Concerned: GW accounts can be cracked by simple Brute force attacks?

he has to figure the account name also.

Try reporting it by more than flagging. YouTube basically don't really care if something offends you, but something like this should warrant investigation. The following is a link to report the user for breaching privacy (which is what he'll be doing by stealing your passwords with his keylogger)...

http://www.google.com/support/youtube/bin/answer.py?answer=78346&hl=en_US%3EHelp%20Center%3C/a%3E.%3C/li%3E%3Cli%3E%3Cb%3EInappropriate%20Content:%3C/b%3E%20To%20report%20an%20inappropriate%20video%20 on%20YouTube,%20please%20click%20the%20%22Flag%22% 20link%20under%20the%20video.%20For%20details,%20p lease%20%3Ca%20href=

Thats one hell of a long link I know, but YouTube doesn't want you complaining unless you're a big business, with lotsa money, and have copyright claims.

Scroll down to where it says "continue" (as a link), so you can tell them details about the video.

my password is supercalifragilisticexpeialedocous spelled backwards.

Ok, the video has been removed, but it had about 600 views in 2 days and I hope no one was stupid enough to try the program......

Totally true.

I take it our resident ?chinese? "click this link for free Wii" keylogger-spammer has come up with a new way to get people to run his keylogger.

Dont underestimate Anet. If they can design the self updating system for GW, they can stop a brute force attack.

If this hacking program is legitimate(and not a trojan) The odds are anybody who uses that program is going to have their IP logged and the victims account frozen for 15 minutes. E.G. get nowhere

Trust me, they were.

im noob but brute-forcing is not a possibility. most likely trojan and/or keylogger.

Brute-forcing is simply not worth it, how could people be stupid enough to make their passwords four easy to guess characters? Like "leet" "rape" "sick". Once again shows that only complete retards can be brute-forced.

Brute-forcing is simply not worth it, how could people be stupid enough to make their passwords four easy to guess characters? Like "leet" "rape" "sick". Once again shows that only complete retards can be brute-forced.

This is pretty epic fail.

Do you realize how many valid password combinations there are? Obviously, if you have a generic password like "123" or "cheese", then of course you'll get hacked. But let's say you use 8 letters in your password and use alpha-numeric lettering... then that's 8 to the power of (36), there being 36 people combinations. Yup, that comes up to roughly 3.25 times ten to the 32nd. Ouch.

So yes, you can brute-force an account with an easy password (one that might take under a decent amount of tries), but that would be your own fault for such an easy password.

There is 3125 possible combination if you use a 5 letter password and correct me I am wrong, the guild wars password is case sensitive.
And if you want to be safe, by yourself a french keyboard, that way he won't be able to reproduce the accent (well it will take him a lot more time if you can input accents).

Nothing can stop a brute force attack. All you can ever hope to do is slow it down enough that the payoff isn't worth the effort.

not all bot runner/hacker/bad people are Chinese....

That's another reason we should be able to change our emails in the login screen...

No, but this guy has his site hosted on a chinese site. That, of course, doesn't necessarily mean he's chinese himself, hence the "?".

I suspect by far the best bang-for-buck method to break into accounts is to use modified dictionary attacks, rather than pure brute force; this being that quite a lot of people will use simple words, or sequences of words, possibly with some trivial character replacement, and think they're OK. While this gives only a modest probability of breaking into any one person's account, if you try enough you probably will get a few.

Chances are the number of tries will be large enough ArenaNet will still notice though. You're having to send requests to a server, so it'll still be a slow process, even if an order of magnitude faster than raw brute-force.

Agree, I find it bonkers that you can't change your game account login name but you can change your PlayNC account name.

For passwords I generally headbutt my keyboard and save it as a .txt file with a stupid unrelated name. Works for me !

I'm going to be a real nit-picker here, but, a school's e-mail address is always .edu, not .com. (Well, every school me and my 'net friends have ever been to was.)

All you really have to do is put numbers in your password, and you're semi-safe. D:

Hell, my password uses both letters and numbers, AND the word(s) involved are not in the english dictionary.(Hell, it/they may not be in any dictionary.) I'm pretty frickin' secure, lol.