Dec 10, 2009, 09:46 PM // 21:46
|
#141
|
Lion's Arch Merchant
Join Date: Sep 2006
Guild: Alchemy Incorporated
Profession: Mo/E
|
Quote:
Originally Posted by The Drunkard
/notsigned
I would agree if you provide an explanation on some of the possible reasons how people are getting hacked and some alternatives for Anet to improve the security. Otherwise this is just another thread demanding Anet to change their game's structure because "we don't like it."
|
Here is one thing: If the NCSoft Master Account is compromised the Guild Wars password can be changed without ever typing a current password. Most sites do something like:
Enter your current Password:
Enter your new Password:
Confirm your new Password:
Within the NC Soft master account it works this way:
Enter your new password:
Confirm your new password:
..and bingo the password is changed allowing the thief, who never needed to know your current password, access to your account. It doesn't matter how good your password is, because they never even have to figure it out. And should you happen to already be logged into your account and playing it will kick you out to give the thief access.
How's that? Change your mind? Want a fix or two?
I'll be honest, I love A-Net. I love Guild Wars. I'm the biggest fanboi-gurl in the world. I support A-Net in every way possible. I've spent quite a lot of money on bringing my family into the game and I've talked it up to quite a few people who have spent their money to come into the game. But I won't spend another dollar until they say that they are working to make my account and the accounts that I've helped to propogate safe. It isn't that "we don't like it" like you've said in your post. It's that we can't trust it.
Last edited by Another Felldspar; Dec 10, 2009 at 09:56 PM // 21:56..
|
|
|
Dec 10, 2009, 09:51 PM // 21:51
|
#142
|
Frost Gate Guardian
Join Date: Sep 2009
Profession: Rt/
|
--signed--
/12char
|
|
|
Dec 10, 2009, 10:00 PM // 22:00
|
#143
|
Krytan Explorer
Join Date: Feb 2009
Guild: your just a meatsheild to me
Profession: N/Mo
|
/signed
anet i love your game but this bull has to stop its not fair we can lose years worth of work in hours. i log in at least twice a day just to make sure my accounts still there and even then im extra careful but a month or two ago my friend not a hacker but good with computers was able to help me reacess my NCsoft account in a matter of minutes when i had no clue the username or password and after said event happened i relized anet has put all who regestered in a position ready to be hacked. say good bye to all your stuff unless we get this fixed
|
|
|
Dec 10, 2009, 10:06 PM // 22:06
|
#144
|
Academy Page
Join Date: Apr 2007
Guild: Zero Hunters[Zero]
Profession: W/
|
/signed.....
|
|
|
Dec 10, 2009, 10:10 PM // 22:10
|
#145
|
Unbanned
Join Date: Jan 2008
Guild: Trinity of the Ascended [ToA] -- IGN: Swirly
Profession: Mo/
|
Quote:
Originally Posted by The Drunkard
/notsigned
I would agree if you provide an explanation on some of the possible reasons how people are getting hacked and some alternatives for Anet to improve the security. Otherwise this is just another thread demanding Anet to change their game's structure because "we don't like it."
|
Quote:
Originally Posted by Chthon
/Signed.
I've been keeping tabs on the "I've been hacked" stories. The most likely explanation is that, in addition to the usual number of people who get their accounts stolen through their own stupidity, there is currently a method of stealing accounts directly through a-net/NCSoft. The password reset feature on the NCSoft master account seems the most likely culprit.
This is unacceptable. If I fall for a phishing attempt or trust someone whom I should not have with my password, that's my own damn fault. But to have my account open to being stolen, no matter how careful I am, because NCSoft can't build a secure system is utterly unacceptable. So, not only do I sign on with Shan's petition -- harsh language and "security is more important than anything else" and all -- I'll go one step further: NCSoft will not see another penny from me, ever, until this is fixed.
To rehash several years worth of suggestions:
1. Find and close whatever vulnerability is allowing accounts to be stolen directly through a-net/NCSoft.
2. Since NCSoft clearly can't get their act together, just let us sever our GW accounts from NCSoft.
3. If we must retain the connection to NCSoft, then at the very least: (a) Give us back the ability to change our usernames. (b) NEVER display the e-mail that is the GW username from within the NCSoft account. (c) Require the current GW password to be entered in order to change the GW password.
4. Give us the ability to blacklist and whitelist individual IP's and IP blocks. I want to blacklist all of mainland China from ever logging into my account and I want to be prompted for a second password to login from any IP other than my current one.
5. Give us a "last login attempt for this account was X hours ago from IP W.X.Y.Z" notification every time we log in so that we know when someone is after our account and can contact support preemptively.
6. Give us an optional character lock that is permanent or takes at least a week to remove.
7. Give us a customized item lock with the same traits.
|
try reading the whole thread before you act like you know what's going on. if you read through you'll also find "some of the possible reasons how people are getting hacked"
/signed
|
|
|
Dec 10, 2009, 10:21 PM // 22:21
|
#146
|
Wilds Pathfinder
|
=X-Signed-X=
|
|
|
Dec 10, 2009, 10:22 PM // 22:22
|
#147
|
Site Contributor
Join Date: Jan 2006
Profession: R/
|
Somebody needs to do something about it. It's clearly becoming more common and more out of hand as each day passes.
/signed.
__________________
"Even if the morrow is barren of promises,
nothing shall forestall my return."
|
|
|
Dec 10, 2009, 10:23 PM // 22:23
|
#148
|
Academy Page
|
/signed...................
|
|
|
Dec 10, 2009, 10:25 PM // 22:25
|
#149
|
Ascalonian Squire
Join Date: Apr 2009
Guild: Trinity of Ascended [ToA]
Profession: R/
|
/signed
|
|
|
Dec 10, 2009, 10:25 PM // 22:25
|
#150
|
Desert Nomad
Join Date: Aug 2005
Guild: DVDF(Forums)
Profession: Me/N
|
Let's try and keep this thread focussed. Remember it's anets game and there are plenty of potential things they can do (see tons of threads on sardelac) without Ncsoft getting involved. So even if any breach at ncsoft isn't fixed it doesn't stop anet from doing damage limitation.
|
|
|
Dec 10, 2009, 10:35 PM // 22:35
|
#151
|
La-Li-Lu-Le-Lo
|
Tossing in my support, which comes as no surprise I'm sure.
Unfortunately, it appears that making accounts more secure is just too much of a nuisance. ArenaNet will not admit that they have a problem. NCSoft will not acknowledge or fix the problems that are incredibly obvious to anyone who has used their website.
We can hope, though.
__________________
Stay Breezy
|
|
|
Dec 10, 2009, 10:41 PM // 22:41
|
#152
|
Pre-Searing Cadet
Join Date: Nov 2009
Guild: We Are In Our Underpants As We [VanQ]
Profession: R/Mo
|
Signing this.
|
|
|
Dec 10, 2009, 10:46 PM // 22:46
|
#153
|
Desert Nomad
Join Date: Apr 2009
Guild: Trifecta Luminati [TRI]
Profession: W/
|
/signed
Any improvement on the current NCSoft security system is more than welcomed.
|
|
|
Dec 10, 2009, 10:52 PM // 22:52
|
#154
|
Krytan Explorer
Join Date: Jan 2007
Location: Kamadan AD1
Guild: Zealots Of Shiverpeak [ZoS]
Profession: D/A
|
/signed to protecting my 3000 hour investment
|
|
|
Dec 10, 2009, 10:52 PM // 22:52
|
#155
|
Desert Nomad
Join Date: Oct 2006
Location: Defending Fort Aspenwood
Profession: E/
|
/signed
I would like to have a security token please. (Authenticator)
|
|
|
Dec 10, 2009, 10:54 PM // 22:54
|
#156
|
Desert Nomad
Join Date: Dec 2005
Location: u know where my spot is !
Guild: Teh Academy [PhD]. Officer.
Profession: W/
|
---signed----
|
|
|
Dec 10, 2009, 11:01 PM // 23:01
|
#157
|
Raged Out
|
I may have come into this thread late but I don't get how the OP can ask A-Net to improve account security and make a petition to do so without offering a suggestion on how they can. I am sure they want you accounts as safe as you do but asking them to simply do something like that is like asking NASA to make you a spaceship to fly to Uranus.
|
|
|
Dec 10, 2009, 11:04 PM // 23:04
|
#158
|
Frost Gate Guardian
Join Date: Jul 2009
Guild: ecok
Profession: Me/
|
/signed
Pretty obvious from the amount of posts here that something is going wrong.
|
|
|
Dec 10, 2009, 11:09 PM // 23:09
|
#159
|
Wilds Pathfinder
|
Quote:
Originally Posted by MMSDome
I may have come into this thread late but I don't get how the OP can ask A-Net to improve account security and make a petition to do so without offering a suggestion on how they can. I am sure they want you accounts as safe as you do but asking them to simply do something like that is like asking NASA to make you a spaceship to fly to Uranus.
|
You might prolly read the thread completely, to see there are suggestions on how to do it. For example, not allowing Chinese IP addresses to access and change accounts that are owned by US (EU/other) citizens. Or requiring the current PW be input, before allowing it to be changed. Or sending an email to the owning account to verify the PW change... Among the host of other suggestions.
But really, all of these suggestions are totally common sense to anyone with even 1.5 years education in the computer science discipline.
Last edited by Coney; Dec 10, 2009 at 11:11 PM // 23:11..
|
|
|
Dec 10, 2009, 11:15 PM // 23:15
|
#160
|
Lion's Arch Merchant
Join Date: Dec 2008
Guild: Funny Business Inc [FBI]
|
May I suggest that once this thread dies a bit (let's say disappears from page 1), the petition, with all the names of those who signed along with suggestions, should be sent directly to Customer Support in an e-mail by a Guru Admin?
That way we can pretty much force an answer out of them.
|
|
|
Thread Tools |
|
Display Modes |
Linear Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT. The time now is 11:08 AM // 11:08.
|