Curse

Zui · Sep 26, 2006, 07:44 PM // 19:44

Quote:

Originally Posted by Scavenger Rage

SO....if you think this way how the hell could you "/not signed"?!?!?!

Because, when you boil it down to basics, I'll bet you every single person that's had their account stolen wasn't concerned about their security AT ALL, at least not enough to take any steps to ensure their security, aside from setting an insanely easy password like their first name, or "password" that they use for absolutly everything, and probably even using a very public email adress that they probably use for everything like instant messenger, and fourms, even Guru Auction...

If they were actually concerned about their online security, and took reasonable precautions, I'll bet you that absolutly 0 people would have had their accounts stolen. Because of this, I see no reason to improve the existing system, aside from the current yet fairly minor flaws in the Play NC system, which, are already being worked on.

Shattered Self · Sep 26, 2006, 10:19 PM // 22:19

/not signed

At the very least limit any restrictions on character deletion to PVE characters.

MMSDome · Sep 26, 2006, 10:52 PM // 22:52

/signed the part about using a password to delete it

What would it hurt?

Mister_Smiley · Sep 26, 2006, 11:05 PM // 23:05

/signed

The truth itself · Sep 27, 2006, 12:30 AM // 00:30

Umm..

New ssystem #1:

When you delete a character, you just disable it, and you have to wait 14 days for it to be deleted entirely.

In this way, it's impossible for the hacker just to delete it and leave.

Problems with this idea is that, you may need the space of the deleted character right away,

Solution #1:

When you disable a character, you will get a free slot open, but if you decide to get the character back, you need to give up a free slot. Problem solved.

Sephiroth Istari · Sep 27, 2006, 01:26 AM // 01:26

/signed

KoalaMeatPie · Sep 27, 2006, 02:48 AM // 02:48

/signed but....

If they already got into your account, that means YOU did something wrong.

Usually around the password idea of making it really easy. Or telling it. Or using 3rd Party Programs.

Secondly, "Setting up and Extra Password" ... Wtf? If they already got into your account, setting up and extra password si nto going to do you any good.

Nightsear · Sep 27, 2006, 02:52 AM // 02:52

Hell no, I don't want to keep confirming my Email just to delete PvP characters.

Undivine · Sep 27, 2006, 03:47 AM // 03:47

To have to make all sorts of confirmations and such just to delete your character is a bit annoying. I suppose if it's optional that's fine, but meh. It seems a bit extreme.

I do like the idea of having an email sent to you if the wrong password is used too many times. Perhaps even lock the account if that happens, requiring the account holder to respond to the email or click a link in it to unlock the account again.

Later

Scavenger Rage · Sep 27, 2006, 04:48 AM // 04:48

Ok....my idea might have been lost on all these posts, so I will remake it whith "easy-to-follow" steps:

1. a PIN number would be added to the account password system, this would be a 4 type number (got the idea from my phone). And it would act as a confirmation password, witch would be 100% configurable for the areas you want it to kick in... none / char deleting / storage access / change e-mail / all previous / -type here more suggestions-

2. Confirmation e-mail for deleting and "14 days period" is just wrong. Everything have to be built into the game client, and also, instantaneous. SO, for deleting a char, you type in his name THEN if you configured it to, you would have to go for the PIN as well.

3. Track of how many incorrect attempts have been made to access your account, AND a 24hs lockdown if it is typed wrong 5 times in a row (lets simplify it, no need for IP track or anything, just HOW MANY incorrect attempts had been made since your last log-out with the time for the last one will suffice). This would show on the char selection screen right after you log in as a pop up message you had to click OK to get rid, so it is 100% visible and you won’t simply select the char and forget about it on the corner of your eye.

-------------------------------

Ok, this is fair, easy to implement, optional and will make things a lot more secure and reliable, while not being a burden to anyone that don’t think they need it (the PIN suggestion). Off course, NONE of this would EVER be effective if number "2" and "3" are not added to the playNC account as well. Also it is obvious that all the security bugs have to be addressed and fixed as soon as possible.

Hope things are clearer now and people can actually have an opinion based exactly on what I suggested in the first place.

As for the other suggestions stated on this topic, since they require additional programs (e-mail clients and all) and time consuming activities I would REALY be against them.

Latter.

Eragon Dragonslayer · Sep 27, 2006, 05:06 AM // 05:06

ok....but if we have a PIN thingy make it something we can click on screen and make sure the numbers move around like runescape...that way theres no possible way for them to see what we are clicking

Thorin Monk · Sep 27, 2006, 05:10 AM // 05:10

/signed , happened to me too, I know how it feels

Zui · Sep 27, 2006, 05:26 AM // 05:26

Quote:

Originally Posted by Undivine

To have to make all sorts of confirmations and such just to delete your character is a bit annoying. I suppose if it's optional that's fine, but meh. It seems a bit extreme.

I do like the idea of having an email sent to you if the wrong password is used too many times. Perhaps even lock the account if that happens, requiring the account holder to respond to the email or click a link in it to unlock the account again.

Later

I don't think this will solve the issue either. You see, to access your account they need to know your account name, which in Guild Wars is your email. I highly dbout anyone who hasn't taken the steps to ensure their online security is going to have a different email and guildwars account password...

Which just puts us back at square one, because it wouldn't actually solve anything. The only thing that will consistently solve the issue is people taking perfectly reasonable precautions to ensure their own online security... Somthing that most people are unwilling to do, because they are ignorant, stupid, or are simply lazy.

Scavenger Rage · Sep 27, 2006, 05:30 AM // 05:30

Quote:

ok....but if we have a PIN thingy make it something we can click on screen and make sure the numbers move around like runescape...that way theres no possible way for them to see what we are clicking

Ok Eragon, even I got to say this a is a little too much for an online game.

These kinds of measures are expensive and time consuming for developers, and even thought I would love to agree "everything is possible", the little green paper notes tend to tell me otherwise. All the suggestions I made where based on availability for the developers to implement without much trouble, and this one is not.

On most cases, a simple password is enough to maintain a sustainable level of security. In GW (and other online games), since we are dealing of SO MUCH valuable accounts, a second and more complex system is required, but we gotta avoid exaggerations like the one you suggested. In a gaming scenario, I think these steps I stated are enough.

Just to be clear, I am not shutting your idea out, I just don't THINK it is the way to go with the suggestions I made, way too outrageous for the needs the GW user’s have.

Latter.

bigwig · Sep 27, 2006, 05:32 AM // 05:32

I wish people would take responsibility for letting someone figure out their password, instead of making anet spend time on idiot-proofing character deletion.

Shadowfrost · Sep 27, 2006, 06:08 AM // 06:08

Quote:

Originally Posted by Nightsear

Hell no, I don't want to keep confirming my Email just to delete PvP characters.

*sigh*

Has anyone though of just doing this for PvE characters only?

i.e you can just delete a PvP character easily, but you have to access your email for a PvE character.

Maybe we could even restrict it to PvE characters level 3 or above that need emails, or a pin/password or whatever.

Hockster · Sep 27, 2006, 06:49 AM // 06:49

/not signed

The game is already too idiot proofed. There's far too many clicking Yes 5 times, or confirming decisions over and over as it is. Yes it sucks to lose your account. But the simple fact is the only way to realisticaly brute force someones password is if that password was stupidly simple.

Dumbing down an already simple game......no thanks.

Sorcha ravenlock · Sep 27, 2006, 07:47 AM // 07:47

/signed

An optional lockdown option would be great. That way PvP characters, and trying-things-out characters can be deleted and remade to the player's heart content without problems. And favorite, long time characters can be locked down by the player and will need email verification to be deleted.

manitoba1073 · Sep 27, 2006, 07:58 AM // 07:58

/MEGA SINGAGE

for those who isnt in the know, ppls accounts were hacked through anets own servers. im guessing guinivere was one of them. it happened to alot of ppl. so first dont assume they werent carefull enough on there own. theres no security that would have prevented it other than this idea of being able to lock down chars. hope u guys feel better now on blaming others for there mis fortunes. there was even announcement on anet and here about it if u dont believe me http://www.guildwarsguru.com/forum/s...php?t=10048864

bigwig · Sep 27, 2006, 08:15 AM // 08:15

Yes, and in that same post, gaile gray stipulated some of the ways people can avoid accounts being stolen etc.

Theres no security that would be able to stop someone who has already hacked your account from deleting your characters. If they know your account name then, having to retype in your email is useless, if they already know your password, then having to retype in your password is useless.