Lack of Guild Wars 2 Authenticators

[Oneirophobia]

You just have to be careful. Get good virus protection, stay off... questionable sites. The way you speak, you either seem VERY paranoid or just quite under protected and perhaps a very frequent visitor of questionable sites.

I steer clear of questionable sites and downloads, have a pretty good junk mail folder (which is often full of "WoW account issue" and "Runescape account issue (don't even have a Runescape account!) and I have yet to be hacked in WoW, GW2, LoL, or any other game I play. Even my ancient neopets account is safe, and all of them use the exact same email I made 13 years ago.

Just have to be wise; a little internet savvy goes a long way in protecting your stuff.

I will agree that Anet should have authenticators as an option, however. I just don't think it is as big of a deal as you seem to believe it is. You shouldn't live in constant fear that, because you lack an authenticator, that hackers are going to emerge from the darkness of the internet and hound you, especially if, as I mentioned earlier, you've got your virus protection and you stay away from questionable sites and downloads.

[Mif]

L2 keepup

Maybe you should take your own advice...

- Mobile authentication
-> String in the exe: You've enabled and linked the <i>Guild Wars 2</i> Authenticator to your account. Please use the app to authenticate this log-in.
- Email authentication
-> String in the exe: You've enabled e-mail authentication for this account. Since you're logging in from a new IP address, you're required to authenticate using the e-mail that has been sent to you. Please click the link provided to authenticate this log-in.

Lead developer Eric Flannum posting on a personal account on a (non-GW2) forum he participates in:



Vasco booth at Gamescom

[Tekkommo]

Hope they bring out a smart phone authentication like all other top MMOs.

[Vexies]

Mif with the timely info! Nice, but.. gives me now already!! They got two guaranteed purchases. (one for me and the wife)

[vicious796]

Is it mandatory? No, of course not. Is it something that every other company in this field has done for the past few years? Yes. Yes, it is.

However, I would've been more than satisfied with their previous security system - knowing a character's name on your account. This email authentication looks like it'll do fine, too.

[Deafknight]

Played MMOs since EQ1, 8-10+ by now and have never been 'hacked'.

Also never bought gold or any other questionable shit either.

8-10 years and you think theres a relation between buying gold and getting your account hacked ?

[Smitzelplix]

Vasco booth at Gamescom

I hope they release these key chain authenticators soon, I have one for SWTOR and WoW. Must complete my collection , I also hope it says Guild Wars 2 on it or has the GW2 dragon logo, my WoW authenticator has the game name on it and a design of the core hound and my SWTOR one is less designed but at least has the name of the game on it.

According to that picture it looks like it will just have the NCSoft name on it, but hopefully they have different ones to choose from.

[Deleted]

I hope they release these key chain authenticators soon, I have one for SWTOR and WoW. Must complete my collection , I also hope it says Guild Wars 2 on it or has the GW2 dragon logo, my WoW authenticator has the game name on it and a design of the core hound and my SWTOR one is less designed but at least has the name of the game on it.

According to that picture it looks like it will just have the NCSoft name on it, but hopefully they have different ones to choose from.

I would probably pay double for an authenticator with Zojja on it.

[Toccs]

8-10 years and you think theres a relation between buying gold and getting your account hacked ?

I suspect there is, I stupidly bought gold when I was younger (8 or so years ago) and that’s the only time in my life i've had any accounts compromised. Can't remember the details but I definitely didn’t give them anything beyond my account name.

[Sylvanie]

I'll probably get accused of being a fanboi here, but there's a lot more stuff YOU can do to get better security, but obviously it takes a lot less effort to pin the blame on Anet.

Personally, I wouldn't want another authenticator. I always have to have it with me, battery on my smartphone is regularly empty and it takes longer to log in. It's a lot easier not to spread your email address around on the internet, have good security on your computer and have a decent password which you mix around for different applications/websites.

Hate incoming.

No "hate" from me, because you're exactly right. Authenticators are not a scalable solution to security. They are better than nothing, but as the online gaming market becomes more and more fragmented, it will be impractical to have authenticators for every game or vendor (even if you only play one at a time).

As it is, I don't even have an authenticator on my battle.net account. This is because I keep my account and computer secure. While that does not make it impossible for me to get hacked, I estimate that the likelihood for that to happen is not any higher than losing an authenticator or for it to stop functioning, in which case I need to go through account recovery also. The risks, in short, are close enough for me to make using an authenticator not worth the extra hassle.

