true every bit of it

    Posted: 06 Sep 2020 03:18 AM PDT

    [Video] I had no idea you can do that

    Posted: 06 Sep 2020 12:03 PM PDT

    [MISC] I wanna thanks this Pikachu guy for the good art + loot.

    Posted: 06 Sep 2020 03:08 AM PDT

    [Humor] WHY? JUST WHY?!

    Posted: 06 Sep 2020 12:59 PM PDT

    [HUMOR] Who's the real Timmy?

    Posted: 05 Sep 2020 05:19 PM PDT

    No comments:

    Post a Comment