What do you think of logging in XTH with your real GW account?

how about just not using it if your worried about it?

Its always been the same login for me. QQ.

I don't care. Seriously this thread is just grasping at straws for something else to whine about.

All of this assumes that a., the people running the website are completely inept, b., that someone would care enough to actually steal accounts, and c., that yours would be one of the ones affected.

I can sort of see the problem that you want to help your friend enter picks, but he doesn't want to give you his private password. So use this as a trust-building exercise with your friends, or take a screenshot of your picks and have them enter them themselves, or let them think for themselves. It's pretty much a non-issue.

I understand your security concerns but the new XTH is really alot more secure than the old one. It uses the same authentication technology as Guild Wars uses ingame, that is, the client and server each chose a seed/token to initialize the key that changes between each packet, and on top of that the site uses a secure connection.
The old site used to have a few flaws so ArenaNet decided to completely revamp it which greatly improved the security for every player.

As for the person asking about logging in to their friends XTH account, you aren't supposed to share your friends account anyway, each player is supposed to vote on their own to get their XTH rewards.

Doesn't bother me more than that.

--> Hacked Accounts

I'm sure ANet know's what their doing and can "secure" their website, and wouldn't be making this change if they didn't. Besides, I'm pretty sure 99% of accounts are "hacked" because the user fails to secure their own computer and not download off of suspicious website, use a good password and keep it secret (not let people on their accout), buy accounts, etc...

Although I'm not sure if I'll keep using the reward points predictor.

Its just funny because when you sign up (prior to update) for the Xunlani house Anet said SPECIFICALLY "DO NOT use you're in-game account login/password" or however it was worded.

I guess its fine, but there was nothing wrong with the old login method, PERHAPS so many people forgot their pass that their automated password recovery system can now be retired or whatever I dont know how this would be beneficial.

So what happend to our old login email/pass for the xunlai house, disguarded?

If you don't visit the in-game store, you can change your email address login for GW. Once you've bought something from the store, you can't, it's fixed. Will using my login details for the new XTH work the same way - will my login address for GW be fixed if I use it?

As much as I like the game, I really don't think ArenaNet knows what they're doing in terms of security.

Maybe you haven't noticed/weren't around. But one of the updates to the game was that they added login timeouts. That is, the more times you get your password wrong, the longer it takes to verify. Does the website have something similar, or could someone take my email address and just hammer away at my XTH account? I don't know, the details aren't listed.

One of the other updates was changing the login error. If you mistyped your email, it said "oh hey, we don't know that email." If you mistyped your password, it said "password incorrect." This is really really basic in terms of logins. Don't give the person information that would help them narrow it down. If they try an email address and get a hit, then they can focus on password. If they try an email and it fails, no need to bother with the password. As I've said, this has since changed. But it changed after years of being just as I described.

As stand alone issues, these are pretty small. But they're big indicators that ArenaNet doesn't focus much on account security, until someone else pokes them and says "hey, this isn't a good idea."
How is logging into the XTH for a friend any different than saying just "vote for these guilds"? That's not account sharing, the only thing was that a step was being skipped where the actual account holder moved the names to the little boxes.

That said, I agree with pinguinius' second paragraph on the subject (in other words, I wouldn't call it account sharing, but I also wouldn't call it a significant problem).
Missed the point. My Guild Wars login details are now web accessible. Whether I use the Xunlai Tournament House or not, my login and password now have another way to be compromised.

Do I think that someone would target my account specifically? Probably not. But if someone can automate the process to break into random accounts, it's possible. Especially since the items I have in game can be sold for real world money.

This is just a game, so if my account was broken into and everything traded off to another account, I wouldn't lose anything tangible. But it'd still make me a very sad panda.

Yep, interesting that.
I don't use the same things for games, websites, etc. in any case. This will be easier to remember, but still it's weird they would say that then change it.

Damn, well just gave that a try and there doesn't seem to be a limit for password attempts, but at least it doesn't tell you whether it's the password or e-mail that's wrong.

Way too insecure to use it anymore. I won't be risking a few zaishen keys for my whole account anymore...

Erm, if it's secure thats fine. I'm worried about another 'hacking' incident where someone hacks 1 site and gets the pw, then brute forces them against gw to hack your account. That's what happened last time, and I'd prefer to keep all my pw different now.

i like this update to XTH.

This.
It isnt the first game to use account pw's on a website and it wont be the last.
Move along please.

Wow there is a lot of QQ conspiracy theory going on in here. ArenaNET provides a great layer of security for your account, just as much as any other game or bank provides, and anything above and beyond that is your own responsibility.

Of course all of your accounts are already compromised with the NCsoft account everyone got to get their free pane, so who cares?

http://www.guildwars.com/gameplay/pv...ment_house.php

"Using the Guild Wars authentication technology, we have increased the security on the site so that logging into the Xunlai Tournament House is now as fast and secure as logging into the game. At the login screen, simply enter your existing Guild Wars account name and password—no need to register separately. Remember, you should only enter your Guild Wars account name and password at a site that shows HTTPS://www.guildwars.com/ in your browser's address bar."

HTTPS:// is a plus. I wonder if this was in response to the double point thing or that hacked account issue from a few months back?


I do like XTH V2 though - Good Job ANET!