Love it!
now if I can remember my mule acc chara.. (got it in my head.. but between 5 possible combo :P)
Update - Tuesday, December 22, 2009
Evil_Necro
Phineas
Quote:
|
Originally Posted by Miss Drops Az
words... At best my typing is poor... more words
|
OT: At least if you get hacked now then it is most likely by someone you know! Chances are that the login email address is the same used for msn, guild forum, or what-have-you. Those guys know your char names.
naughteblonde
Personally Im pleased. Though I hope this wont be the total of their efforts to provide greater security, the fact they are displaying that it is being taken seriously and measures are being taken to ensure we have a higher level of trust and safety is a comforting thought.
BogusDude
Since the automated passwords are jumbled up meaningless characters i keep a text document with my account details on and simply copy/paste the details as i login in. My system is pretty well setup security wise to avoid keyloggers and the e-mail address for my main acc can't be found anywhere on the internet, but its an extra personal safety measure and saves time on typing.
go cubs
Anyone else notice how now, after you log in, it goes to the character you typed in instead of the character you were on last? Maybe it was just me but that's odd
MarkusParkus
Good Idea Anet..... BAD IDEA ANET For Not Telling Us This Was Happening So We Could Write Down Our Char Names First!!!!!! 
snowman relic
sadly this is a QQ i now feel like i have been hacked by anet a hidden account of mine full of tons of money and rare items is gone because i dont remember the characters name (only one) so now i have lost a good chunk of time gj anet are you trying to discourage us from buying gw2?
sterbenx2
The whole Idea is just bad. So many players are not going to remember these names. I had a BIT of difficulty remembering ONE name on my second account as I don't use it often and the names I choose were just quick type in "whatever" names. We should be allowed to turn this off seriously.
ebstjohn
Quote:
|
Originally Posted by Hissy
You people just aren't getting it. It helps stop people stealing your account via NCsoft master accounts. It's way harder for them now, because they'll have to work hard to tie an account name they found on NCsoft... to a forum name and/or a character name.
By the way, do you see any character names under people's account names here? I see 0% not 90%... because it's been removed from the site - and I believe other fansites were requested to do the same. |
The way they have done it the cure is worse than the disease. I'm going to bet that the number of support tickets from this change will exceed the number of support tickets from hacked accounts by 1000X.
Tom Swift
Hopefully this will help avoid account steeling
Ah....
But............
If a hacker does some how manage to get past this the player is in for a much much larger loss than before.
Previously, if someone stole your account all you had to do was ask for a password change to be sent to your email, log in, and take the account back. (at least for a non NC master account linked one - I've never linked mine so I don't know I it works the same way or not) Anyway, if discovered in time and done quickly enough, the player could prevent some theft and save some valuables. Plus, there was no particular reason for the thief to take the time to delete the characters themselves.
Now, however, if the thief does manage to get into your account, they can prevent you from taking it back by deleting all the characters and creating one of their own. Since you no longer know the names of any of the characters, you will not be able to log in and, since you will not be able to log in, your old password will still work on the account ("Please note that your old password will remain valid until you login with your new password." from the change password email sent by ANet). This means, until you go all the way through support, the thief has all the leisure they want to log in and out of your account and to do whatever they want with your account.
I don't know if thieves would actually do this, since the point of many is to take stuff rather than to steal the account itself. But I can't help feeling a bit uneasy about the fact that if the prevention does not work, there is no way to limit damages.
Ah....
But............
If a hacker does some how manage to get past this the player is in for a much much larger loss than before.
Previously, if someone stole your account all you had to do was ask for a password change to be sent to your email, log in, and take the account back. (at least for a non NC master account linked one - I've never linked mine so I don't know I it works the same way or not) Anyway, if discovered in time and done quickly enough, the player could prevent some theft and save some valuables. Plus, there was no particular reason for the thief to take the time to delete the characters themselves.
Now, however, if the thief does manage to get into your account, they can prevent you from taking it back by deleting all the characters and creating one of their own. Since you no longer know the names of any of the characters, you will not be able to log in and, since you will not be able to log in, your old password will still work on the account ("Please note that your old password will remain valid until you login with your new password." from the change password email sent by ANet). This means, until you go all the way through support, the thief has all the leisure they want to log in and out of your account and to do whatever they want with your account.
I don't know if thieves would actually do this, since the point of many is to take stuff rather than to steal the account itself. But I can't help feeling a bit uneasy about the fact that if the prevention does not work, there is no way to limit damages.
