 |
|
Mar 03, 2011, 03:19 AM // 03:19
|
#21 | |
|
are we there yet?
Join Date: Dec 2005
Location: in a land far far away
Guild: guild? I am supposed to have a guild?
Profession: Rt/
|
Quote:
asking for the old password was better imho.
__________________
 where is the 'all you can eat' cookie bar? |
|
|
|
|
Mar 03, 2011, 04:15 AM // 04:15
|
#22 | |
|
Krytan Explorer
Join Date: Oct 2010
Location: A giant mitten
Guild: TeAe
Profession: E/R
|
Quote:
That is just as stupid as anything else I mentioned. |
|
|
|
|
|
Mar 03, 2011, 06:12 AM // 06:12
|
#23 |
|
Frost Gate Guardian
Join Date: Apr 2006
Location: Joliet, IL, USA
Guild: Hardcore Militants United [HMU]
Profession: Me/
|
I agree with the additional security feature, but TheGizzy is absolutely right. As our society is well into the era of zero self-responsibility, NCsoft's efforts are more babysitting than anything else.
"If it wasn't for dickheads like you, there wouldn't be any thievery in this world, would there?" |
|
|
|
|
Mar 03, 2011, 07:04 AM // 07:04
|
#24 | |
|
Krytan Explorer
Join Date: Oct 2010
Location: A giant mitten
Guild: TeAe
Profession: E/R
|
Quote:
At least once a week I deal with a parent who has filed a chargeback on their credit card for gaming purchases made by their child. When we appeal the chargeback, they come running to us screaming about how we should have stopped their kid from making the purchase.  Yes, because it is our fault that they leave their wallets laying around where their lying, cheating, ill-mannered children can snag them... getting the CC#, the CSC#, etc. It's our fault that their kids are permitted to spend 6+ hours a day online, learning from other lying, cheating and ill-mannered children all sorts of interesting things...without parental supervision or intervention. If I had a nickel for every time a parent said to me, "Johnny wouldn't do that... it must have been a hacker..." only for me to turn around and say, "well, your last 7 screaming emails to me came from IP address ________, and the 27 purchases over the last 3 months were made from that same IP address, and you HAD to have received at least one statement in that time in addition to the one you are currently yelling at me about..." I'd be on an Alaskan cruise instead of sitting here laughing about yet ANOTHER death threat I've received from yet ANOTHER parent who is pissed that their kid stole their CC and wants me to give them back the $2,790 their kid spent. Or there's the kid we banned repeatedly over several months time... he kept coming back with new accounts, kept charging crap to the CCs of his parents, aunts/uncles, neighbors, etc. We kept banning his IP, he kept rolling to a new one. We finally got his ISP to intervene, and he couldn't get back on our sites. He turned around and sent me an email, pretending to be a state's attorney. When I told his father we were turning the case over to the actual state's attorney for prosecution, his whiteboywannabegangstaself (with a MySpace page to match... dude, you look like a fool at 40 years old, posing with your hat turned backwards and flashing phony gang signs) told me he would kill me, my husband, my children and my pets if I did - because his 10 year old kid wasn't going back to juvie over some "uptight ***** with a god complex." Yup, my fault you're scum and raising your kid to be just as scummy. Absolutely. I could spend hours regaling this forum with stories about all the ways people try to dodge responsibility for their own stupidity, just in relation to games. I'd lose my faith in humanity completely if it was all I had to judge people by... it is absolutely terrifying to me the number of people who either a) suffer from massive entitlement complexes or b) are masters at shirking responsibility. |
|
|
|
|
|
Mar 03, 2011, 07:14 AM // 07:14
|
#25 | |
|
Forge Runner
Join Date: Jul 2006
Profession: R/
|
Quote:
|
|
|
|
|
|
Mar 03, 2011, 07:38 AM // 07:38
|
#26 | |
|
Krytan Explorer
Join Date: Oct 2010
Location: A giant mitten
Guild: TeAe
Profession: E/R
|
Quote:
