Character Locked = Undeletable. Then... what would you do? [Pics included]
5 pages • Page 3
K
Quote:
|
Originally Posted by Age
/Signed .I don't care as I know someone who had their account hacked twice and had to redo all their char again.I don't want that going through all camps again.
|
IMO, if you are dumb enough to get phished or download a sketchy 3rd party program, you deserve to lose your account.
T
Quote:
|
Originally Posted by Kanyatta
IMO, if you are dumb enough to get phished or download a sketchy 3rd party program, you deserve to lose your account.
|
The only thing that concerns me - is if one of my mates turn into a total divv, or someone guesses my Accname/Pass.
M
/signed
And I've another suggestion: hide the account name (email) on logging screen. If some badguy install a keylogger on my computer he would be able to do a screen capture and then have both email AND password.
So, just hide our emails, there would be a big security boost.
And plz, dont say things as "the user made a fault because his firewall/antivirus/antirootkit/antispyware/windows update/etc wasnt up to date".
We're talking about Microsoft Windows. We, gw players, arent security professionals, and cant have a hack proof system. Just impossible, security != windows in my humble opinion. Do you have ever heard about 0 day exploit ?
Plz hide the email.
Account: *******************
Password:
Thanx
And I've another suggestion: hide the account name (email) on logging screen. If some badguy install a keylogger on my computer he would be able to do a screen capture and then have both email AND password.
So, just hide our emails, there would be a big security boost.
And plz, dont say things as "the user made a fault because his firewall/antivirus/antirootkit/antispyware/windows update/etc wasnt up to date".
We're talking about Microsoft Windows. We, gw players, arent security professionals, and cant have a hack proof system. Just impossible, security != windows in my humble opinion. Do you have ever heard about 0 day exploit ?
Plz hide the email.
Account: *******************
Password:
Thanx
Quote:
|
Originally Posted by Kanyatta
Basically, read what Gaile said, if you are smart with your info, don't do anything against the TOS or EULA, you will be fine with your account.
IMO, if you are dumb enough to get phished or download a sketchy 3rd party program, you deserve to lose your account. |
Nobody can see your password, it's always hashed, like ***************
I don't think it's practical or necessary to hide the user name, because that's a very small part of access. Your unique and complex password is by far the greater measure of security and unlike some password protocols, the one in Guild Wars allows a good number of symbols and numbers so you can make it very unique and very complex.
Consider: Players requested we save (in the log-in screen GUI) the name of the account that was most recently accessed, so that everyone could avoid having to input that user name every time. It was a nice little addition, and I think everyone approves. However, many people have multiple accounts (I have nine) and they need to see which account they're accessing. Therefore, in my opinion, hashed user names would not be practical and, again, I don't think that would be necessary.
I don't think it's practical or necessary to hide the user name, because that's a very small part of access. Your unique and complex password is by far the greater measure of security and unlike some password protocols, the one in Guild Wars allows a good number of symbols and numbers so you can make it very unique and very complex.
Consider: Players requested we save (in the log-in screen GUI) the name of the account that was most recently accessed, so that everyone could avoid having to input that user name every time. It was a nice little addition, and I think everyone approves. However, many people have multiple accounts (I have nine) and they need to see which account they're accessing. Therefore, in my opinion, hashed user names would not be practical and, again, I don't think that would be necessary.
M
The password cant be seen. It can be keylogged.
The email cant be keylogged. It can be seen, thus captured by prtscreen (near f12 on my keyboard).
Both tasks can be done easely. Far more easiest than hacking our computers... And every day thousands of computers are infected by different kind of malwares.
Plz consider my suggestion farther.
ps: for multiple account users, generic hidden names "account 1", "account 2".., could be used. Many solutions to solve this problem. Ive heard so many stories about hacked account (especially in pvp, while you must join Vent/Ts servers and give away your IP to unknown administrators). Every time somthing unusual happends on my comp I ask myself "Will my account be still there ?".
With hidden accounts, it would be much more difficult to steal an account that way.
The email cant be keylogged. It can be seen, thus captured by prtscreen (near f12 on my keyboard).
Both tasks can be done easely. Far more easiest than hacking our computers... And every day thousands of computers are infected by different kind of malwares.
Plz consider my suggestion farther.
ps: for multiple account users, generic hidden names "account 1", "account 2".., could be used. Many solutions to solve this problem. Ive heard so many stories about hacked account (especially in pvp, while you must join Vent/Ts servers and give away your IP to unknown administrators). Every time somthing unusual happends on my comp I ask myself "Will my account be still there ?".
With hidden accounts, it would be much more difficult to steal an account that way.
Quote:
|
Originally Posted by ManiSan
The password cant be seen. It can be keylogged.
The email cant be keylogged. It can be seen, thus captured by prtscreen (near f12 on my keyboard). Both tasks can be done easely. Far more easiest than hacking our computers... And every day thousands of computers are infected by different kind of malwares. Plz consider my suggestion farther. |
Quote:
|
Originally Posted by ManiSan
The password cant be seen. It can be keylogged.
The email cant be keylogged. It can be seen, thus captured by prtscreen (near f12 on my keyboard). Both tasks can be done easely. Far more easiest than hacking our computers... And every day thousands of computers are infected by different kind of malwares. Plz consider my suggestion farther. ps: for multiple account users, generic hidden names "account 1", "account 2".., could be used. Many solutions to solve this problem. Ive heard so many stories about hacked account (especially in pvp, while you must join Vent/Ts servers and give away your IP to unknown administrators). Every time somthing unusual happends on my comp I ask myself "Will my account be still there ?". With hidden accounts, it would be much more difficult to steal an account that way. |
M
"all you need is the addy and or password to access the server"
When i launch my Ts server i can use Etheral to know other players IP... Every admin can read the log files, thats common sense..
@Gaile: no, I, and most of us, dont use third party programs. Im talking about worms, like Blaster. It infected millions up-to-date computer by exploiting an OS vulnerability, in a few hours. Other worms still exists, and smart hijackers wouldnt send them "nowhere", but only to interesting targets (computer no owned by Symantec, with a GW player speaking on a Vent server...). Thats what I would do if I had a unknown worm and wanted to make money with... and keep it still unknown.
By the way, you arent bored to type and retype an email address each time you log another account ? A menu like the district choice wouldnt fit better ? Im sure you would love that update
When i launch my Ts server i can use Etheral to know other players IP... Every admin can read the log files, thats common sense..
@Gaile: no, I, and most of us, dont use third party programs. Im talking about worms, like Blaster. It infected millions up-to-date computer by exploiting an OS vulnerability, in a few hours. Other worms still exists, and smart hijackers wouldnt send them "nowhere", but only to interesting targets (computer no owned by Symantec, with a GW player speaking on a Vent server...). Thats what I would do if I had a unknown worm and wanted to make money with... and keep it still unknown.
By the way, you arent bored to type and retype an email address each time you log another account ? A menu like the district choice wouldnt fit better ? Im sure you would love that update
Quote:
|
"all you need is the addy and or password to access the server" When i launch my Ts server i can use Etheral to know other players IP... Every admin can read the log files, thats common sense.. |
Quote:
|
Originally Posted by Mangione
About attention, I hope this will gain some, but: does Anet ever looks in Sardelac, home of the wackiest ideas? |
/signed x3
I can't understand why people are trying to place responsibility for their own computer's security on ANet's shoulders. If your computer has a virus/worm/trojan, whatever, and it gets a hold of your logon info, it's the user's fault for not having appropriate security in place. If there's a vulnerability in Windows, then you should be complaining to MS and/or making sure to have all the updates.
The *only* suggestion I could make would be to have the game use a virtual keyboard, on-screen, to enter the pw with, thereby eliminating the ability of a keylogger to to grab it. I've seen some bank websites use this, and it seems to help. Either way, if someone can get into your account, regardless of whether they can delete your characters or not, they can still sell your items and transfer the gold...
The *only* suggestion I could make would be to have the game use a virtual keyboard, on-screen, to enter the pw with, thereby eliminating the ability of a keylogger to to grab it. I've seen some bank websites use this, and it seems to help. Either way, if someone can get into your account, regardless of whether they can delete your characters or not, they can still sell your items and transfer the gold...
L
S
