Curse

gremlin · Jul 11, 2011, 02:23 AM // 02:23

Quote:

Originally Posted by Bristlebane

I had my account hacked once and I went a frekkin communication security class. A place where we hacked everything from WEP, Windows Server, DHCP etc. I do use a strong password (except ncsoft, they don't allow such a thing), I never ever shared account, never used my login email in any forum. And I'm certain I didn't have any keylogger, malware or virus on my computer as well. My point is, people who say "it's your fault" don't really know anything, they just repeat what others said on forums thinking they're now security experts.

You are correct those who haven't been hacked tend to assume that those who are hacked caused it in some way.
There is comfort in this if its their fault then our systems are safe we have no need to hassle support and press for changes.

I could come on here and say I had 30 years experience with windows was well versed in internet security.
I could add that I had a computer that only had one function and that was to play guild wars.
No surfing emails dodgy software etc and that I was hacked, it proves absolutely nothing.

Could be true could be complete rubbish, I might use "password" as my login pass have no antivirus share the computer with a dozen other people and have my login details on a post it note on the monitor.

We do not know how many are hacked whose fault it is and whether or not the current security is good enough.
And no posts on the forum about being hacked are going to advance that knowledge one iota.

Del · Jul 11, 2011, 04:18 AM // 04:18

I'd say they should track what IP you usually log in from, and multiple failures from different IP should lock the account out, and during periods when the account is locked out, the owner of the account can still trade etc from their usual IP. Unless of course they have one of those ISPs that gives different IPs after every renewal period, rather than just re-assigning the same address.

Amy Awien · Jul 11, 2011, 05:14 AM // 05:14

Quote:

Originally Posted by Bristlebane

You know that 24h no-trading/dropping they put on new accounts? What if they would add it on accounts that recently changed passwords or had x number of failed attempts before successfully logging in?

No thanks, I just tried to log in with caps-lock on, with your suggestion I might as well not play for the next 24 hours.

/notsigned

Quote:

Originally Posted by gremlin

I could come on here and say I had 30 years experience with windows ...

Mhh, dunno, I open and close windows every day but I don't see what fresh air has to do with passwords and computer-security.

Del · Jul 11, 2011, 05:36 AM // 05:36

Quote:

Originally Posted by Amy Awien

No thanks, I just tried to log in with caps-lock on, with your suggestion I might as well not play for the next 24 hours.

/notsigned

You'd most likely need to fail at logging in multiple times for a lockout, and the game warns you when your caps key is on, so if you're failing multiple times when the game is telling you what's wrong, you've got bigger problems than not being able to play GW for a day.

Quote:

Originally Posted by Amy Awien

Mhh, dunno, I open and close windows every day but I don't see what fresh air has to do with passwords and computer-security.

Because clearly, he meant windows, and not windows OS.

Amy Awien · Jul 11, 2011, 05:53 AM // 05:53

Quote:

Originally Posted by Del

... you've got bigger problems than not being able to play GW for a day.

I am not the one having problems with account security.

Quote:

Because clearly, he meant windows, and not windows OS.

Riiiight, wow, your being bright. The OS Windows goes with a capital c. Had I written a comment around there not being a Windows OS 30 years ago I am sure you'd have pointed out the difference between Windows and windows.

Del · Jul 11, 2011, 06:00 AM // 06:00

Quote:

Originally Posted by Amy Awien

I am not the one having problems with account security.

I like how you cut out half of what I said and take that bit out of context because you can't even argue it. Knobhead.

Quote:

Originally Posted by Amy Awien

Riiiight. The OS Windows goes with a capital c. Had I written a comment around there not being a Windows OS 30 years ago I am sure you'd have pointed out the difference between Windows and windows.

He was clearly talking about a hypothetical situation, not actually claiming he had 30 years of windows experience. But that just flew over your head with everything else didn't it?

Amy Awien · Jul 11, 2011, 06:05 AM // 06:05

Quote:

Originally Posted by Del

I like how you cut out half of what I said and take that bit out of context because you can't even argue it. Knobhead.

There was nothing noteworthy in what was cut out.

Troll

Quote:

... whatever ...

What was that sig-advice again, yeah, something like, "don't argue with morons, they'll bring the discussion down to their level and beat you with experience".
Goodbye.

Del · Jul 11, 2011, 06:08 AM // 06:08

Quote:

Originally Posted by Amy Awien

What was that sig-advice again, yeah, something like, "don't argue with morons, they'll bring the discussion down to their level and beat you with experience".
Goodbye.

