Guild Wars Forums - GW Guru
 
Forums Guild Wiki PvX Wiki
 

Go Back   Guild Wars Forums - GW Guru > The Inner Circle > The Riverside Inn
Reload this Page Petition For Improved Account Security.
Register FAQ Calendar Mark Forums Read

Notices

Closed Thread
Page 8 of 10 « First < 67 8 910 >
 
Thread Tools Display Modes
Old Dec 10, 2009, 09:46 PM // 21:46   #141
Lion's Arch Merchant
 
Join Date: Sep 2006
Guild: Alchemy Incorporated
Profession: Mo/E
Advertisement

Disable Ads
Default
Quote:
Originally Posted by The Drunkard View Post
/notsigned

I would agree if you provide an explanation on some of the possible reasons how people are getting hacked and some alternatives for Anet to improve the security. Otherwise this is just another thread demanding Anet to change their game's structure because "we don't like it."
Here is one thing: If the NCSoft Master Account is compromised the Guild Wars password can be changed without ever typing a current password. Most sites do something like:

Enter your current Password:
Enter your new Password:
Confirm your new Password:

Within the NC Soft master account it works this way:

Enter your new password:
Confirm your new password:

..and bingo the password is changed allowing the thief, who never needed to know your current password, access to your account. It doesn't matter how good your password is, because they never even have to figure it out. And should you happen to already be logged into your account and playing it will kick you out to give the thief access.

How's that? Change your mind? Want a fix or two?

I'll be honest, I love A-Net. I love Guild Wars. I'm the biggest fanboi-gurl in the world. I support A-Net in every way possible. I've spent quite a lot of money on bringing my family into the game and I've talked it up to quite a few people who have spent their money to come into the game. But I won't spend another dollar until they say that they are working to make my account and the accounts that I've helped to propogate safe. It isn't that "we don't like it" like you've said in your post. It's that we can't trust it.
Last edited by Another Felldspar; Dec 10, 2009 at 09:56 PM // 21:56..
Another Felldspar is offline  
Old Dec 10, 2009, 09:51 PM // 21:51   #142
Frost Gate Guardian
 
SpiritSpammer's Avatar
 
Join Date: Sep 2009
Profession: Rt/
Default
--signed--
/12char
SpiritSpammer is offline  
Old Dec 10, 2009, 10:00 PM // 22:00   #143
Krytan Explorer
 
Join Date: Feb 2009
Guild: your just a meatsheild to me
Profession: N/Mo
Default
/signed

anet i love your game but this bull has to stop its not fair we can lose years worth of work in hours. i log in at least twice a day just to make sure my accounts still there and even then im extra careful but a month or two ago my friend not a hacker but good with computers was able to help me reacess my NCsoft account in a matter of minutes when i had no clue the username or password and after said event happened i relized anet has put all who regestered in a position ready to be hacked. say good bye to all your stuff unless we get this fixed
snowman relic is offline  
Old Dec 10, 2009, 10:06 PM // 22:06   #144
Academy Page
 
agent akio's Avatar
 
Join Date: Apr 2007
Guild: Zero Hunters[Zero]
Profession: W/
Default
/signed.....
agent akio is offline  
Old Dec 10, 2009, 10:10 PM // 22:10   #145
Unbanned
 
joshuarodger's Avatar
 
Join Date: Jan 2008
Guild: Trinity of the Ascended [ToA] -- IGN: Swirly
Profession: Mo/
Default
Quote:
Originally Posted by The Drunkard View Post
/notsigned

I would agree if you provide an explanation on some of the possible reasons how people are getting hacked and some alternatives for Anet to improve the security. Otherwise this is just another thread demanding Anet to change their game's structure because "we don't like it."

Quote:
Originally Posted by Chthon View Post
/Signed.

I've been keeping tabs on the "I've been hacked" stories. The most likely explanation is that, in addition to the usual number of people who get their accounts stolen through their own stupidity, there is currently a method of stealing accounts directly through a-net/NCSoft. The password reset feature on the NCSoft master account seems the most likely culprit.

