A Vault (a kind of storage with password)

N1ghtstalker

N1ghtstalker

Forge Runner

Join Date: Dec 2007

E/

hi,

i see people fearing for being hacked and lose all their precious items
so i thought about this: why not make a Xunlai Vault service for players for them to keep their high end items in
the vault would only be accessable with a password the person makes while purchasing his vault account

now i know this sounds like a cheap lie for extra storage but make this a small vault like one window of your xunlai storage
players wouldn't have to fear anymore of their precious weapons of ecto's if they put it in this vault
also money could be put in this vault
for an example: a large amount of money like 150k in the vault and a small fee of 5k in your xunlai for fast access for small purchases

for the extra safety measures purchasing a vault account wouldn't be just 100g but i thought maybe something of 5-10k for opening a vault account

idea's and oppinions pls

jiggles

Desert Nomad

Join Date: Sep 2007

N/

Simply add it to the current storage?

Anet isnt going to go through all the trouble of making a brand spanking new vault with a password when theres already a decent storage system

nice idea though, so ill /sign if we dont have to pay for it

N1ghtstalker

N1ghtstalker

Forge Runner

Join Date: Dec 2007

E/

the vault would be just like the storage, just a chest but can only be opened with the password you set on it

Felixious

Frost Gate Guardian

Join Date: Mar 2008

Sweden

W/

Just wait for all the QQ threads with "OMG I LOST PASSW0RDZ AND MY R9 TORMENTED SCYTHE IS IN THERE OMG OMG PLEASE HELP ME!!!!!!!one!!eleven!!oneone!!!? "

Yeah. I guess it could be of use.
/Sign

Molock

Desert Nomad

Join Date: Sep 2006

Qu??bec

Legacy of Angels [Halo]

E/

/signed
There would need to be a decent password retrieval system though, not sure how that would work.

N1ghtstalker

N1ghtstalker

Forge Runner

Join Date: Dec 2007

E/

Quote:
Originally Posted by Molock
/signed
There would need to be a decent password retrieval system though, not sure how that would work.
send a retrieval code to the owners email adress maybe

Lykan

Lykan

Forge Runner

Join Date: May 2005

StP

R/

This doesnt have a chance of being implemented because then they would be admitting there is an account hacking problem, which they wont.

TheRaven

TheRaven

Desert Nomad

Join Date: Sep 2006

Virginia

Spirit of Elisha

W/

Possible idea for GW2 but too much coding for GW. However I really don't think this will help much against hackers. If you have a keylogger and got hacked that way then your vault isn't secure either.

If you lose your vault password then what? Send an e-mail to retrieve? Well the hacker already knows your e-mail address and probably has the password to that as well.

NeonXero

NeonXero

Lion's Arch Merchant

Join Date: Jan 2007

Pennsylvania

Leaked Aggression [grr]

D/W

Quote:
Originally Posted by TheRaven
Possible idea for GW2 but too much coding for GW. However I really don't think this will help much against hackers. If you have a keylogger and got hacked that way then your vault isn't secure either.

If you lose your vault password then what? Send an e-mail to retrieve? Well the hacker already knows your e-mail address and probably has the password to that as well.
Quoted for Truth.

This system seems to have a little bit too much fail in it to be implemented.

inchoate

Ascalonian Squire

Join Date: Sep 2005

Psycho Titans

E/R

There's no such thing as a hacked account. Evil-doers get onto other people's accounts by tricking the password out of them.

To my mind, if you're stupid enough to give your password to anyone you deserve to have your 'precious items' stolen.

/Notsigned

Trader of Secrets

Jungle Guide

Join Date: Jun 2006

I think this would fail. I think if someone did hack into your account they would be smart enough to also get the pass into the storage also. The only real solution would be account protection.

not signed

Elder III

Elder III

Furnace Stoker

Join Date: Jan 2007

Ohio

I Will Never Join Your Guild (NTY)

R/

just give us another "section" to the current storage system; ie. 5 instead of 4 and call it good imo

HawkofStorms

HawkofStorms

Hall Hero

Join Date: Aug 2005

E/

Quote:
Originally Posted by Felixious
Just wait for all the QQ threads with "OMG I LOST PASSW0RDZ AND MY R9 TORMENTED SCYTHE IS IN THERE OMG OMG PLEASE HELP ME!!!!!!!one!!eleven!!oneone!!!? "
^that
/notsigned
People are idiots, especially people who get their accounts hacked because they often use the same e-mail/password for everything. Too many people would forget their vault password or just make it the same as thier account password (defeating the point).