My husband and I do have 2FA on our banking account (which is a whole lot more important to us than any game) and on our gmail accounts (also more important than games, and more difficult to recover than a gaming account). As a result, any system that requires email verification for account changes automatically gives us the benefits of 2FA.

[Dodrin]

How about this: practice safe internet useage until they release an authenticator (because they will, I'd wager soon).

I mean c'mon, I know not everything you use on the internet has an authenticator, yet they aren't getting hacked. Just keep up your virus scans and don't do anything stupid.

Hard, I know.

[VibrantViolet]

I honestly would like a physical authenticator. I had one for my WoW account. Granted, I was never hacked before I got one, but I'm in the "better safe then sorry" mindset.

[Vespian]

No "hate" from me, because you're exactly right. Authenticators are not a scalable solution to security. They are better than nothing, but as the online gaming market becomes more and more fragmented, it will be impractical to have authenticators for every game or vendor (even if you only play one at a time).

As it is, I don't even have an authenticator on my battle.net account. This is because I keep my account and computer secure. While that does not make it impossible for me to get hacked, I estimate that the likelihood for that to happen is not any higher than losing an authenticator or for it to stop functioning, in which case I need to go through account recovery also. The risks, in short, are close enough for me to make using an authenticator not worth the extra hassle.

My husband and I do have 2FA on our banking account (which is a whole lot more important to us than any game) and on our gmail accounts (also more important than games, and more difficult to recover than a gaming account). As a result, any system that requires email verification for account changes automatically gives us the benefits of 2FA.

Oh boy, I haven't had a virus protection on my pc for years, but I'm not naive enough to assume that proper browsing behavior will protect me indefinitely. Your estimates mean nothing. Impractical does not equal impossible. Plus, most people won't be playing more than 2 MMO's at a time. Hardly a burden.

And your "benefits" only apply to those two seperate accounts in particular. It won't protect you from account theft in games.

While the authenticator is not flawless, it's still a significant improvement on any security.

[MKing]

I'm satisfied currently because nothing has happened to me, actually my account has never been compromised on a mmo before, must be something you guys are doing.

[Deleted]

Really, I am sick of panicking that my account got hacked every time I dc. Praise wherre praise is due, SWToR launched with iphone and android auhtenticators. Can't see why Anet can't do the same.
I just got kicked out with a message "the password is incorrect" WTF..now I am scared if my account is gone....not happy.

Account security does not even seem to be on Anet's radar....WTF...at least blizz made sure i never lost my account even if I do not care fer it any more.

I've never used an authenticator in any game and have never been hacked, but then I use a password software, so I have long random passwords that are unique to every site/game, I regularly do anti-virus/malware checks and I don't use things like torrents, buy gold/currency/characters/gear from 3rd party sites, use hacking software, nor use addons that require a seperate .exe.

But you know what has happened in just about every company from Blizzard to Turbine, they have had their databases comprimised at some point to varying degrees, let us hope Anet are bit more competent then Blizzard in that department.

[Deleted]

I actually think they have a good thing with the email authentication. Especially seeing as i hate authenticators. I took my one off WoW too when i was playing. They have a good idea at the moment tbh. Though i am still for the authenticator idea.

[Deleted]

It's the publishers fault when users use low security passwords or operate on an insecure computer?

[Snakehead]

Ive carried this wallet around for years, and ive never been attacked by bears. It must repel bears or something.

I'm thinking of visiting Kodiak Alaska next year. Can I have your bear repellent wallet?

[Mosotti]

Actually an authenticator wouldn't be necessary if people would be responsible. There is no magic in account hacking, people just give their info away in whatever forms. The internet security industry would be the biggest most useless crap in a world where people actually use their fucking brains and not just keep them in their skulls for no reason at all. But since that's not happening, I think they should make them mandatory for all

[Deleted]

If you're not famous or important then you're obviously not a target.

Here's how it's usually done:
*You become a target (let's say a popular streamer or a big guild leader or simply pissed off the wrong person)
*Hacker will figure out your real name. Usually via facebook or clues or profiles or forums posts that lead to your facebook or your friends' facebook.
*Once he has your real name, he looks you up on Skype and since Skype uses peer-to-peer, he instantly finds out your computer IP.
*If your computer runs Windows operating system, then you're wide open.

That's just an example of the default routine. There are tons of other ways to get it done.

That's not even slightly an example of any routine never mind a "default" routine. Also, when was the last time you tried to hack a remote installation of Windows? Sounds like you still think normal people use XP.