Curse

MisterB · May 13, 2008, 04:46 AM // 04:46

No.
If there is an exploit or security vulnerability, then ANet needs to address account security and fix the problem rather than diminish damage done as a result of a security breach. If people are failing to address security themselves, this won't be of use(they'll just use the same password as log in), and will generate more support tickets.

Maria The Princess · May 13, 2008, 04:50 AM // 04:50

^^ well storage passsword would be a quik fix, they oviously cant handle account security properly since we see more and more accounts being hacked, so how about we could just feel a tad safer? i mean, why do we have to be punished, while they could at least use this "quik fix" to hold us off untill we get a decent security system. the messege on login screen "account safety dont give your password" is not a real theft protection.....

jackers1234 · May 13, 2008, 10:40 AM // 10:40

/signed with the slight change to a PIN that is entered by clicking on the screen, that way keyloggers cant get your vault pass.

Ghostcell · May 13, 2008, 10:51 AM // 10:51

it wouldn't hurt to see it added to the game, but it does look like it will be too much coding.
anyway /signed

Mystica · May 13, 2008, 11:34 AM // 11:34

Quote:

Originally Posted by inchoate

There's no such thing as a hacked account. Evil-doers get onto other people's accounts by tricking the password out of them.

To my mind, if you're stupid enough to give your password to anyone you deserve to have your 'precious items' stolen.

Will /sign this!

What's next? Enter your social insurance info to access your vault or telefon validation to take items out?

"Dear XXX, we are calling you because you requested to take the following item out of your protected vault.

Fiery Dragon Sword of Tenguslaying
10-19 Fire dmg
12^50
+11% dmg vs Tengu

Please varify the transaction by saying "MKAY" after the beep.

BEEEEEEEP"

Felixious · May 13, 2008, 12:02 PM // 12:02

Quote:

Originally Posted by Maria The Princess

how about "forgot password" button and you answer to a private question you make up yourself?

What is your favourite movie?

No. As said before, the ones who actually need this would be those who'd probably forget their secret answer, or see another movie and call it their new favourite. Runescape has an owning bank-protection. Let's use that. Yeah.

Proff · May 13, 2008, 12:16 PM // 12:16

How bout just more storage?

Maria The Princess · May 13, 2008, 05:07 PM // 17:07

Quote:

Originally Posted by Felixious

What is your favourite movie?

No. As said before, the ones who actually need this would be those who'd probably forget their secret answer, or see another movie and call it their new favourite. Runescape has an owning bank-protection. Let's use that. Yeah.

Quote:

Originally Posted by Mystica

What's next? Enter your social insurance info to access your vault or telefon validation to take items out?

i understand forgetting PIN, but.....

if a person is too stupid to remember whats the answer to their private question they made up on their own, or put the security PIN the same as their account password, or choose an answer that is something like "who is the american president at this moment" they should uninstall GW, put the computer in its original box and demand a refund.

this function is only to protect players storage, no exaggeration needed.

zamial · May 13, 2008, 06:29 PM // 18:29

/NOT SIGNED

Your account which is worth far more than any 1 item you own, already has a password on it. If you get/got hacked that is a directly related to 1 of 2 things.

1. You gave someone your password. ( Even a vault will not keep items secured if owner is a moron.)

2. Your account password is not strong enough. This is easy to fix.
make your passwords meet the following requirements:
a) a minimum of 8 characters in length.(the longer the better)
b) use 1 lower case, 1 upper case, 1 number and 1 special character.

A helpful tool brought to you from our friends at M$.
http://www.microsoft.com/protect/you...d/checker.mspx

Lady Lozza · May 14, 2008, 06:24 AM // 06:24

The amount of account hacking going on, yes I'd sign this so:
/sign

A further suggestion/separate suggestion -
Instead of typing the character name in order to delete, or in addition to, have a pin that must be entered. Certainly this can be brute forced if the hacker is determine enough, but something tells me most hackers just want to get in and out. This would protect our character which, to be honest, are more important than the ectos and the gold.

Lady Lozza · May 14, 2008, 06:34 AM // 06:34

Quote:

Originally Posted by zamial

/NOT SIGNED

Your account which is worth far more than any 1 item you own, already has a password on it. If you get/got hacked that is a directly related to 1 of 2 things.

1. You gave someone your password. ( Even a vault will not keep items secured if owner is a moron.)

2. Your account password is not strong enough. This is easy to fix.
make your passwords meet the following requirements:
a) a minimum of 8 characters in length.(the longer the better)
b) use 1 lower case, 1 upper case, 1 number and 1 special character.

A helpful tool brought to you from our friends at M$.
http://www.microsoft.com/protect/you...d/checker.mspx

Unfortunately a complex password will not protect you from a keylogger, which while virus scans will most commonly pick such things up there are known root kits (Sony DRM anyone?) that hide these nasties even from an anti-virus and anti-spyware packages.

Unfortunately a complex password will not protect you from brute force attacks, it will only slow the hacker down. While I doubt that most GW hackers would waste time on an account that takes a lot longer to hack than someone whose password is "guildwars", those who are serious about their business would have no issue. The best protection from brute force attacks is a non-web based email address you don't use for much else.

Even all of the above will not help if:
1) PlayNC servers have been breeched again, or
2) A hacker is intercepting packages during attempted reconnects (not sure how possibe this is but is has been discussed).

In the end Zamial, security is no simple thing. Everything is vulnerable and you should treat it as such. Added security measures will never be absolutely fool-proof, but it does slow hackers/thieves down, and will make some think twice about doing it.

Thizzle · May 14, 2008, 09:20 PM // 21:20

Quote:

Originally Posted by Felixious

Just wait for all the QQ threads with "OMG I LOST PASSW0RDZ AND MY R9 TORMENTED SCYTHE IS IN THERE OMG OMG PLEASE HELP ME!!!!!!!one!!eleven!!oneone!!!?

"

Yeah. I guess it could be of use.
/Sign

I thought tormented weapons were always r9? Anyway...

/signed.

The Meth · May 14, 2008, 09:24 PM // 21:24

You have a password on your account. Don't download keyloggers and change your password to something other then 12345 and this idea is useless.

Yuhe Ji · May 15, 2008, 12:42 AM // 00:42

I guess /signed
People have been getting hacked a lot recently, and it's not because they're doing dumb things (at least that's not what it looks like). Hackers are getting in by brute force, you guys should stop bashing on the people that have been getting hacked.