The hacking of gaming accounts becomes systemic... it's the rare online gamer who plays only one P2P or F2P game. So the hacker starts by getting info on one game, one email account. They then use a bot to send out emails from that hacked email account [which usually has the same PW'd as the gaming account(s)] doing password requests to all the other major MMOs, FPSs, etc. They're also farming the email messages looking for mention of other user accounts belonging to friends of the person who was hacked. It's rather surprising how many people will give out a user name/password to a friend (for any number of things, not just games) via email. Hackers follow threads. They're very good at it. I'm so good at my job because as a teenager, I was also a hacker - usually into the phone company to wipe out my dial-up charges so my parents didn't kick my *ss. I'm very good at following threads, and thus very good at catching these people... but I don't forget where I learned to follow those threads in the first place, and I don't forget that these people are at least as good at it as I am, and sometimes better. It's a war of information, it is ongoing, and no one is immune. It is up to the individual to educate themselves on how best to protect themselves... not rely on someone else to do it for them. Would you leave your doors and windows unlocked, the keys in the ignition of your car, your curtains open so every passerby could see the $10,000 entertainment system in your living room... and then go on vacation, expecting that the neighbor is going to keep your stuff from being stolen? If so, please email me your address and a schedule of when you're heading out of town... |
|
|
|
|
|
Mar 03, 2011, 08:37 AM // 08:37
|
#27 |
|
Desert Nomad
Join Date: Apr 2007
|
I welcome the new security.
It goes some way to preventing the kind of breaches we saw a year or two ago, where thieves could log into their own NCsoft account, using their own machine... and glitch into someone else's NCsoft account at random. From there they could reset your GW password and clean you out. There was literally nothing the victim could do to prevent that, or protect themselves (other than not have an NCsoft master account). A-net had to add the requirement of entering a character name at GW login to cripple that exploit, since NCSoft were simply burying their heads in the sand. But finally... NCsoft is doing something at their end *applause* This may (!) ease my mind a little about linking GW2 to an NCsoft master account (should it be necessary for using the online store etc), posting my IGN's in forums etc I suspect this is at least partly so that GW2 will no longer need to use character names as part of login security. They need a less sucky way to protect against master account breaches, and maybe this is it. I'm still hoping for SecurID-style hardware keys for GW2 though. Limiting access to certain machines... nice idea, and I guess that's convenient for some people. I think I prefer to be prompted every time for my security questions, but I have to weigh that against the possibility of a keylogger managing to get on my system. If I have to add any new security questions, they will of course - as usual - have lengthy unique answers that bear no relation to the questions :-D Last edited by Riot Narita; Mar 03, 2011 at 08:56 AM // 08:56.. |
|
|
|
|
Mar 03, 2011, 11:51 AM // 11:51
|
#28 |
|
not so much fell as.....
Join Date: Jan 2009
Location: UK
Guild: bone
Profession: R/
|
newcomers to the game will not know that for a long time when you logged into the NCsoft site you sometimes got in to a total strangers account, with access to all their past support tickets, and to a pw change with no other security. This was just after we had been given the free storage panel but you had to link to NCsoft to get it.
People who told about it were disbelieved until an Anet employee was hacked. Still we get the 'its-your-own-fault' shouted all over the place. Well actually it is not the hacked persons fault - its the fault of the thief, and everytime you tell someone its their own fault you are taking the responsibilty for their actions away from the thief. If I leave newly-baked cakes cooling on my windowsill and someone takes one - they are stealing, and they can say all they like that I should have had a barbed wire fence or a guard dog or not left my cakes there but it is them, not me, that was wrong. (I know - I still lost my cake). |
|
|
|
|
Mar 03, 2011, 01:26 PM // 13:26
|
#29 |
|
Underworld Spelunker
Join Date: Nov 2006
Location: wikipedia.org/wiki/Vigo
Guild: Heraldos de la Llama Oscura [HLO]
Profession: E/
|
I was lucky I remembered the answer to my security question.
It was something personal about someone I know... ...something that that person themselves forgot. >_< Now I'm the only one on Earth that knows that. So it's a really secure question, as long as I remember the answer. |
|
|
|
|
Mar 03, 2011, 04:32 PM // 16:32
|
#30 | |
|
Forge Runner
Join Date: Jul 2006
Profession: R/
|
Quote:
IIrc other games, with more players had far less - several thousands to tens of thousands - accounts stolen. The difference in the amount of account credentials between NCSoft and other companies is enough indication that the majority of those accounts was not stolen from users, but from NCSoft itself. |
|
|
|
|
|
Mar 03, 2011, 07:29 PM // 19:29
|
#31 | |
|
Frost Gate Guardian
Join Date: Apr 2006
Location: Joliet, IL, USA
Guild: Hardcore Militants United [HMU]
Profession: Me/
|
Quote:
The thief is still guilty of theft, but all your neighbors are facepalming. |
|
|
|
|
|
Mar 03, 2011, 08:05 PM // 20:05
|
#32 | |
|
Not far from Elite
Join Date: Apr 2006
Location: Florida
Profession: W/
|
Quote:
|
|
|
|
|
|
Mar 03, 2011, 08:32 PM // 20:32
|
#33 | |
|
Krytan Explorer
Join Date: Oct 2010
Location: A giant mitten
Guild: TeAe
Profession: E/R
|
Quote:
Now, does that mean that NCSoft's password recovery setup was not vulnerable to the bot farming? No... and their own mistakes made them MORE vulnerable than other companies. But the company I was working for was just as stupidly vulnerable much to my disgust...however, there are many times that I feel MOST industry sites are pretty lax in their own security measures. There are steps a gaming company can take to ensure that their password recovery system can't be tricked by bot-generated PWd requests. Sadly, they are not implemented nearly enough or on the scale they need to exist. With that said - Wolf2581 offered an excellent analogy. Yes, certainly the majority of responsibility rests with the hackers themselves. But if I know there are people in the world who are out to steal my cake, and I know that my police department cannot have someone standing guard under my windowsill 24/7, then I'd be an absolute IDIOT to go parading around town letting every thief in earshot know that I've got a cake ready and waiting to be stolen... and that is exactly what players do when they bleat their IGNs on websites like this, when they use their IGNs as logins elsewhere, when they use the same password for everything, when they click on questionable links that promise some over-inflated reward for little work, etc. We may as well just GIVE them our login details instead of demanding that someone else protect us from our own stupidity. I love knowing I've got my local PD literally 3 blocks away... but I keep my doors locked... and about two months ago, that kept my house from being broken into while neighbors were robbed. I live in a small, rural town near the Michigan/Ohio border. This is the kind of place where people generally DO leave their doors unlocked. But I didn't grow up here... I grew up in Chicago. I don't leave my doors unlocked. I take responsibility for the safety of myself and my family... because I KNOW there are bad people in the world who wish me harm, and I KNOW that it's up to me to make it easier for the police to protect me, not harder by waving a neon sign in the air that says "open for robbery, come one, come all." |
|
|
|
|
|
Mar 04, 2011, 03:16 PM // 15:16
|
#34 |
|
Never Too Old
 
Join Date: Jul 2006
Location: Rhode Island where there are no GW contests
Guild: Order of First
Profession: W/R
|
I tried to log into my NCSoft account today only to be presented with questions I must answer as part of the log in.
1. Phone number from original registration 2. Date of birth I don't remember my phone number from five years ago. So I can't log into my account to set up any new security questions. So now I've started down the long and rocky road to getting someone to help. Wish me luck. |
|
|
|
 |
|
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT. The time now is 09:21 PM // 21:21.
jQuery(document).ready(checkAds()); function checkAds(){if (document.getElementById('adsense')!=undefined){document.write("_gaq.push(['_trackEvent', 'Adblock', 'Unblocked', 'false',,true]);");}else{document.write("