Turbobusa

Forge Runner

Join Date: Jan 2006

By the Luxon Scavenger

The Mentalists [THPK]

N/

I'd use that.

NumberOfTheBeast

Ascalonian Squire

Join Date: May 2008

W/

/signed

1234567890

El Presidente

El Presidente

Forge Runner

Join Date: Nov 2005

Lookout Post #1, Andes Mountains

Custer Was Ganked [7th]

R/

Quote:
Originally Posted by inchoate
There's no such thing as a hacked account. Evil-doers get onto other people's accounts by tricking the password out of them.

To my mind, if you're stupid enough to give your password to anyone you deserve to have your 'precious items' stolen.
QFT

/not signed

NYC Elite

NYC Elite

Frost Gate Guardian

Join Date: Feb 2007

A/

/signed if it will just be a PIN code or something that you click on screen. If for some reason a person gets their account stolen, at least give them a second chance.

FlamingMetroid

FlamingMetroid

Jungle Guide

Join Date: Sep 2007

standing on your last control point, while the rest of your team is to busy killing mine

The Luminaries [Lumi]

A/

/notsigned
people should learn to fail less

pamelf

pamelf

Forge Runner

Join Date: Aug 2006

Australia

Lost Templars [LoTe]

Me/Mo

previously i wouldn't have signed this, but with the amount of people apparently being Brute Force hacked these days I definitely think it's a needed addition.

/signed

Maria The Princess

Maria The Princess

Forge Runner

Join Date: Mar 2006

Aequitas Deis

this is way overdue, i played another MMO and there the storage had a pasword. when one of my friends got hacked (they had a crappy security sytem) he lost everything he had on his character, armor weapons etc, but he kept his wealth to rebuild his character cuz hacker couldnt get in his storage.

and for forgotten password... how about "forgot password" button and you answer to a private question you make up yourself?

/signed

MisterB

MisterB

Furnace Stoker

Join Date: Oct 2005

Planet Earth, Sol system, Milky Way galaxy

[ban]

W/

No.
If there is an exploit or security vulnerability, then ANet needs to address account security and fix the problem rather than diminish damage done as a result of a security breach. If people are failing to address security themselves, this won't be of use(they'll just use the same password as log in), and will generate more support tickets.

Maria The Princess

Maria The Princess

Forge Runner

Join Date: Mar 2006

Aequitas Deis

^^ well storage passsword would be a quik fix, they oviously cant handle account security properly since we see more and more accounts being hacked, so how about we could just feel a tad safer? i mean, why do we have to be punished, while they could at least use this "quik fix" to hold us off untill we get a decent security system. the messege on login screen "account safety dont give your password" is not a real theft protection.....

jackers1234

jackers1234

Frost Gate Guardian

Join Date: Jun 2006

My House

N/A

Mo/Me

/signed with the slight change to a PIN that is entered by clicking on the screen, that way keyloggers cant get your vault pass.

Ghostcell

Ghostcell

Krytan Explorer

Join Date: Nov 2006

=VX9=

N/Mo

it wouldn't hurt to see it added to the game, but it does look like it will be too much coding.
anyway /signed

Mystica

Frost Gate Guardian

Join Date: Jun 2005

Germany

[金金金金]

Me/W

Quote:
Originally Posted by inchoate
There's no such thing as a hacked account. Evil-doers get onto other people's accounts by tricking the password out of them.

To my mind, if you're stupid enough to give your password to anyone you deserve to have your 'precious items' stolen.
Will /sign this!

What's next? Enter your social insurance info to access your vault or telefon validation to take items out?

"Dear XXX, we are calling you because you requested to take the following item out of your protected vault.

Fiery Dragon Sword of Tenguslaying
10-19 Fire dmg
12^50
+11% dmg vs Tengu

Please varify the transaction by saying "MKAY" after the beep.

BEEEEEEEP"

Felixious

Frost Gate Guardian

Join Date: Mar 2008

Sweden

W/

Quote:
Originally Posted by Maria The Princess
how about "forgot password" button and you answer to a private question you make up yourself?
What is your favourite movie?

No. As said before, the ones who actually need this would be those who'd probably forget their secret answer, or see another movie and call it their new favourite. Runescape has an owning bank-protection. Let's use that. Yeah.

Proff

Proff

Jungle Guide

Join Date: Jun 2007

How bout just more storage?