Aleta
Quote:
|
Originally Posted by kb2243
I just kicked out while doing a quest. Usually I get the "A new build of Guild Wars is available". That kind of blows.
|
Wish this had been in place before maybe I'd still have two elite armor sets and a whole lot of other things. Like gold, mats, weapons.
But it's a beginning at least.
Riot Narita
Quote:
|
Originally Posted by ebstjohn
People aren't complaining because they disagree with stronger security.
|
Quote:
|
Originally Posted by ebstjohn
What many people have an issue with is HOW the security change was rolled out. They could have easily placed a memo on the log in screen saying: "be sure to write down all the names of your characters. You will need to have them handy for future log in."
The way they have done it the cure is worse than the disease. I'm going to bet that the number of support tickets from this change will exceed the number of support tickets from hacked accounts by 1000X. |
Yes, it could have been better, but I hardly think its "worse than the disease". I personally doubt that the majority of players have multiple accounts, or cannot remember the name of at least one character. LOL @ "1000X"
I'm sure initially, there will indeed be a large number of players contacting support... sucks, but at least its because they can't remember their character name, rather than because "I got an email saying somebody at -insert Chinese IP addresss- changed my password using the NCsoft site".
I'm guessing they didn't want to give the account thieves any warning or time to prepare. They may well have instantly lost a lot of their "assets" due to creating random character names for their gold-selling, that they now can't remember.
If they'd warned the players, how long would they have to wait for everyone to get the message? A week? A month? In that time, the "hackers" might have stepped up their operations... and then we'd see QQ's from people with lost accounts that might have been saved - if only they'd rolled out the change sooner ie. a different (maybe smaller, who knows) group of people going to support then - but the consequences for those people would be far more severe than for people who just need to be told what their character names are.
I'd be pretty mad that if that happened to me, and all because a few people "might" not be able to remember a character name.
Riot Narita
Quote:
|
Originally Posted by Tom Swift
But I can't help feeling a bit uneasy about the fact that if the prevention does not work, there is no way to limit damages.
|
I also wonder if they intend to allow other security questions later, or ones we make up ourselves - after all, the box is labelled "security question" not "character name" or somesuch.
DonCorleoneCS
Not sure if anyone else has posted it in this thread, but since the update if I lose connection I am no longer prompted to reconnect. Anyone else having this issue?
imnotyourmother
look just don't give your info out and stop going to the porn sites to get key loggers and your going to be fine.. but this is an additional pain in the but so kudos for locking me out of 3 of my accounts.
Why? Cause they are storage accounts in presearing.
But my wife knew one name and I put them all into a guild together. so once I got one name...I got them all off of the guild members list. That was smart thinking of me to put them all in the SAME guild eh?
Why? Cause they are storage accounts in presearing.
But my wife knew one name and I put them all into a guild together. so once I got one name...I got them all off of the guild members list. That was smart thinking of me to put them all in the SAME guild eh?
Arkantos
Quote:
|
Originally Posted by Karia Mirniman
No!, you gtfo. I cannot access my storage account.
This change has inconvenienced legitimate players and demonstrated how thoughtless A-Net is. |
Jk Arrow
Quote:
|
Originally Posted by isildorbiafra
Ingame account buyers....whom ussually bot; leech; trade gold online and not to forget hack other peoples account. Things we all know are against the eula. They wont get an ounce of pitty from me.
I would like to c the face of all those chinese gold traders with character names like pq46z4 that try to login today......mega lulz! Mighty blow to the gold traders. Way to go Anet. Weed out the wicked. |
Time to check Bergen Bot Springs to see if it's Hot again...
rohara
Quote:
|
Originally Posted by imnotyourmother
But my wife knew one name and I put them all into a guild together. so once I got one name...I got them all off of the guild members list. That was smart thinking of me to put them all in the SAME guild eh?
|
my naming scheme doesn't help the situation much...try figuring out which account is Chico Crazylastname and which is Chico Sillylastname and which is Chico Funnylastname and which is Chico Prettylastname etc etc etc... (those are totally fake names, obviously, but you get the picture
Nodakim
Quote:
|
Originally Posted by Arkantos
Has it demonstrated how thoughtless ANet is because they implemented an easily remembered security question, or has it demonstrated how thoughtless the players are because apparently some cannot remember their character names on their second account?
|
They should have announced prior to implenting it.
But on the other side hackers have a lot of accounts,meaning they probably lost most of them.
lilDeath
Man, I really LOVE this change! It has been looooooong overdue - 100's/1000's of players have lost their accounts and all their wealth in-game, due to NCSoft's terrible security. Something had to be done, it just so happened to be this additional, intellectual safety measure.
It's a pity some folks cannot remember their char names, but... oh well, life sucks that way I guess. I would not want to know what else they do not take note of (i.e. remember) in their lives.
Only thing ANet maybe could have done better is to do some communication beforehand, but I am really 50/50 on this, since how long is a long enough time to wait for people to see the message? Even then some people may not actually see the message, because . . .
As it turns out and as this thread has shown - You cannot please everyone all of the time.
So, THANKS again Anet! - You did something invaluable (better than the whole Wintersday imo) and it did not even take that long *cough* skill balance update *cough*.
It's a pity some folks cannot remember their char names, but... oh well, life sucks that way I guess. I would not want to know what else they do not take note of (i.e. remember) in their lives.
Only thing ANet maybe could have done better is to do some communication beforehand, but I am really 50/50 on this, since how long is a long enough time to wait for people to see the message? Even then some people may not actually see the message, because . . .
As it turns out and as this thread has shown - You cannot please everyone all of the time.
So, THANKS again Anet! - You did something invaluable (better than the whole Wintersday imo) and it did not even take that long *cough* skill balance update *cough*.
zwei2stein
Quote:
|
Originally Posted by Arkantos
Has it demonstrated how thoughtless ANet is because they implemented an easily remembered security question, or has it demonstrated how thoughtless the players are because apparently some cannot remember their character names on their second account?
|
I mean, what point exactly would there be to be carefull about naming mules? At best you'd name mule toons something like "Weapons Sferferfg", "Weapons Two Otyerwertjh", etc to indicate what it stores, no point going any further. There was nothing whatsovere that indicated that toon name is ever going to be important past invite to guild (copy & paste makes even that point moot)
MagmaRed
I find it sad that people can't remember a character name. I have little sympathy for that. If you are randomly assigning names then it isn't something you care much about anyway. It isn't hard to create storage characters with simple names that are easy to remember.
Although not the best solution, it is a working one, and will do as Ark mentioned. Glad they have stepped up to stop part of the problems while still working on the others.
Although not the best solution, it is a working one, and will do as Ark mentioned. Glad they have stepped up to stop part of the problems while still working on the others.
Arkantos
Quote:
|
Originally Posted by zwei2stein
To be fair, people with mule accounts had no reason whatsoever to remember character names, or to be carefull when maning them: "Ftzkuqw Dqwer" is as good name for mule as any, in fact, i would be mildly annoyed if people with mule accounts named their mules with normal thought-out and rememberable character names, as it would mean that those names would be reserved and not avaiable for others who would actually play so named toon.
I mean, what point exactly would there be to be carefull about naming mules? At best you'd name mule toons something like "Weapons Sferferfg", "Weapons Two Otyerwertjh", etc to indicate what it stores, no point going any further. There was nothing whatsovere that indicated that toon name is ever going to be important past invite to guild (copy & paste makes even that point moot) |
Because it's generally useful to know what your characters name is. If the account is stolen, knowing character name(s) on the account is a viable way of getting it back (I know because it's helped me). You remember a characters name for the same reason you keep your auth key - security reasons.
What ANet did just saved hundreds if not thousands of accounts being stolen. That's a huge step in the right direction. If you don't know your character names, contact ANet and explain. Tell them your auth key (you should have this), tell them the IP address you regularly log onto, etc and there should be no problems. If you find this such a hassle, stop being selfish.
zwei2stein
Quote:
|
Originally Posted by MagmaRed
If you are randomly assigning names then it isn't something you care much about anyway.
|
People who create characters they do not ever intent to play should care about those names? This is day 1 when those names are actually important, and not only importnat, but key to account.
Before that they were helpfull label at best. Not important, not supposed to be important, not even worth consideration.
I have a lot of sympathy for people who like game/are dedicated to it enough that they bought 4+ accounts just for storage. They should be also kind of important to devs, not locked out by unanounced update.
But I guess envy is strong thing, it must feel really good to go /ha-ha on someone who lost lots of work in eyeblink.
