Curse

DBMan · Dec 22, 2009, 07:48 PM // 19:48

Quote:

Originally Posted by Regina Buenaobra

Because you don't have any data or detailed information about the exact nature of the attacks, it's perfectly understandable that it's difficult to grasp how this helps players. However, if you take a look at the login screen, on the right side, there is text in red letters that will shed light on this issue for you.

Regina layin' down the law.

Just4Fun · Dec 22, 2009, 07:55 PM // 19:55

good fix, I like.

flyinhigh · Dec 22, 2009, 07:58 PM // 19:58

years too late, the thousands of accounts that got hacked because of their piss poor security is why i will never buy one of their products again.

w00t! · Dec 22, 2009, 08:15 PM // 20:15

Quote:

Originally Posted by Regina Buenaobra

Because you don't have any data or detailed information about the exact nature of the attacks, it's perfectly understandable that it's difficult to grasp how this helps players. However, if you take a look at the login screen, on the right side, there is text in red letters that will shed light on this issue for you.

Lol Regina, as community relations gal, you should know that the first rule is: "Never say anything that you can easily add the words YOU MORON to the end of".

Thus, "there is text in red letters that will shed light on this issue for you, YOU MORON!"

Thanks for the added security btw.

lilDeath · Dec 22, 2009, 08:22 PM // 20:22

Regina, does GW have some sort of lockout policy in place?
I haven't seen anything like this myself, granted I may only have typed my password incorrectly, at most, 2 times in a row.
A process like this will easily stop brute-force attempts on accounts.

Obviously, you must have the relevant processes in place for recovering from a lockout, eg. contacting support, going through 'real' security questions, or even an auto-unlock after a period of time.

E-mails could be sent to the registered e-mail address about several failed login attempts, to alert the player and then contact Support to investigate.
etc etc etc.

esthetic · Dec 22, 2009, 08:23 PM // 20:23

Quote:

Originally Posted by Regina Buenaobra

If we have given players advance warning that this security update would be implemented, and when it would be implemented, the hackers would have been given advanced warning, too. Players would have been prepared, would have been able to check all their accounts, but don't forget---the hackers would have been forewarned as well.

Enough of an outcry, ANet will remove this feature in the future? In the next few days, find out what databases have been compromised, identify the hackers and then remove this char name feature to allow people who for some unknown reason forgot their character names.

Whats to say, that the hackers dont have the character names as well? In some cases the hackers would have access but the buyer of the account is locked out?

Clobimon · Dec 22, 2009, 08:23 PM // 20:23

Quote:

Originally Posted by w00t!

Lol Regina, as community relations gal, you should know that the first rule is: "Never say anything that you can easily add the words YOU MORON to the end of".

It's impossible to write anything then since you can put it at the end of any sentence, you moron.

ha!

At any rate, anything additional for security is good regardless of how good. Even if players would need to enter something additional manually at each login they're still ingame faster than anything else out there.

Fay Vert · Dec 22, 2009, 08:29 PM // 20:29

Quote:

Originally Posted by Regina Buenaobra

Because you don't have any data or detailed information about the exact nature of the attacks, it's perfectly understandable that it's difficult to grasp how this helps players. However, if you take a look at the login screen, on the right side, there is text in red letters that will shed light on this issue for you.

You misunderstand. My point was, you couldn't forewarn players because doing so would help the hackers, how would it help the hackers?

My other point was, now that you added this, hackers have a reason to delete the players characters to delay getting the (near worthless to the owning player) account back.

You are also being inconsistent, you can't say anything but you can hint? And you can't reveal the exact nature to players to help then make their own choices, despite the fact that I am pretty sure the hackers know exactly how they are doing it, so why the secrecy?

Me thinks I am not the only one without all the data, I suspect ANet have very limited information on how this is all happening, hence the stupid and ineffectual advice given thus far.

I am also concerned that this bandaid measure, welcome as it is, is all you intend to do.

Meh, what do I know, I'm just a moron.

isildorbiafra · Dec 22, 2009, 08:37 PM // 20:37

Quote:

Originally Posted by Fay Vert

Meh, what do I know, I'm just a moron.

Well spoken. Outstanding.

Steps_Descending · Dec 22, 2009, 08:37 PM // 20:37

Quote:

Originally Posted by Fay Vert

Meh, what do I know, I'm just a moron.

Calm down Vert, remember Regina never actually called you moron, right?
Besode, "moron" doesn't flow naturally at the end of regina's post.

w00t! · Dec 22, 2009, 08:49 PM // 20:49

Quote:

Originally Posted by Steps_Descending

Calm down Vert, remember Regina never actually called you moron, right?
Besode, "moron" doesn't flow naturally at the end of regina's post.

It was a freaking joke people! Geez.

It was me, not Regina, who said that. Flames > nil: please.

Any added security is helpful. No security is completely bulletproof, but this extra layer should decrease successful attacks, which is something we've all been crying about for years.

When it comes down to it, most posters on GwGuru are a bunch of whiners.

Mustache Mayhem · Dec 22, 2009, 09:07 PM // 21:07

anyone notice the reconnect feature is gone with this update

Ugh · Dec 22, 2009, 09:11 PM // 21:11

Quote:

Originally Posted by Mustache Mayhem

anyone notice the reconnect feature is gone with this update

Are you sure? In some cases it just doesn't give you the option to reconnect.

Mustache Mayhem · Dec 22, 2009, 09:12 PM // 21:12

yeah just tested it out.. go in a mission and end gw- go back in and doesn't give you the option anymore

AngelWJedi · Dec 22, 2009, 09:16 PM // 21:16

Quote:

Originally Posted by MagmaRed

I find it sad that people can't remember a character name. I have little sympathy for that. If you are randomly assigning names then it isn't something you care much about anyway. It isn't hard to create storage characters with simple names that are easy to remember.

Although not the best solution, it is a working one, and will do as Ark mentioned. Glad they have stepped up to stop part of the problems while still working on the others.

I find it sad you look down on people who dont remember ever single name. i am luck i remembered my main toons name. otherwise i wouldnt have been able to get back on. my 7 other girls where named in another language because i like to role play them pretending that they came from a certian county. thus some if not all are hard to spell. plus add in the fact didnt take in that some people have dyslexia. gg anet! one of my guildies has that. and it took her like 5-10 minutes to sign in.

HawkofStorms · Dec 22, 2009, 09:30 PM // 21:30

Quote:

Originally Posted by draxynnic

Odd, but I think I can see the logic - it means that somebody at least needs to do a modicum of research on the specific account they're trying to hack. Although it DOES have the effect of meaning that people who list their characters in a public place have possibly weakened their security (although hopefully said people don't also reveal the email attached to the account).

And that explains why A.net requests Guru to remove character names from the profile page. Makes perfect sense.

Fay Vert · Dec 22, 2009, 09:31 PM // 21:31

Quote:

Originally Posted by w00t!

It was a freaking joke people! Geez.

It was me, not Regina, who said that. Flames > nil: please.

Well I took it as a joke!

And while I know it wasn't Regina that said it, you must admit, there was a irritated condecending tone to her post.

What she doesn't seem to realise, is while I don't know all the data ANet has to go on, she also does not know all the information and knowledge I have about computer security.

And I'll tell you know, it's a lot, so when I see a bit of bandaid wrapped up in BS, spin, and condecending misinformation, I call it.

Its also a shame that the only way you can get much out of CS is to rattle their cage. Still, if that's what it takes

Steps_Descending · Dec 22, 2009, 09:56 PM // 21:56

Quote:

Originally Posted by w00t!

It was a freaking joke people! Geez.

Quote:

Originally Posted by Fay Vert

Well I took it as a joke!

We all got it then.

Yasmine · Dec 22, 2009, 10:00 PM // 22:00

Quote:

Originally Posted by Mustache Mayhem

yeah just tested it out.. go in a mission and end gw- go back in and doesn't give you the option anymore

Well, I have dced and reconnected during a vanquish this morning (gmt, after the update) without any problems.

Mustache Mayhem · Dec 22, 2009, 10:11 PM // 22:11

lemme try again after this run.. might have something to do with putting in a character name that's not the same as the one your trying to reconnect

used to focus on the last character when you logged in.. but since update just goes to the one you put in the character name box