 |
|
Apr 30, 2010, 08:13 PM // 20:13
|
#61 | |
|
Supastar~ ★
Join Date: May 2006
Location: USA [GMT -7]
Guild: Sierraas Asian Harem [love]
Profession: Me/
|
Quote:
With that said, you should use a different password for you GW account as well as an email. |
|
|
|
|
Apr 30, 2010, 09:43 PM // 21:43
|
#62 | |
|
Ascalonian Squire
Join Date: Dec 2009
Location: TXN
|
Quote:
|
|
|
|
|
|
Apr 30, 2010, 11:15 PM // 23:15
|
#63 | |
|
Desert Nomad
Join Date: Apr 2007
|
Quote:
...then what NCsoft just did, is once again make your character name into your ONLY protection against random GW account theft. That and luck. Because if they glitch into your master account, they'll see your GW login (email), and they can change your GW password without knowing the old one. All that's left, is to find a character name. So unless you feel lucky, you should protect your character names. Don't make it easy to trace your IGN through forum posts - especially if you used the same email for GW and for forums. (bear in mind, they may already know your email address from compromised forum sites) Master account -> GW email -> Forum email -> forum name -> your IGN if you posted it -> you get raped. Last edited by Riot Narita; Apr 30, 2010 at 11:23 PM // 23:23.. |
|
|
|
|
|
Apr 30, 2010, 11:31 PM // 23:31
|
#64 |
|
Departed from Tyria
Join Date: May 2007
Guild: Clan Dethryche [dth]
Profession: R/
|
Makes me wonder why NCsoft doesn't have community people that browse forums like this, to address these kinds of issues instead of asking ANet to play messenger boy to our complaints.
|
|
|
|
|
May 01, 2010, 12:18 AM // 00:18
|
#65 |
|
Forge Runner
Join Date: Mar 2008
Profession: Me/
|
I'm just going to throw this out there.
Preventing people from playing at all or annoying them and security are often at odds with each other. Difficult forum registration is an example as it applies to sites with spam prevention, etc. Too much in either way never leads to anything good, so the only way to deal with it is adapt and find creative ways that don't ruin the game for everyone else. |
|
|
|
|
May 01, 2010, 03:04 AM // 03:04
|
#66 |
|
Grotto Attendant
Join Date: Apr 2007
|
Still waiting.....
|
|
|
|
|
May 01, 2010, 04:02 AM // 04:02
|
#67 |
|
Krytan Explorer
Join Date: Aug 2007
|
hey regina/martin/emily/pierre yall gonna fix this or what?
|
|
|
|
|
May 01, 2010, 04:49 AM // 04:49
|
#68 | |
|
Forge Runner
Join Date: Jan 2008
Location: Rubbing Potassium on water fountains.
Guild: LF guild that teaches MTSC (did it long ago before gw2 came out and I quit...but I barely remember)
Profession: N/A
|
Quote:
|
|
|
|
|
|
May 01, 2010, 05:01 AM // 05:01
|
#69 | ||||
|
Supastar~ ★
Join Date: May 2006
Location: USA [GMT -7]
Guild: Sierraas Asian Harem [love]
Profession: Me/
|
Quote:
Quote:
Quote:
There's also a flaw in your chart. In your User CP you can adjust who can see what in your profile. You can also hide your email address from everyone but admins. I highly doubt someone is going to magically guess any of my info when none of it is related to each other. Quote:
|
||||
|
|
|
|
May 01, 2010, 10:00 AM // 10:00
|
#70 | |||||
|
Desert Nomad
Join Date: Apr 2007
|
Quote:
Even if it IS fixed, removing the "enter old password" requirement again... has set everybody up for maximum damage, the next time a master account exploit is found. Quote:
It's A-Net who put in the character name requirement, for GW players - and thank God they did, because NCsoft wasn't stepping up at that time. Aion players got nothing, they were left hung out to dry. Quote:
The email tells you in effect: "somebody changed your password. If it wasn't you, then I'm afraid your account has just been emptied, and possibly your characters are deleted" Quote:
The point is: character names are part of your account security now. It's simply not good practice to give away ANY login information, anywhere. There were people who randomly lost their accounts even though they DID EVERYTHING RIGHT. Unique passwords and email addresses everywhere, strong passwords, full and up-to-date security on their PC's, no dodgy downloads or visiting unsafe websites etc. And it still wasn't enough, because of NCsoft's failures - an aspect of security that we have no control over. Protect the things you CAN protect. Don't rely on NC-soft, arena-net, guru, or anywhere else that is out of your control... to protect your information. Who knows what exploits may emerge that will let somebody put all the pieces together, or bypass some of them? It's happened before. Quote:
But by all means - make whatever assumptions you want, take whatever chances you like with your character names. If you used different emails and screen names everywhere, the chances are slim that anyone can match an IGN you posted, to a GW account. But personally, I'll take every precaution available to me. I don't want to take chances, no matter how small. Last edited by Riot Narita; May 01, 2010 at 10:51 AM // 10:51.. |
|||||
|
|
|
|
May 02, 2010, 12:57 AM // 00:57
|
#71 | |
|
Forge Runner
Join Date: Jan 2007
|
I really don't know where to stand because I get mixed stories even by the people I trust.
I think there IS a problem with NC security, but that does NOT by ANY means dismiss the problem that people still make mistakes on their parts, which makes it looks really bad when a few people get hacked "for no reason" and some people get hacked "for a reason", and it inflates. As I said, I still think there is a problem, but that fact still does not dismiss that some people are at fault for losing their own accounts. I for one, have gotten asked .. by a friend, who played guild wars once, never signed up for ANYTHING using his email, game related, and he kept getting emails saying his account password was reset. The gunny thing was, these weren't fake ones, they were the real deal. Someone managed to pull his information from somewhere, or managed to spoof it somehow to NC to get in. And I believe this. But there are still some really stupid people out there who don't help the situation, which blow the situation up and out of proportion. I'd seriously LOL though if some Guild was behind a lot of the "hacked accounts" and some of the stories we heard were fabricated just to make other players more paranoid and to make them click *anything* with NCsoft on it in their email inboxes, even skipping their instinct and clicking on fake NC email, to give some random stranger their information. You gotta wonder though....because I've seen those faked emails, I think one was even posted here by someone, and the IP address has one or two octets exceeding 255, lmao. Quote:
But you ARE right, if your character name and other credentials are common, it's possible for a hacker to get you, if you're smart (as you said, and like I am at security) you should be fine. I looked at it this way. Say I'm a TOTAL jackass at account security (but I'm not), I could post an email here of mine for someone to contact me. If it's in the open or even in a PM, if it gets out, it gets out. Now, a hacker sees a potential victim. He can ASSUME my char name is "Bob Slydell" and that the email he has is my GW one. Then he can go on maybe assuming that I in some way an an Office Space fan................ crazy enough to name my password something like.. I dunno. Innitech123 or MichaelBolton ...bam he's in!!!!. We all know people do that shit, that's all I tried to explain with my little "point #2" people can tag things together to get a clearer understanding of you, we all know this. I just wanna make sure you know thats what I meant. The lucky hacker may have hit the jackpot in my little description, but luckily for me, in real life on one never figure out my credentials, unless Jesus returns and decides to take up GW account hacking. Last edited by Bob Slydell; May 02, 2010 at 01:16 AM // 01:16.. |
|
|
|
|
|
May 02, 2010, 04:26 AM // 04:26
|
#72 | |
|
Academy Page
Join Date: Jul 2006
Guild: Knights and Heroes [Beer]
Profession: Mo/
|
Quote:
|
|
|
|
|
|
May 02, 2010, 04:31 AM // 04:31
|
#73 | ||
|
Older Than God (1)
Join Date: Aug 2006
Guild: Clan Dethryche [dth]
|
Quote:
Let me assure you that there are still a ton of flaws with the PlayNC site. It's about as secure as the website of a third-rate e-merchant. They just don't seem to get that doing business in the American market requires first class security. Their primary competitors understand. I finally broke down and bought an unlinked account to store my valuables on during the account thefts, using an e-mail that I just don't use as the account name. But the fact that I had to take that step has made me unlikely to purchase GW2. Quote:
|
||
|
|
|
|
May 02, 2010, 01:30 PM // 13:30
|
#74 | |
|
Emo Goth Italics
Join Date: Sep 2006
|
Quote:
|
|
|
|
|
|
May 05, 2010, 02:20 AM // 02:20
|
#75 |
|
Grotto Attendant
Join Date: Apr 2007
|
Still waiting. Lucy, you got some 'splaining to do!
|
|
|
|
|
May 05, 2010, 02:29 AM // 02:29
|
#76 |
|
The Fallen One
Join Date: Dec 2005
Location: Oblivion
Guild: Irrelevant
Profession: Mo/Me
|
NCSoft is the worst online gaming company in history when it comes to security and transparency. They should be ashamed of this shit... Totally uncalled for, in every sense of the words....
Take a memo from Blizzard: Authenticators (mobile and stand alone)
__________________
|
|
|
|
|
May 05, 2010, 07:03 PM // 19:03
|
#77 |
|
Frost Gate Guardian
Join Date: May 2007
|
Heya,
Gaile posted an update on her support page on this issue: In December of 2009, players raised concerns about the security of NCsoft Master Accounts. While we investigated those concerns, we added a second layer of security that required players to input their game password before making a change, even though they already had logged into their NCMA and had passed its security measures. After extensive research, the Guild Wars and NCsoft teams were unable to identify any security breaches in the NCsoft Master Account system. This means that the delays that customers were experiencing related to account resets added no value from a security standpoint. We removed the second password requirement a few weeks ago. We have monitored daily for any upswing in stolen accounts and have seen no increase whatsoever. We will continue to monitor the situation and if we notice any adverse effects as a result of the change, we will address the issue immediately. Please see Gaile's Support Page for more detailed information. |
|
|
|
|
May 05, 2010, 07:24 PM // 19:24
|
#78 |
|
Desert Nomad
Join Date: Apr 2007
|
In other words:
"We decided to open the stable door. This stops idiots from bumping into the closed door, when they want to pet the horse. It also makes the stable-hand's job easier. The horse hasn't bolted yet, so we'll leave it open. If the horse ever does bolt, we might think about about closing it again. After the horse has gone." Great plan /sarcasm Edit: I seriously hope there will be no requirement to link GW2 accounts to an NCsoft master account - and the bad joke that NCsoft calls "security". eg. to get any goodies from our GW1 HoM's. Because if that's the case... if I buy GW2 at all - I will simply do without HoM goodies, even if I earned them. That won't be due to a temper tantrum, throwing my toys out of the pram - but because it will be the only sane choice available to me. Last edited by Riot Narita; May 05, 2010 at 07:58 PM // 19:58.. |
|
|
|
|
May 05, 2010, 08:35 PM // 20:35
|
#79 |
|
Wilds Pathfinder
Join Date: Jun 2005
Location: Georgia, US
|
Why the hell do you guys not have account activity tracing like WoW? If someone gets hacked on WoW, upon proving it to a GM, a quick rollback results in zero loss. GW doesn't offer the same service, so if you get hacked, you email support, wait a few days, and get the "these are the precautions you can take" crap. How does that help anyone?
If you have account tracing, you can rollback AND FIND OUT WHO HACKED YOUR ACCOUNT. Someone has to transfer your items to another account. If you know this it helps SOLVE the problem instead of letting the hacker run rampant. So what if the hacker DELETED your characters as well? All those years of playing for nothing? How will you handle that then? There are several reasons why WoW has more players, this is one of them. Are you honestly going to assume your software and server is 100% safe? No software and server is 100% safe. Any freshman in CS Major will tell you that. All these people get hacked and you just assume everyone is a retard that hands out his or her account info or download shady third-party apps? Great business approach imo, having terrible customer support on the only game your company depend on. Maybe I shouldn't hold my breath for GW2 if my account is just going to get hacked anyway. |
|
|
|
|
May 05, 2010, 08:36 PM // 20:36
|
#80 |
|
Desert Nomad
Join Date: Aug 2005
Guild: DVDF(Forums)
Profession: Me/N
|
Sorry Martin, Thats a silly rationale.
No one has hacked us yet so we'll remove security until they do. Imagine a bank saying 'we've tested our security and since no one has hacked us yet and passwords are such a pain to the customer we've decided to remove them from our online banking system' For Guild wars 2... Please keep the character name check and add other features to stop accounts being hacked or trashed outside of the NCsoft layer.. |
|
|
|
 |
|
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT. The time now is 02:50 AM // 02:50.
jQuery(document).ready(checkAds()); function checkAds(){if (document.getElementById('adsense')!=undefined){document.write("_gaq.push(['_trackEvent', 'Adblock', 'Unblocked', 'false',,true]);");}else{document.write("