---
Update itself is good for security, but fankly, it got "Aneted": for update that can cut off your account access, it did not get communicated early enough. One week in advance could have fixed pretty much all compaints.
Hell, this deserved email one week in advance for each registered player. "Dude, if you want to play GW in future, make sure you remember your character name. PS: log in, it is fun.", Changing log-in method is kind of big deal.
Quote:
|
Originally Posted by Arkantos
Because it's generally useful to know what your characters name is. If the account is stolen, knowing character name(s) on the account is a viable way of getting it back (I know because it's helped me). You remember a characters name for the same reason you keep your auth key - security reasons.
What ANet did just saved hundreds if not thousands of accounts being stolen. That's a huge step in the right direction. If you don't know your character names, contact ANet and explain. Tell them your auth key (you should have this), tell them the IP address you regularly log onto, etc and there should be no problems. If you find this such a hassle, stop being selfish. |
2) Main hack wave is over. You have point, of course, this is going to make it harder to hack in furute. But guess what? Heads-up would not make it less secure, andwould actually help (not to mention assuring people something is being done)
3) Assume less, it make ass of you and me. I am actually able to remember character names, lock out is not my problem ...
joshuarodger
Quote:
|
Originally Posted by MagmaRed
I find it sad that people can't remember a character name. I have little sympathy for that. If you are randomly assigning names then it isn't something you care much about anyway. It isn't hard to create storage characters with simple names that are easy to remember.
Although not the best solution, it is a working one, and will do as Ark mentioned. Glad they have stepped up to stop part of the problems while still working on the others. |
isildorbiafra
Quote:
|
Originally Posted by Tom Swift
Hopefully this will help avoid account steeling
Ah.... But............ If a hacker does some how manage to get past this the player is in for a much much larger loss than before. Previously, if someone stole your account all you had to do was ask for a password change to be sent to your email, log in, and take the account back. (at least for a non NC master account linked one - I've never linked mine so I don't know I it works the same way or not) Anyway, if discovered in time and done quickly enough, the player could prevent some theft and save some valuables. Plus, there was no particular reason for the thief to take the time to delete the characters themselves. Now, however, if the thief does manage to get into your account, they can prevent you from taking it back by deleting all the characters and creating one of their own. Since you no longer know the names of any of the characters, you will not be able to log in and, since you will not be able to log in, your old password will still work on the account ("Please note that your old password will remain valid until you login with your new password." from the change password email sent by ANet). This means, until you go all the way through support, the thief has all the leisure they want to log in and out of your account and to do whatever they want with your account. I don't know if thieves would actually do this, since the point of many is to take stuff rather than to steal the account itself. But I can't help feeling a bit uneasy about the fact that if the prevention does not work, there is no way to limit damages. |
And regardring to what hackers would do? I read on an Aion Forum that hackers not only stole the accounts. They even went so far as to use the accounts for botting. So afther the owner retrieved the account they still got banned for botting; and had to submit another ticket with support to get the ban lifted.
Riot Narita
Quote:
|
Originally Posted by zwei2stein
But I guess envy is strong thing, it must feel really good to go /ha-ha on someone who lost lots of work in eyeblink.
|
Quote:
|
Originally Posted by zwei2stein
Heads-up would not make it less secure, andwould actually help (not to mention assuring people something is being done)
|
It wasn't perfect, but I really think they did The Right Thing.
Quote:
|
Originally Posted by joshuarodger
this also still doesn't help with keyloggers at all. while it is a step, it's still not a very good step.
|
Everyone with an NCsoft master account was dependant on NCsoft's rubbish security, and were vulnerable to an attack that they could do nothing to prevent. GW's security question helps enormously against that vulnerability. "Not a very good step"? I'd call it an extremely good step.
samberum
Hats off to Anet and a job well done!
There finally acted to a panicked player base, the the reason for worry was legit.
Easily remembered my character name and entered the login screen without a hitch.
There finally acted to a panicked player base, the the reason for worry was legit.
Easily remembered my character name and entered the login screen without a hitch.
Arkantos
Quote:
|
1) CD keys (and proper filled out user information) is more that enough to reasser account control. 2) Main hack wave is over. You have point, of course, this is going to make it harder to hack in furute. But guess what? Heads-up would not make it less secure, andwould actually help (not to mention assuring people something is being done) |
Quote:
| this also still doesn't help with keyloggers at all. while it is a step, it's still not a very good step. |
cosyfiep
right after I create a character I take a screenshot---with the ui so I have a record of that character (even if I deleted it later).
