Lack of Guild Wars 2 Authenticators

[vicious796]

Actually an authenticator wouldn't be necessary if people would be responsible. There is no magic in account hacking, people just give their info away in whatever forms. The internet security industry would be the biggest most useless crap in a world where people actually use their fucking brains and not just keep them in their skulls for no reason at all. But since that's not happening, I think they should make them mandatory for all

It's not a point of necessity, it's a point of the normal business practices in today's market for this material. It's not necessary for a car dealership to offer free drinks to people contemplating buying a car - however, it's expected because the vast majority of them do it, today.

Really, look at anything in the car market and you'll see a variety of "someone did it first, now everyone's doing it" examples. Navigation used to be an extreme luxury just a few years ago but now you can see it as a standard option in most luxury lines and an option in the lower end. The point of the OP and most people, like myself, is that if you're going to go into a market (or return to it, in this case) you should at least offer the same base-line things your competitors offer. At launch, there was no added layer of security - this was not the case with ANet's competition in the recent years.

[Wromthrax]

I made an account for one of the beta events before and I keep getting at least 5 e-mails every day about password reset requests :P, they should at least require an answer to some secret question or w/e, pretty annoying even though I don't play the game.

[homerunhomer]

So long as you're careful when you are browsing the internet, checking sites you don't know whether to trust or not before going onto them and running a strong anti-virus/firewall and so on (I use Kaspersky, saved me from a number of trojans in webpages), have a strong password and of course you don't log on anywhere untrusted then you shouldn't get hacked. There's still the whole brute forcing it, but hopefully your password should prevent that.

As for Authenticators, they're fine. However, I see it as that whilst you're stopping someone from getting into your account, you still have a keylogger lurking on your PC.

I'm bloody paranoid about them after getting my WoW account hacked I think 3 years ago. For a year I actually would reset the password to my WoW account after logging in (through the password reset feature). Was first in line to get an authenticator too. I'm not as bad as that now, but I'm still very security conscious now.

[DrakeWurrum]

Really, I am sick of panicking that my account got hacked every time I dc. Praise wherre praise is due, SWToR launched with iphone and android auhtenticators. Can't see why Anet can't do the same.
I just got kicked out with a message "the password is incorrect" WTF..now I am scared if my account is gone....not happy.

Account security does not even seem to be on Anet's radar....WTF...at least blizz made sure i never lost my account even if I do not care fer it any more.

Dude, authenticators were confirmed over a month ago.

[Sylvanie]

Oh boy, I haven't had a virus protection on my pc for years, but I'm not naive enough to assume that proper browsing behavior will protect me indefinitely. Your estimates mean nothing. Impractical does not equal impossible. Plus, most people won't be playing more than 2 MMO's at a time. Hardly a burden.

I think you're not understanding. First and foremost, games are just part of the equation. There's your banking account, there's your mail account, there are your online shopping accounts (such as Amazon), and so forth. You may only play two MMOs at a time (disregarding that you also need to protect dormant accounts if you ever want to play them again), but in the end, authenticators are not a scalable solution to online security.

Games are only part of the problem, and, frankly, the least of my concerns (especially since the damage online criminals can inflict on them are negligible and they are generally recoverable). I am interested in having comprehensive security that protects more than just my gaming accounts and does not make me carry a ton of devices in my purse which, if lost, can cause just as many problems as an account getting hacked (mobile authenticators have their own problems, in particular that your phone becomes an even more valuable hacking target).

As a result, we're running a fairly locked-down system in our household to have more comprehensive protection. But with tight security, authenticators then become more of a nuisance than an actual benefit. They don't add enough to be worth the hassle.

And your "benefits" only apply to those two seperate accounts in particular. It won't protect you from account theft in games.

By having two-factor authentication on my gmail account, every attack on another account that requires email confirmation will also have to either break Google's 2FA or be able to intercept the emails. So, yes, it does protect me from account theft in those cases.

[Jewster925]

Don't Panic!!

https://www.guildwars2.com/en/news/t...ccount-secure/


It's dated yesterday, hope it'll help.

There's a reason why this book sold so well...



The game is new and they are working on it.

[Deleted]

Protip, having at least 6 characters long password that cant be found using regular words + having any half-decent antivir program + not being stupid makes you immune to any kind of account hacking.

[Korgoth]

Dam you ArenaNet for not realizing most MMO players are too stupid not to click the obvious hoax messages in their inbox!

[DrakeWurrum]

I will say this much about their account security: My login name should NOT be my e-mail address, regardless of how secure my e-mail is. It may be a minor thing, but having an actual login name adds a small extra layer of security, for both my account and my e-mail.

[Aurlon]

I have never before been "hacked" or had my security compromised in all my life. I've had a World of Warcraft account since Vanilla without problem (though I do now use an authenticator).

I purchased Guild Wars 2 yesterday, and since then I've received 2 bogus "password reset" prompts. I came home from work today to find an e-mail explaining that my account had been accessed from another country. I log on to find my character in a foreign location with items I didn't have yesterday. For those wondering:

-My password is unique to GW2 (as are ALL my passwords, I never re-use, and no they're not written down)
-My password does not contain a dictionary word. It contains upper and lower case letters, numbers and special characters and is quite long.

I work in the IT industry and know how to protect myself. I regularly re-image my machine, have up-to-date secuirty software running and know how to spot a dodgy website. Ads have been blocked on my computer for years.

So for all those who like to pretend they're immune "if you use common sense", I'd like to remind you that without proper protection (2-step verification for example), it's a question of when - not if -your security will be compromised. An authenticator cannot come fast enough.

[Gandrake]

Do you really want to be the blind fanboy like we get in swtor or wow forum. Even you know two factor auth is great and its peace of mind for everyone who has it. Please don't give GW2 community the same rep as swtor

Well I've played WoW for 6 years. Been hacked once, and it was my fault.

I am definitely not buying an authenticator unless it's free.

[Achyra]

I mean, whatever makes people more comfortable is great, but I personally wish I hadn't put an authenticator on my Battle.net. Such a PitA. I've been known to just go do something else because I don't fee like getting out of my chair and getting my keys. I had gone years without being hacked and only got it because I was a GL for a few months and everyone was omgsoscared that something would happen to the Gbank.


So I wouldn't get one for GW2, but if other people want one that's great. I'm always pro options.

[Kaibhan]

I don't understand people. Why are you all complaining about the game's authors not providing you with extra security that can easily be implemented by yourself for free. Here is what you do. Download a flavor of linux that appeals to you and run it in a virtual environment. Then use that environment for all your web browsing. Download something bad? oh well delete the environment and create a new one. No muss no fuss, all your stuff is safe for EVERY game.

[rhandric]

Just turn this argument around: "Seriously players, responsible internet usage is pretty much mandatory in today's world". Of course, both would be of benefit, but only one is mandatory..and it's not the thread title.

[DrakeWurrum]

I'm still positive that they're working to get VASCO authenticators involved.

[jpb007]

So for all those who like to pretend they're immune "if you use common sense", I'd like to remind you that without proper protection (2-step verification for example), it's a question of when - not if -your security will be compromised. An authenticator cannot come fast enough.

This.

Hacking is an economic niche. Do hackers go for the low lying fruit first? Yes. Do they stop hacking just because the margins get smaller? No.

---------- Post added 2012-08-30 at 08:07 PM ----------

Just turn this argument around: "Seriously players, responsible internet usage is pretty much mandatory in today's world". Of course, both would be of benefit, but only one is mandatory..and it's not the thread title.

People should drive carefully, obey the speed limit, and not text while behind the wheel. But you know what? Shit still happens even if you do all of those things That's why cars have seat belts and air-bags. The responsibility is not one-sided - it's up to the driver and the car manufacturer to do their part.

I've never been hacked in 10 years of online gaming. I take all the precautions I should, run scanners every day and avoid "sketchy" websites. If I get hacked will I be responsible despite doing everything in my capability to prevent it from happening? The notion that only the consumer party is responsible for the security and safety of a consumer product is absurd.

[DrakeWurrum]

E-mail authentication works: http://www.reddit.com/r/Guildwars2/c...ding_in_email/

[Deleted]

https://forum-en.guildwars2.com/foru...Authentication

[Deleted]

Bit of a necro there, wouldn't you say? :P

[Fencers]

Whoa, old thread. We have new ones of the current GW2 authenticators. Please direct discussion there.

- Fencer