Page 3 of 23 FirstFirst
1
2
3
4
5
13
... LastLast
  1. #41
    Bloodsail Admiral Ishu's Avatar
    Join Date
    May 2009
    Location
    Denmark
    Posts
    1,036
    Quote Originally Posted by Clarissaxoxo View Post
    > log in using email1
    > change to email2
    > email gets sent to email1 asking for verification

    ^ the third step does not happen in the GW2 email changing "thing". .
    That's not true. I just tested it a second ago and you do receive a verification mail if you try to change it to a new one. In addition, if you try to log in from a computer you have not used before you are also required to use a verification link before you're able to log in. Why they don't work for you I don't know, but I just tested both systems myself and they work for my account. Maybe your hacker has access to your email account as well and deleted the verification links after using them.

  2. #42
    Quote Originally Posted by Ishu View Post
    That's not true. I just tested it a second ago and you do receive a verification mail if you try to change it to a new one. In addition, if you try to log in from a computer you have not used before you are also required to use a verification link before you're able to log in. Why they don't work for you I don't know, but I just tested both systems myself and they work for my account. Maybe your hacker has access to your email account as well and deleted the verification links after using them.
    Or they simply could have clicked the link, and marked the mail as "unread". And didn't touch your email adress password to make you think it's safe, and to be able to access it again later.

  3. #43
    I changed my email address recently and got this:

    Your e-mail address has been changed. Please remember to use this new address the next time you log in to your account.

    To confirm this change, please click on the link below.

    https://account.guildwars2.com/verif...LYIDENTIFIABLE

    Need help or have questions about your Guild Wars account? Visit our support site: http://support.guildwars2.com/.

    Thanks!

    -The ArenaNet Team
    I don't know what you are talking about. Perhaps there's a difference between EU and US, but I somehow doubt it. The only current thing that annoys me is that I have a dynamic IP address and have to almost daily authorise my login when I start the game. But I'll put up with that for the security it provides.

    I don't see how you can get hacked, if they are somehow able to change your email w/o you knowing and authorising the change or also gaining access to your email to allow a login form an IP that's not recognised already.

    ---------- Post added 2012-09-12 at 03:27 PM ----------

    Quote Originally Posted by Sekira View Post
    Or they simply could have clicked the link, and marked the mail as "unread". And didn't touch your email adress password to make you think it's safe, and to be able to access it again later.
    Dude, if they have access to YOUR EMAIL ACCOUNT then you are 100% screwed and there's no way you can blame ArenaNet on that.

  4. #44
    Legendary! draykorinee's Avatar
    Join Date
    Jun 2011
    Location
    Ciderland, arrgh.
    Posts
    6,284
    Quote Originally Posted by Jinna View Post
    I changed my email address recently and got this:



    I don't know what you are talking about. Perhaps there's a difference between EU and US, but I somehow doubt it. The only current thing that annoys me is that I have a dynamic IP address and have to almost daily authorise my login when I start the game. But I'll put up with that for the security it provides.

    I don't see how you can get hacked, if they are somehow able to change your email w/o you knowing and authorising the change or also gaining access to your email to allow a login form an IP that's not recognised already.

    ---------- Post added 2012-09-12 at 03:27 PM ----------



    Dude, if they have access to YOUR EMAIL ACCOUNT then you are 100% screwed and there's no way you can blame ArenaNet on that.
    Not if there was an external authenticator like some other big mmos have.
    On one hand I feel bad that Jennifer Lawrence's privacy was invaded but on the other hand...well that hand is busy.

  5. #45
    The Insane DrakeWurrum's Avatar
    Join Date
    Mar 2011
    Location
    Isle of Faces
    Posts
    15,029
    Weird. I could've sworn there was authorization/verification of an e-mail change. Maybe I should go use one of my secondary e-mails to find out, but I'm not sure if it's the best test, since I'm still accessing it from my regular IP address.

    How did they even log in to your account on the web site without authorization being sent, though?