At certain times I have also taken screenshots of all of my characters at the log in screen ...mules et.al.
I also added my mules to my friends list so I at least know one name for each of those (not to mention I did spend a considerable amount of time coming up with the names, sorry).
So now to log in I have to enter a password and character name, no biggie....a simple solution that I hope will help out.....though would still wish to de-link my account from the master account!
so this update gets a 7.5...good idea, but a small warning would have been nice (30min would have been sufficient I believe for most ----and just 'we are going to have an emergency outage repair' would have been enough to tell people).
a step in the right direction
At certain times I have also taken screenshots of all of my characters at the log in screen ...mules et.al.
I also added my mules to my friends list so I at least know one name for each of those (not to mention I did spend a considerable amount of time coming up with the names, sorry).
So now to log in I have to enter a password and character name, no biggie....a simple solution that I hope will help out.....though would still wish to de-link my account from the master account!
so this update gets a 7.5...good idea, but a small warning would have been nice (30min would have been sufficient I believe for most ----and just 'we are going to have an emergency outage repair' would have been enough to tell people).
a step in the right direction
Pandora's box
Quote:
|
Originally Posted by MagmaRed
I find it sad that people can't remember a character name. I have little sympathy for that. .
|
Anduin
I am using my brother's old account. I don't have access to the email, no idea what the code was that came with his copy, and even though I use the correct password and character name, it still won't let me in.
They won't respond to my tickets either.
They won't respond to my tickets either.
Tom Swift
Quote:
|
Originally Posted by isildorbiafra
Easy Peasy. Just email support and include a picture of your account key card and your set. Hackers dont have those.
|
Before this you could reset password then log on, kicking the hacker off, and taking back your account immediately.
That is my concern - that if the hacker deletes your characters you can no longer log on to activate the new password. You have to wait for support to get around to you.
Of course, I hope there are other security measures in place.
But the best by far would be to be the option to make characters undeletable, ensuring that no matter what happens you favorite characters will survive and you will at least retain access to the account.
headlesshobbs
Quote:
|
Originally Posted by Tom Swift
That is my concern - that if the hacker deletes your characters you can no longer log on to activate the new password. You have to wait for support to get around to you.
|
Regina Buenaobra
Quote:
|
Originally Posted by Chaosx1
I really wouldn't mind if they gave you a heads up that this update was going to happen, therefore people would know up ahead to remember their character names.
|
headlesshobbs
You have to remember that whatever info is shared with the public can also be shared between criminals, terrorists, and of course HACKERS.
Nobody is under obligation for releasing sensitive info to anyone. What I feel is that anet took the steps which were necessary for keeping our security protected. As long as our accounts stay safe, the negatives have no impact.
Nobody is under obligation for releasing sensitive info to anyone. What I feel is that anet took the steps which were necessary for keeping our security protected. As long as our accounts stay safe, the negatives have no impact.
joshuarodger
Quote:
|
Originally Posted by Arkantos
It helps with keyloggers if you have your character name saved prior to being infected (which is going to prevent many, many stolen accounts). Not a very good step? Only for people who don't remember their character names, who should still be able to access their account if they contact support. For everyone else, it's a step that's going to work.
|
Fay Vert
Quote:
|
Originally Posted by Regina Buenaobra
If we have given players advance warning that this security update would be implemented, and when it would be implemented, the hackers would have been given advanced warning, too. Players would have been prepared, would have been able to check all their accounts, but don't forget---the hackers would have been forewarned as well.
|
While it has tightented up security a bit, it has inconvenienced many players, and what is worse, hackers now have a very good reason to delete your GWAMM characters.
Way to go FailNet.
(hope you like the bold bits)
Regina Buenaobra
Quote:
|
Originally Posted by Fay Vert
And just how would forewarning them help them?
While it has tightented up security a bit, it has inconvenienced many players, and what is worse, hackers now have a very good reason to delete your GWAMM characters. |
Aleta
Quote:
|
Originally Posted by Regina Buenaobra
If we have given players advance warning that this security update would be implemented, and when it would be implemented, the hackers would have been given advanced warning, too. Players would have been prepared, would have been able to check all their accounts, but don't forget---the hackers would have been forewarned as well.
|
and while I do still have some deep seated anger at my main account being hacked, I will also say thank you that steps are being taken