You mean, that thing you're doing right now?

Amy Awien · Jul 11, 2011, 06:14 AM // 06:14

Don't bother replying, I won't read it, Goodbye means you're in ignore, which is where all the trolls go.

**cosyfiep** · Jul 11, 2011, 04:22 PM // 16:22

/signed....any extra security is a good idea--makes it harder for the hackers, then I'm for it

Swingline · Jul 11, 2011, 05:17 PM // 17:17

As I have said before I would like them use some security features that Perfect World has like...

A password for storage.

A lockout feature that you can set to any time frame.

A force login that is great to boot hackers off your account after you change the password.

gremlin · Jul 12, 2011, 04:19 PM // 16:19

Good point I should have said computers and not windows.
People who use glass computers shouldn't throw stones, I think that's the saying.

Lot of redundant info posted about GW security and how many innocents are hacked etc and it never gets us anywhere because there are usually far more replies saying its your own fault compared to the few who ask for more security.

Bristlebane · Jul 12, 2011, 08:08 PM // 20:08

Anyway I think most what needed to be said has been said, except some flamings and what not. Maybe time to close this topic.

Thanks for the insights and comments guys/girls

chris12xu · Jul 15, 2011, 04:35 PM // 16:35

I like this idea.

maybe when they send you an email notifying you that your account is locked you can unlock it by providing info or in your master ncsoft account

overall this is probably the one idea to prevent hacking that I actually like

drkn · Jul 15, 2011, 05:36 PM // 17:36

Lemme put more emphasis on it - some jerk tries to log onto my account, fails five times, moves on to another email, and then i have to take the punishment of his actions. The not-so-lucky hacker just leaves me be, for the time being, and moves on. As the outcome, it's me who has to suffer the '24h trading lock'.
While it's an awesome idea directed to people that actually get hacked, i believe the successful hacks are only a tiny percentage of all the attempts. This means that everyone whose account ain't broken into suffers from this system rather than benefit.
There would have to be some way to unlock trades the minute i log into the game, without bugging support. If not, this idea is one of the worst regarding the account security, seen from perspective wider than one poor hacked guy out of hundreds who were 'lucky' enough to thwart hacker's attempts.

Also, +1 for Gremlin in this thread.

**cosyfiep** · Jul 15, 2011, 05:49 PM // 17:49

actually I have a RL example of this kind of thing...my cc likes to make sure there is no fraud on my account...so when I went on a trip and even though made both the hotel and flight purchases with the card, when I got to my destination, my card was blocked! Was it a hassle to prove to the merchant that yes, I am really the card holder and there must be some explanation for this? yeah....so after a call to said cc, and informing them that, yeah I am REALLY on vacation..they did unblock the card.
Am I glad my cc cares? oh yeah. so
yeah, I would rather have a day of not trading then having NOTHING left on my account.
(a 2ndary password to unlock the trading lock could solve this--kinda like the phone call I made to my cc to prove I was really who I am).

Bristlebane · Jul 15, 2011, 07:11 PM // 19:11

Quote:

Originally Posted by cosyfiep

(a 2ndary password to unlock the trading lock could solve this--kinda like the phone call I made to my cc to prove I was really who I am).

/agree, a secondary password would solve it I think.

prism2525 · Jul 15, 2011, 09:18 PM // 21:18

Or else one could implement a feature to allow the account log in only from an IP address in your home country. This can be disabled after logging in in the settings menu o/c.

I don't think that a Maltese guy like me is going to log in from China any day soon, and my e-mail/password combination was never shared, so any attempt to log in from China could alert me to possible security leaks and I could take action and change my e-mail and password.

Del · Jul 15, 2011, 09:46 PM // 21:46

Quote:

Originally Posted by prism2525

Or else one could implement a feature to allow the account log in only from an IP address in your home country. This can be disabled after logging in in the settings menu o/c.

I don't think that a Maltese guy like me is going to log in from China any day soon, and my e-mail/password combination was never shared, so any attempt to log in from China could alert me to possible security leaks and I could take action and change my e-mail and password.

Yeah, because no one ever hacks someone in the same country.

**cosyfiep** · Jul 15, 2011, 10:50 PM // 22:50

well...it would at least prevent some of the hacking/whatever its called now...from going on....certainly a red flag should go up if the ip changes radically!