Maria The Princess

Maria The Princess

Forge Runner

Join Date: Mar 2006

Aequitas Deis

Quote:
Originally Posted by Felixious
What is your favourite movie?

No. As said before, the ones who actually need this would be those who'd probably forget their secret answer, or see another movie and call it their new favourite. Runescape has an owning bank-protection. Let's use that. Yeah.
Quote:
Originally Posted by Mystica
What's next? Enter your social insurance info to access your vault or telefon validation to take items out?
i understand forgetting PIN, but.....

if a person is too stupid to remember whats the answer to their private question they made up on their own, or put the security PIN the same as their account password, or choose an answer that is something like "who is the american president at this moment" they should uninstall GW, put the computer in its original box and demand a refund.

this function is only to protect players storage, no exaggeration needed.

zamial

zamial

Site Contributor

Join Date: Apr 2006

Usa

TKC

N/

/NOT SIGNED

Your account which is worth far more than any 1 item you own, already has a password on it. If you get/got hacked that is a directly related to 1 of 2 things.

1. You gave someone your password. ( Even a vault will not keep items secured if owner is a moron.)

2. Your account password is not strong enough. This is easy to fix.
make your passwords meet the following requirements:
a) a minimum of 8 characters in length.(the longer the better)
b) use 1 lower case, 1 upper case, 1 number and 1 special character.

A helpful tool brought to you from our friends at M$.
http://www.microsoft.com/protect/you...d/checker.mspx

Lady Lozza

Lady Lozza

Forge Runner

Join Date: Dec 2005

Oz

Angel Sharks

Me/N

The amount of account hacking going on, yes I'd sign this so:
/sign

A further suggestion/separate suggestion -
Instead of typing the character name in order to delete, or in addition to, have a pin that must be entered. Certainly this can be brute forced if the hacker is determine enough, but something tells me most hackers just want to get in and out. This would protect our character which, to be honest, are more important than the ectos and the gold.

Lady Lozza

Lady Lozza

Forge Runner

Join Date: Dec 2005

Oz

Angel Sharks

Me/N

Quote:
Originally Posted by zamial
/NOT SIGNED

Your account which is worth far more than any 1 item you own, already has a password on it. If you get/got hacked that is a directly related to 1 of 2 things.

1. You gave someone your password. ( Even a vault will not keep items secured if owner is a moron.)

2. Your account password is not strong enough. This is easy to fix.
make your passwords meet the following requirements:
a) a minimum of 8 characters in length.(the longer the better)
b) use 1 lower case, 1 upper case, 1 number and 1 special character.

A helpful tool brought to you from our friends at M$.
http://www.microsoft.com/protect/you...d/checker.mspx
Unfortunately a complex password will not protect you from a keylogger, which while virus scans will most commonly pick such things up there are known root kits (Sony DRM anyone?) that hide these nasties even from an anti-virus and anti-spyware packages.

Unfortunately a complex password will not protect you from brute force attacks, it will only slow the hacker down. While I doubt that most GW hackers would waste time on an account that takes a lot longer to hack than someone whose password is "guildwars", those who are serious about their business would have no issue. The best protection from brute force attacks is a non-web based email address you don't use for much else.

Even all of the above will not help if:
1) PlayNC servers have been breeched again, or
2) A hacker is intercepting packages during attempted reconnects (not sure how possibe this is but is has been discussed).

In the end Zamial, security is no simple thing. Everything is vulnerable and you should treat it as such. Added security measures will never be absolutely fool-proof, but it does slow hackers/thieves down, and will make some think twice about doing it.

Thizzle

Banned

Join Date: Apr 2008

Quote:
Originally Posted by Felixious
Just wait for all the QQ threads with "OMG I LOST PASSW0RDZ AND MY R9 TORMENTED SCYTHE IS IN THERE OMG OMG PLEASE HELP ME!!!!!!!one!!eleven!!oneone!!!? "

Yeah. I guess it could be of use.
/Sign
I thought tormented weapons were always r9? Anyway...

/signed.

The Meth

The Meth

Desert Nomad

Join Date: Jan 2007

R/

You have a password on your account. Don't download keyloggers and change your password to something other then 12345 and this idea is useless.

Yuhe Ji

Yuhe Ji

Lion's Arch Merchant

Join Date: Jan 2008

Los Angeles

E/

I guess /signed
People have been getting hacked a lot recently, and it's not because they're doing dumb things (at least that's not what it looks like). Hackers are getting in by brute force, you guys should stop bashing on the people that have been getting hacked.