Account Security and Theft Policy - READ THIS

.

IP in my country is something that can and will change often enough (when inactive certain amount of time). It's a national ISP thing they do, unlike somewhere else. It's more expensive to give every user a fixed IP so forth and so on.

And I play at my own flat most week days and parents at weekend and I tend to be at work all day. The security issue is getting a bit silly. Since it's asking me to unlock my account at least every other day. I wish there was some other means to save up the two computers I use to play the game than IP. MAC address maybe?

Be warned everyone. I have a highly complex password scheme, and I do not reuse passwords between any game or email account. The statement that email access is required to hack your account is inaccurate. I can show that no unauthorized email access was made on my email account, and after receiving the notifcation that my account was locked, it was already too late.

GGG's current implementation of security is to lock the account after unauthorized access has been granted. Additionally, given the unique password system I use, it is apparent that there is a security hole somewhere in this system that was introduced very recently. Until this security hole is found and closed, I see no reason that any account can be made safe.

"

pdxg33k wrote:

Be warned everyone. I have a highly complex password scheme, and I do not reuse passwords between any game or email account. The statement that email access is required to hack your account is inaccurate. I can show that no unauthorized email access was made on my email account, and after receiving the notifcation that my account was locked, it was already too late.

GGG's current implementation of security is to lock the account after unauthorized access has been granted. Additionally, given the unique password system I use, it is apparent that there is a security hole somewhere in this system that was introduced very recently. Until this security hole is found and closed, I see no reason that any account can be made safe.

Problem is on your end buddy, figure it out before another game you play (or your personal info) is compromised.

best of luck

"

Josephoenix wrote:

Problem is on your end buddy, figure it out before another game you play (or your personal info) is compromised.

best of luck

False, unlike your factless statement, I have full login logs for all access to my email account that shows no unauthorized access has been granted, or even attempted for that matter. I have sent all this information to PoE support so they can either change the locking policy to actually require email access, and hopefully figure out where the leak is.

hacking/phishing etc... does not "need" to access your e-mail account... they just need to know what the account is (abc@xyz.com).

checked my computer for keyloggers, didn't see anything, my email has not be compromised, so i am left to assume that the reason my account was attempted to be accessed was because i used the same password i did a while back for when my world of warcraft account was taken by a keylogger. which would mean that whoever accessed it was also involved in some way with that incident, not really surprising, just amusing. not that im really worried about it, if i found this game worth protecting i would have used a better password :P

"

adddemon wrote:

checked my computer for keyloggers, didn't see anything, my email has not be compromised, so i am left to assume that the reason my account was attempted to be accessed was because i used the same password i did a while back for when my world of warcraft account was taken by a keylogger. which would mean that whoever accessed it was also involved in some way with that incident, not really surprising, just amusing. not that im really worried about it, if i found this game worth protecting i would have used a better password :P

In the dark recesses of the internet people trade stolen usernames and passwords like baseball cards. Yours was probably in one of those lists from back when

"

wonko33 wrote:

"

adddemon wrote:

checked my computer for keyloggers, didn't see anything, my email has not be compromised, so i am left to assume that the reason my account was attempted to be accessed was because i used the same password i did a while back for when my world of warcraft account was taken by a keylogger. which would mean that whoever accessed it was also involved in some way with that incident, not really surprising, just amusing. not that im really worried about it, if i found this game worth protecting i would have used a better password :P

In the dark recesses of the internet people trade stolen usernames and passwords like baseball cards. Yours was probably in one of those lists from back when

yea that makes sense

"Its not our fault. Its not our fault. Its not our fault"
"its under control. its under control. its under control."
"we discovered the problem. we discovered the problem."
"Its not our fault. Its not our fault. Its not our fault"
"its under control. its under control. its under control."
"we discovered the problem. we discovered the problem."
"Its not our fault. Its not our fault. Its not our fault"
"its under control. its under control. its under control."
"we discovered the problem. we discovered the problem."
"Its not our fault. Its not our fault. Its not our fault"
"its under control. its under control. its under control."
"we discovered the problem. we discovered the problem."

Pleeease. I've never been hacked in a game. I have multiple layers of hardware network security. unique password generators, precautionary measures (copy paste type password manager), test programs on virtual machines before installing on user systems. I mean... its blatantly obvious they are not taking any responsibility for their inability to secure their system. These security measures they say they will implement have been used to keep gw2 secure. In the case that you use the same password and email on other forums, less secure, your asking for trouble.

They got hacked and cannot detect it. plain and simple. Chinese hackers are better than this security team. BAM. own up to your shabby security.

and....... you are concerned with setting a precedent of apologizing for mistakes in fear of admitting to your incompetence, but truthfully the days of claiming ignorance are over. Your incompetence has been unveiled. There are many security measures you could have taken to prevent this and you haven't.