    Edit: And I do see that some other people people in this thread saying they do get that authorization.
    I hope you haven't forgotten my role in this little story. I'm the leading man. You know what they say about the leading man? He never dies.

    If you give in to your impulses in this world, the price is that it changes your personality in the real world. The player and character are one and the same.

  6. #46
    So that's why I got a mail from GW2 that my email has been changed.. I don't play it so I thought it was spam, but I do have an account and all the links were legit.

    Edit: no, you don't get any verification or so in your first email.

  7. #47
    The Insane DrakeWurrum's Avatar
    Join Date
    Mar 2011
    Location
    Isle of Faces
    Posts
    15,029
    Quote Originally Posted by draykorinee View Post
    Not if there was an external authenticator like some other big mmos have.
    I dunno. My e-mail address is pretty secure. Nobody can get access to my e-mail without a text being sent to my phone informing me of attempted access.

    ---------- Post added 2012-09-12 at 09:50 AM ----------

    Quote Originally Posted by Thomvdm View Post
    So that's why I got a mail from GW2 that my email has been changed.. I don't play it so I thought it was spam, but I do have an account and all the links were legit.

    Edit: no, you don't get any verification or so in your first email.
    No, THAT happened because three specific accounts were changing their e-mail addresses, going through a list of e-mails that they've collected over the years in hacking other MMOs (in other words, they know you have a WoW account, and have you in their database as a potential target). If the change worked, that meant that account did not have a GW2 account, so they moved on down the list to figure out which people, out of those in their database, could be targets for their GW2 hackers.
    I hope you haven't forgotten my role in this little story. I'm the leading man. You know what they say about the leading man? He never dies.

    If you give in to your impulses in this world, the price is that it changes your personality in the real world. The player and character are one and the same.

  8. #48
    Quote Originally Posted by draykorinee View Post
    Not if there was an external authenticator like some other big mmos have.
    So basically it's ANet's fault that you had not one, but two password compromised due to technical ineptitude?

    If my house got burgled because I left the my keys in the lock when I left for work, I wouldn't call my condo board and bitch them out for not providing me with a retinal scanner.
    Corsair 500r - [email protected] - H100i - 580 DirectCUII - Crucial M4
    Lenovo y580 - i7-3630QM - 660M - Crucial M4 mSATA

  9. #49
    You all can throw around the blame as much as you like, it doesn't change the fact that currently, ANet's security is not nearly as good as the security that some other MMOs provide. I have never been hacked, and I'm sure a good majority of the people that have been on GW2 was caused by their lack of good common sense, but that doesn't mean that ANet's security couldn't be a good deal better. On the other hand, I think the people calling for more security measures have to remember it took time for those more secure MMOs to put those measures in place

  10. #50
    -They should add a mobile authenticator.

    -If your mail is safe (double login/ phone text like gmail), you're safe.

  11. #51
    if you try to log in from a computer you have not used before you are also required to use a verification link before you're able to log in.
    My friend logged on my pc last weekend and it didn't require any kind of verification. Maybe this system doesn't work 100% for every account...

  12. #52
    The Insane DrakeWurrum's Avatar
    Join Date
    Mar 2011
    Location
    Isle of Faces
    Posts
    15,029
    Quote Originally Posted by Hraklea View Post
    My friend logged on my pc last weekend and it didn't require any kind of verification. Maybe this system doesn't work 100% for every account...
    Admittedly, they need to add the option to enable/disable this in the account options. I think some people have had it where it's not "enabled" for them, but they never get the prompt for it.
    I hope you haven't forgotten my role in this little story. I'm the leading man. You know what they say about the leading man? He never dies.

    If you give in to your impulses in this world, the price is that it changes your personality in the real world. The player and character are one and the same.

  13. #53
    I fell asleep.

    Possibly it's entirely my fault then.

    Still doesn't explain why the systems in plac, on ANets end to restore hacked accounts is broken and non-functional though.

    Maybe ANets though process was: "why bother with account security if the game has a 1 off payment? We get their money, they lose their account, they're forced to buy the game again."