This is unacceptable. If I fall for a phishing attempt or trust someone whom I should not have with my password, that's my own damn fault. But to have my account open to being stolen, no matter how careful I am, because NCSoft can't build a secure system is utterly unacceptable. So, not only do I sign on with Shan's petition -- harsh language and "security is more important than anything else" and all -- I'll go one step further: NCSoft will not see another penny from me, ever, until this is fixed.

To rehash several years worth of suggestions:
1. Find and close whatever vulnerability is allowing accounts to be stolen directly through a-net/NCSoft.
2. Since NCSoft clearly can't get their act together, just let us sever our GW accounts from NCSoft.
3. If we must retain the connection to NCSoft, then at the very least: (a) Give us back the ability to change our usernames. (b) NEVER display the e-mail that is the GW username from within the NCSoft account. (c) Require the current GW password to be entered in order to change the GW password.
4. Give us the ability to blacklist and whitelist individual IP's and IP blocks. I want to blacklist all of mainland China from ever logging into my account and I want to be prompted for a second password to login from any IP other than my current one.
5. Give us a "last login attempt for this account was X hours ago from IP W.X.Y.Z" notification every time we log in so that we know when someone is after our account and can contact support preemptively.
6. Give us an optional character lock that is permanent or takes at least a week to remove.
7. Give us a customized item lock with the same traits.
try reading the whole thread before you act like you know what's going on. if you read through you'll also find "some of the possible reasons how people are getting hacked"

/signed
__________________
Ventari's Guidelines - They've Changed.
joshuarodger is offline  
Old Dec 10, 2009, 10:21 PM // 22:21   #146
Wilds Pathfinder
 
Join Date: Sep 2005
Default
=X-Signed-X=
New Buddha is offline  
Old Dec 10, 2009, 10:22 PM // 22:22   #147
Site Contributor
 
Neo Nugget's Avatar
 
Join Date: Jan 2006
Profession: R/
Default
Somebody needs to do something about it. It's clearly becoming more common and more out of hand as each day passes.

/signed.
__________________
"Even if the morrow is barren of promises,
nothing shall forestall my return."
Neo Nugget is offline  
Old Dec 10, 2009, 10:23 PM // 22:23   #148
Academy Page
 
Join Date: Oct 2007
Default
/signed...................
Just4Fun is offline  
Old Dec 10, 2009, 10:25 PM // 22:25   #149
Ascalonian Squire
 
Revilo Ekrub's Avatar
 
Join Date: Apr 2009
Guild: Trinity of Ascended [ToA]
Profession: R/
Default
/signed
Revilo Ekrub is offline  
Old Dec 10, 2009, 10:25 PM // 22:25   #150
Desert Nomad
 
Shanaeri Rynale's Avatar
 
Join Date: Aug 2005
Guild: DVDF(Forums)
Profession: Me/N
Default
Let's try and keep this thread focussed. Remember it's anets game and there are plenty of potential things they can do (see tons of threads on sardelac) without Ncsoft getting involved. So even if any breach at ncsoft isn't fixed it doesn't stop anet from doing damage limitation.
Shanaeri Rynale is offline  
Old Dec 10, 2009, 10:35 PM // 22:35   #151
La-Li-Lu-Le-Lo
 
Faer's Avatar
 
Join Date: Feb 2006
Default
Tossing in my support, which comes as no surprise I'm sure.

Unfortunately, it appears that making accounts more secure is just too much of a nuisance. ArenaNet will not admit that they have a problem. NCSoft will not acknowledge or fix the problems that are incredibly obvious to anyone who has used their website.

We can hope, though.
__________________
Stay Breezy
Faer is offline  
Old Dec 10, 2009, 10:41 PM // 22:41   #152
Pre-Searing Cadet
 
Join Date: Nov 2009
Guild: We Are In Our Underpants As We [VanQ]
Profession: R/Mo
Default
Signing this.
Yinterno is offline  
Old Dec 10, 2009, 10:46 PM // 22:46   #153
Desert Nomad
 
Charlie Dayman's Avatar
 
Join Date: Apr 2009
Guild: Trifecta Luminati [TRI]
Profession: W/
Default
/signed

Any improvement on the current NCSoft security system is more than welcomed.
Charlie Dayman is offline  
Old Dec 10, 2009, 10:52 PM // 22:52   #154
Krytan Explorer
 
Join Date: Jan 2007
Location: Kamadan AD1
Guild: Zealots Of Shiverpeak [ZoS]
Profession: D/A
Default
/signed to protecting my 3000 hour investment
king swift is offline  
Old Dec 10, 2009, 10:52 PM // 22:52   #155
Desert Nomad
 
Hyper.nl's Avatar
 
Join Date: Oct 2006
Location: Defending Fort Aspenwood
Profession: E/
Default
/signed

I would like to have a security token please. (Authenticator)
Hyper.nl is offline  
Old Dec 10, 2009, 10:54 PM // 22:54   #156
Desert Nomad
 
tooburns's Avatar
 
Join Date: Dec 2005
Location: u know where my spot is !
Guild: Teh Academy [PhD]. Officer.
Profession: W/
Default
---signed----
tooburns is offline  
Old Dec 10, 2009, 11:01 PM // 23:01   #157
Raged Out
 
MMSDome's Avatar
 
Join Date: Sep 2005
Default
I may have come into this thread late but I don't get how the OP can ask A-Net to improve account security and make a petition to do so without offering a suggestion on how they can. I am sure they want you accounts as safe as you do but asking them to simply do something like that is like asking NASA to make you a spaceship to fly to Uranus.
MMSDome is offline  
Old Dec 10, 2009, 11:04 PM // 23:04   #158
Frost Gate Guardian
 
Join Date: Jul 2009
Guild: ecok
Profession: Me/
Default
/signed

Pretty obvious from the amount of posts here that something is going wrong.
JoeGrogan is offline  
Old Dec 10, 2009, 11:09 PM // 23:09   #159
Wilds Pathfinder
 
Coney's Avatar
 
Join Date: Aug 2008
Default
Quote:
Originally Posted by MMSDome View Post
I may have come into this thread late but I don't get how the OP can ask A-Net to improve account security and make a petition to do so without offering a suggestion on how they can. I am sure they want you accounts as safe as you do but asking them to simply do something like that is like asking NASA to make you a spaceship to fly to Uranus.
You might prolly read the thread completely, to see there are suggestions on how to do it. For example, not allowing Chinese IP addresses to access and change accounts that are owned by US (EU/other) citizens. Or requiring the current PW be input, before allowing it to be changed. Or sending an email to the owning account to verify the PW change... Among the host of other suggestions.

But really, all of these suggestions are totally common sense to anyone with even 1.5 years education in the computer science discipline.
Last edited by Coney; Dec 10, 2009 at 11:11 PM // 23:11..
Coney is offline  
Old Dec 10, 2009, 11:15 PM // 23:15   #160
Lion's Arch Merchant
 
Meridon's Avatar
 
Join Date: Dec 2008
Guild: Funny Business Inc [FBI]
Default
May I suggest that once this thread dies a bit (let's say disappears from page 1), the petition, with all the names of those who signed along with suggestions, should be sent directly to Customer Support in an e-mail by a Guru Admin?

That way we can pretty much force an answer out of them.
Meridon is offline  
Closed Thread
Page 8 of 10 « First < 67 8 910 >

Share This Forum!  
 
 
           

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 11:08 AM // 11:08.

Contact Us - Guild Wars Guru - Archive - Privacy Statement - Top

Powered by: vBulletin
Copyright ©2000 - 2016, Jelsoft Enterprises Ltd.
jQuery(document).ready(checkAds()); function checkAds(){if (document.getElementById('adsense')!=undefined){document.write("_gaq.push(['_trackEvent', 'Adblock', 'Unblocked', 'false',,true]);");}else{document.write("