 |
|
Dec 10, 2009, 04:07 AM // 04:07
|
#1 |
|
Ascalonian Squire
Join Date: Mar 2009
Location: Northwest US
Guild: OLD Old Fart gamers alliance
Profession: R/
|
an idea anet should consider to counter the hacks
Tonight, one of my guild members was hacked. He's not a dummy with computers and he's very careful with passwords. Long story short, we reviewed what we could over what we could find and it seems as many have suggested, that his master Anet account was compromised. I took a look at my own (changing the password for the millionth time) and realized a few things:
1. no matter what, you can't change your login email for the game if you've purchased anything online. 2. the Anet password is purely alphanumeric and can only be 13 characters. I know this is obvious but through this, I have one suggestion that might just eliminate this problem. First, hide the email address used for logins. As we own the accounts, it's obvious we know the email used. I think Anet should hide that information in that profile. Just blank it out, simple as that. At least if the account is compromised within the Anet site, they'll only have the password, not the email. From where I sit, this should hopefully stop the hacking of accounts. Secondly, the passwords should be able to be longer and alternate characters used to slow the brute force hacks used so often in this type of situation. I'm not sure if this has been suggested by anyone but I figured I'd give it a shot and post it here. If these two changes can be implemented, at least it'll give us SOME protection. Which is far better than it seems we have now. As for my guildie, he's waiting for word back on if he can access his account. It was confirmed he was nailed by a Gold seller for sure. I think everyone is getting a bit tired of the canned reply of 'it has to be a keylogger or spyware.' I think with all that's happened recently with so many, other variables in this equation need to be considered. I sincerely hope that the support staff that frequents this site reads the horror stories that have been posted here and actually looks into this issue instead of whitewashing it and hoping it'll fade. It seems to be getting worse by the day. Anyway, I'm curious of the reactions of all of you from the community on this idea. Thanks for taking a minute and reading my suggestion. |
|
|
|
Dec 10, 2009, 04:25 AM // 04:25
|
#2 |
|
Grotto Attendant
Join Date: Apr 2007
|
Marvin Alito has suggested hiding the GW login a million times already.
Gaile has been trying for YEARS to get things changed so that the login can be changed, but NCSoft just won't do it. |
|
|
|
|
Dec 10, 2009, 04:57 AM // 04:57
|
#3 |
|
Wilds Pathfinder
Join Date: Aug 2007
Location: SATown~Tx
Guild: Guild Hopper!
Profession: R/
|
Money.
12char. |
|
|
|
|
Dec 10, 2009, 05:08 AM // 05:08
|
#4 |
|
Forge Runner
Join Date: Mar 2008
Location: Wolfenstein: Goldrush
Guild: Zombies Go Nom Nom [Nom]
Profession: N/
|
Close GW down.
No more hacks. As far as super long passwords with random numerics, it's just unconventional. I tried it and wrote it down and spent 2 minutes typing the damn thing in. Maybe not make it so someone can try endlessly to brute force the password, it gives no warning message, no cooldowns or anything. |
|
|
|
|
Dec 10, 2009, 05:19 AM // 05:19
|
#5 | |
|
Forge Runner
Join Date: Jan 2007
|
Quote:
And the hard to know passwords are not unconventional. If you want to get hacked and lose 4+ years of content you built up, be my guest. Lemme know how empty you feel afterwards. |
|
|
|
|
|
Dec 10, 2009, 07:11 AM // 07:11
|
#6 |
|
Wilds Pathfinder
Join Date: Jun 2009
Profession: N/A
|
If Gaile has been trying to get the password changed for years, I assume that vulnerabilities have been known for just as long.
So WTF has all this only been brought up in the past several weeks. And why is it being brought up AFTER ANet blackmailed the playerbase with the 4th anniversary storage pane? Why even do this to players if they know how unsafe this NCSoft garbage was? |
|
|
|
|
Dec 10, 2009, 07:35 AM // 07:35
|
#7 |
|
Forge Runner
Join Date: Feb 2007
Location: Las Vegas
Guild: Enraged Whiny Carebears [oR]
Profession: W/E
|
maybe there's nothing wrong with anet's security, rather certain conditions and security issues with email providers. hint hint. wink wink.
how long have i been hinting at this idea in threads like this, and everybody's still confused as hell? |
|
|
|
|
Dec 10, 2009, 08:59 AM // 08:59
|
#8 | |
|
Forge Runner
Join Date: Mar 2006
Location: Mableton, Georgia
Guild: Guild Ancestors Reunited [ギルド]
|
Quote:
I know SO many people who are unbelievably security-savvy and yet their accounts were hacked. I completely blame the lack of security of PlayNC. Plain and simple. End of story. @ aNet: if you want hackings to be reduced to an absolute minimal then I recommend to simply send a 1kb email asking "yes" or "no" if they want their password changed. Seriously... It's now that hard. :\ |
|
|
|
|
|
Dec 10, 2009, 11:47 AM // 11:47
|
#9 |
|
Jungle Guide
Join Date: Apr 2008
Guild: [bomb]
|
I think it will not help much. I would much prefer more security on accessing the account than on the items inside it. If you put too much blockades here and there you will just hamper the gameplay.
Last edited by Shasgaliel; Dec 10, 2009 at 11:50 AM // 11:50.. |
|
|
|
|
Dec 10, 2009, 12:25 PM // 12:25
|
#10 | |
|
Grotto Attendant
Join Date: May 2005
Location: The Netherlands
Guild: Limburgse Jagers [LJ]
Profession: R/
|
Quote:
Still, I'd like to see some changes in the security system too. |
|
|
|
|
|
Dec 10, 2009, 12:42 PM // 12:42
|
#11 | ||
|
Jungle Guide
Join Date: Jun 2008
Location: Australia, what you want my home address?
Guild: [CAT]
Profession: Mo/
|
Quote:
Quote:
I don't know why ArenaNet/NCsoft even bothers paying expert security consultants, I mean, it doesn't seem to be helping and there are all these free experts they could utilize in the fan forums. |
||
|
|
|
|
Dec 10, 2009, 12:56 PM // 12:56
|
#12 |
|
Banned
Join Date: Sep 2009
|
I'm one of those who was stupid (uninformed) enough to get the free storage pane.
You should be required to know the existing password in order to change it. I can't believe it's as easy as type in a new one and own the account. |
|
|
|
|
Dec 10, 2009, 05:07 PM // 17:07
|
#13 |
|
Furnace Stoker
Join Date: Sep 2008
Location: orlando,florida
Guild: Society of Souls [Argh]
Profession: Rt/E
|
1) anet will never admit its their fault.
2) anet will always say its your fault. 3) anet will never listen to our subjestions. 4) anet doesnt have someone in house smart enought to get rid of all gold sellers. so nothing we can do but hope gw2 is at least better protected then our gw1. 
|
|
|
|
|
Dec 10, 2009, 09:05 PM // 21:05
|
#14 | |
|
Wilds Pathfinder
Join Date: Nov 2007
Guild: Still looking
Profession: Rt/
|
Quote:
/notsigned- I'd much rather have a confirmation email if my password is changed. |
|
|
|
|
|
Dec 11, 2009, 08:08 PM // 20:08
|
#15 | |
|
Krytan Explorer
Join Date: Sep 2008
Profession: E/
|
Quote:
Unless they fix it for GW1, nothing will happen. |
|
|
|
|
 |
|
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT. The time now is 08:00 AM // 08:00.
jQuery(document).ready(checkAds()); function checkAds(){if (document.getElementById('adsense')!=undefined){document.write("_gaq.push(['_trackEvent', 'Adblock', 'Unblocked', 'false',,true]);");}else{document.write("