    Of course I'm no conspiracy specialist, but this leaves much to be desired.

  14. #54
    The Patient
    Join Date
    Jul 2011
    Location
    Australia
    Posts
    338
    Other companies have definately done it better.

  15. #55
    The Insane DrakeWurrum's Avatar
    Join Date
    Mar 2011
    Location
    Isle of Faces
    Posts
    15,029
    Quote Originally Posted by peterpan007 View Post
    Other companies have definately done it better.
    Vanilla WoW was significantly less secure than vanilla GW2. As was TBC WoW, and most of Wrath WoW.

    Others have done it better, but only through trial and error, after years of customer complaints. Definitely not the worst security ever.
    I hope you haven't forgotten my role in this little story. I'm the leading man. You know what they say about the leading man? He never dies.

    If you give in to your impulses in this world, the price is that it changes your personality in the real world. The player and character are one and the same.

  16. #56
    The Patient
    Join Date
    Jul 2011
    Location
    Australia
    Posts
    338
    Quote Originally Posted by DrakeWurrum View Post
    Others have done it better, but only through trial and error
    Agree.

    Though no need for Anet to go through the same painful lessons itself when it can easlly look at what other games have done and leverage off that.

  17. #57
    What do they care? They already have your money. Probably prefer it if you bought a second account.
    Quote Originally Posted by Dekadez View Post
    Sandbox MMOs are like having sex with a pornstar: Everyone wants it, but when you're getting it, it's suddenly not so awesome anymore.

  18. #58
    The Insane DrakeWurrum's Avatar
    Join Date
    Mar 2011
    Location
    Isle of Faces
    Posts
    15,029
    Quote Originally Posted by peterpan007 View Post
    Agree.

    Though no need for Anet to go through the same painful lessons itself when it can easlly look at what other games have done and leverage off that.
    It's already doing significantly better than others have at the beginning. You may feel that their e-mail authentication system is not ideal, but it's a damn sight better than what numerous other MMORPGs have had. VASCO isn't THAT much better, considering how many people have complained over the years about losing their authenticator. I've seen numerous facebook posts, as well, about people losing their iphone and being unable to log into WoW.

    This way, so long as my e-mail is secure, and I have internet access, I can log into GW2 servers. If the security of your e-mail security is less than ideal, then why are you using that service at all, let alone for game accounts?
    Considering how much personal information is funneled through my Gmail, I care much more about the security of my e-mail than the security of my GW2 account.
    I hope you haven't forgotten my role in this little story. I'm the leading man. You know what they say about the leading man? He never dies.

    If you give in to your impulses in this world, the price is that it changes your personality in the real world. The player and character are one and the same.

  19. #59
    Quote Originally Posted by DrakeWurrum View Post
    It's already doing significantly better than others have at the beginning. You may feel that their e-mail authentication system is not ideal, but it's a damn sight better than what numerous other MMORPGs have had. VASCO isn't THAT much better, considering how many people have complained over the years about losing their authenticator. I've seen numerous facebook posts, as well, about people losing their iphone and being unable to log into WoW.
    Let's not play the game where we compare a 2012 game, with the knowledge the year 2012 holds, to a 2004 game with a severe lack of knowledge.

    It makes everyone look stupid.

  20. #60
    The Insane DrakeWurrum's Avatar
    Join Date
    Mar 2011
    Location
    Isle of Faces
    Posts
    15,029
    Quote Originally Posted by Clarissaxoxo View Post
    Let's not play the game where we compare a 2012 game, with the knowledge the year 2012 holds, to a 2004 game with a severe lack of knowledge.

    It makes everyone look stupid.
    Let's not make the mistake of pretending that e-mail authorization isn't a strong security measure.
    I hope you haven't forgotten my role in this little story. I'm the leading man. You know what they say about the leading man? He never dies.

    If you give in to your impulses in this world, the price is that it changes your personality in the real world. The player and character are one and the same.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •