+ Reply to Thread
Page 2 of 3 FirstFirst 1 2 3 LastLast
Results 21 to 40 of 42
  1. #21
    Sea Torques
    Join Date
    Oct 2006
    Posts
    503
    BG Level
    5

    Thanks for sharing, I had a few of the emails so I changed my registered email address and added one of those + thingys to it.

  2. #22
    THOU THOU THOU THOU THOU THOU THOU THOU
    Avatar of Fury.

    Join Date
    Jan 2006
    Posts
    5,591
    BG Level
    8
    FFXIV Character
    Shiroe Blackrose
    FFXIV Server
    Diabolos
    FFXI Server
    Carbuncle

    Re: Warning: Hackers brute forcing passwords

    Just a note: GW accounts do accept spaces in the password. Just to really throw a wrench at them.

  3. #23
    Mithra Ero-Sensei
    Sex Manthra

    Join Date
    Nov 2005
    Posts
    11,547
    BG Level
    9
    FFXIV Character
    Erosensei Gulkeeva
    FFXIV Server
    Gilgamesh
    FFXI Server
    Cerberus
    WoW Realm
    Magtheridon

    You know, there are tools to "guess" passwords for something by the "billions" per second using a video cards gpu >.> Unless your passwords like 10+ numbers/letters/case size weird symbols long it would only take a few days to guess it (if someone jsut really wants to get on your account)

    Of course that all depends, on how many times they let you "guess" a password on an account till its locked (if they even do that?)

  4. #24
    Nikkei's Hoe
    Worse than her at uno

    Join Date
    Dec 2006
    Posts
    6,235
    BG Level
    8
    FFXIV Character
    Eanae Hikari
    FFXIV Server
    Gilgamesh
    FFXI Server
    Cerberus
    WoW Realm
    Hyjal

    Quote Originally Posted by Gulkeeva View Post
    You know, there are tools to "guess" passwords for something by the "billions" per second using a video cards gpu >.> Unless your passwords like 10+ numbers/letters/case size weird symbols long it would only take a few days to guess it (if someone jsut really wants to get on your account)

    Of course that all depends, on how many times they let you "guess" a password on an account till its locked (if they even do that?)
    You can't guess that many per second through an account system with proper security. 1 per second, locked out after 3-5 wrong passwords is idea.

  5. #25
    Old Merits
    Join Date
    Oct 2006
    Posts
    1,033
    BG Level
    6
    FFXIV Character
    Shuichi Shadowstar
    FFXIV Server
    Excalibur
    FFXI Server
    Leviathan

    I got one this morning. Since I didn't request one, I deleted it right away. Slight oversight on ANets part. Game should've launched with authenticator. Every MMO should from now on frankly.

  6. #26
    BG Staff
    Join Date
    Feb 2006
    Posts
    27,374
    BG Level
    10
    FFXI Server
    Sylph

    Quote Originally Posted by Shuichi View Post
    I got one this morning. Since I didn't request one, I deleted it right away. Slight oversight on ANets part. Game should've launched with authenticator. Every MMO should from now on frankly.
    Should come free with boxed standard versions too.

  7. #27
    Mithra Ero-Sensei
    Sex Manthra

    Join Date
    Nov 2005
    Posts
    11,547
    BG Level
    9
    FFXIV Character
    Erosensei Gulkeeva
    FFXIV Server
    Gilgamesh
    FFXI Server
    Cerberus
    WoW Realm
    Magtheridon

    Quote Originally Posted by Eanae View Post
    You can't guess that many per second through an account system with proper security. 1 per second, locked out after 3-5 wrong passwords is idea.
    some... things actually don't have that kinda security ;/
    like I don't think tera does actually but if any "different IP" tries to login they got an "account armor" thing where you need to verify that new ip by going to your e-mail and verifying/allowing that machine to login.

  8. #28
    Eli Manning is my Lord and Savior
    Join Date
    Dec 2007
    Posts
    6,098
    BG Level
    8
    FFXI Server
    Cerberus
    WoW Realm
    Greymane

    This is generally why I'm not a fan of the move away from standard account names to email addresses. Even worse that the email validation system is apparently still not working. Thankfully I added 2 step verification for my email account when I had to register it as an account name(used a seldom used one rather than the one I personally use) so whenever they get the validation thing fixed it should be a bit more secure.

  9. #29

    When my D3 got hit, I wound up moving things to a completely fresh/clean email account with 25+ character passwords. If the bastards can brute force that, good for them, as I've otherwise yet to find anything fishy on my system to suggest that's where I've blundered. And just like D3, I haven't really browsed any fan sites for GW2 aside from here, and even if I did and registered, it wouldn't be at all associated with my current account email. No messages yet, so guessing I'm still in the clear.

    But yeah, I don't like using emails for log ins on MMOs, either.

  10. #30
    Eli Manning is my Lord and Savior
    Join Date
    Dec 2007
    Posts
    6,098
    BG Level
    8
    FFXI Server
    Cerberus
    WoW Realm
    Greymane

    Well checking the login of my regular account on the support page noone has accessed it, although my regular email account which I used for the BWEs and is the yahoo email address I use normally was logged into by a few chinese IPs. Nothing linked there really but considering that specific email gets bombarded by fake WoW emails on a daily basis it doesn't surprise me that they knew to check that. So I guess smart move on my part to switch it to my seldom used gmail account when I entered my prepurchase code. And I followed the tip I saw on reddit and changed my username to [email protected] since it'll send all the emails to [email protected] still but they'd need to know my exact username(with the +somethinghere part) to brute force it or to request a password change for it.

    All my emails have 2step verification so I don't have to worry about that. Nice try Chinese gold farmers, the AH doesn't work anyway, you couldn't sell anything.

  11. #31
    Nikkei's Hoe
    Worse than her at uno

    Join Date
    Dec 2006
    Posts
    6,235
    BG Level
    8
    FFXIV Character
    Eanae Hikari
    FFXIV Server
    Gilgamesh
    FFXI Server
    Cerberus
    WoW Realm
    Hyjal

    They also took down mail. There's no way hackers can profit, and email authentication goes back online at midnight PST tonight.

  12. #32
    Old Merits
    Join Date
    Jun 2007
    Posts
    1,038
    BG Level
    6
    FFXI Server
    Asura
    WoW Realm
    Emerald Dream

    I got an email as well but they didn't get in. Am I safe?

  13. #33

    Got the email at 3am and 10am today.

  14. #34
    New Merits
    Join Date
    Apr 2010
    Posts
    209
    BG Level
    4
    FFXIV Character
    Detozi Deis
    FFXIV Server
    Gilgamesh
    FFXI Server
    Quetzalcoatl

    I received two of these emails on Monday. On Wednesday my account was permanently banned due to RMT activities. They got my account/password one way or another and were probably spamming RMT sites with my character. I've put in a ticket and am waiting for a response from ANET. Long story short, I'd just be safe and change your email/password if you are receiving password reset emails.

  15. #35
    Black Mage
    Join Date
    Oct 2007
    Posts
    689
    BG Level
    5
    FFXIV Character
    Amiricle Mihgo
    FFXIV Server
    Midgardsormr
    FFXI Server
    Quetzalcoatl

    Warning: Hackers brute forcing passwords

    I Really don't understand this bullshit. I mean can they really make much of a profit doing this in a game where you can buy currency directly from the developers (gem exchange) anyway? My accounts never been affected but still pisses me off due to loss of ingame mail and trading post.

  16. #36

    Quote Originally Posted by Amiricle View Post
    I Really don't understand this bullshit. I mean can they really make much of a profit doing this in a game where you can buy currency directly from the developers (gem exchange) anyway? My accounts never been affected but still pisses me off due to loss of ingame mail and trading post.
    Because it's more profit if you steal than spending your own money.

  17. #37
    Ridill
    Join Date
    Jul 2006
    Posts
    12,663
    BG Level
    9
    FFXI Server
    Ramuh
    WoW Realm
    Kilrogg

    Oh is this why they disabled mail?

  18. #38
    I'm almost as bad as Mazmaz
    Sweaty Dick Punching Enthusiast

    Join Date
    Jul 2008
    Posts
    22,958
    BG Level
    10

    Yerp.

  19. #39
    Black Mage
    Join Date
    Oct 2007
    Posts
    689
    BG Level
    5
    FFXIV Character
    Amiricle Mihgo
    FFXIV Server
    Midgardsormr
    FFXI Server
    Quetzalcoatl

    Warning: Hackers brute forcing passwords

    Quote Originally Posted by Shadowhusky View Post
    Because it's more profit if you steal than spending your own money.
    Right, but I'm thinking from a customers standpoint. If you had the cash to burn and wanted more game moneys, why go to the hassle of one o those currency websites when with a few clicks you can buy gems and convert them to gold ingame?

  20. #40

    Ultimately depends on how much cheaper they offer gold compared to gems. But if ANet's smart and keeps gem prices low enough, the temptation really won't be there as you'll have safety on top.