LOCK DOWN YOUR HIDEOUTS AND DO NOT TRADE WITH PEOPLE YOU DONT KNOW.
" Passwords aren't stored plain text. Even if someone wasn't using steam you'd need to know the pw to change the email or account pw which wouldn't be in the cookie file. A man in the middle attack would only leak a pw if it's plain text, they have a keylogger, or know how the passed data is encrypted. In the last two situations no one is logging into your poe account they're going for your bank account and if pw were plain text we'd know as everyone would have things stolen. You're the kinda ppl who think someone knowing your IP address means they can hack you. Last edited by baconbyte#0146 on Jan 1, 2025, 8:58:05 AM
|
|
" Rudimentary parroting of knowledge that is incorrect: you don't NEED to know the password in plaintext or in any text if you have the sessionID. Furthermore, as GGG explained during the FIRST data breach, all forms of PAYMENT information is stored elsewhere, within the hefty security of their payment providers. A sessionID allows anyone to bypass any and all log-in restrictions and just...be logged in. Especially if that person is currently logged in. Thats why people who are losing their items receive no emails or notices of account action from elsewhere. Because the sessionID is allowing the abuser to "mimic" being that person, complete with full logged-in features. Starting anew....with PoE 2 Last edited by cowmoo275#3095 on Jan 1, 2025, 9:00:43 AM
|
|
|
.
Last edited by baconbyte#0146 on Jan 1, 2025, 9:38:43 AM
|
|
" go try to change your email or pw to your POE account, I'll wait.......(https://www.pathofexile.com/my-account/connections). O shit what does it ask for????? Yeah I understand it's not needed as a rule of thumb but for POE yes you need it. As I said pls stop talking about things you don't know. Last edited by baconbyte#0146 on Jan 1, 2025, 9:45:19 AM
|
|
|
bacon you are completely missing the issue here and thats ok, not everyone needs to know what theyre talking about.
This particular exploit which HAS ALREADY HAPPENED on path of exile in the past bypasses any need for passwords, email verification, 2fa. Stay classy Step 1 is to self reflect.
|
|
" Nothing is getting wiped, GGG doesn't want to lose 80% of its playerbase.. Because that's exactly what would happen if wiped. If anything this will all go to EA league once full game releases or Potentially wipe "When" full game releases. And we're at a point in the game where Ten's of Thousands (If not More) are equipped and able to farm for these items everyday every hour.. It's not some exploit I Doubt. Last edited by TRYLLTV#2466 on Jan 1, 2025, 9:47:37 AM
|
|
" Pls explain to me how you think someone being in your web account would allow someone to login to your game account. It's not a thing. Those situations in the past were ppl using 3rd party add-ons to filter their stash which ended up compromising their pw. It was like a trust me bro situation and ppl just typed their pw into a 3rd party piece of software cause it was damn useful to be able to scan your stash for vendor recipes. Problem being ppl copied that program and used it to harvest pw which is why that program than swapped to using session IDs to scan your stash as it meant your weren't passing your pw to them. Like yeah they program could have been a key logger to and took the pw than but that's the risk you're taking when installing a random java applet. Like anyone using windows would have been told "hey you sure you wanna do this, could be malicious" Last edited by baconbyte#0146 on Jan 1, 2025, 10:11:17 AM
|
|
|
Well when GGG is back in office there are more important tasks. There are plenty of people having fun with Arcghmage, Spark and Herald of Ice. Going to nerf that first
|
|
|
People are getting "hacked" by using third party sites and tool and probably RMTing. You can't get hacked by normal trading.
|
|
" Exactly.... installing some random c/java code off github is fucking dumb. Windows even asks you before hand. Last edited by baconbyte#0146 on Jan 1, 2025, 10:11:57 AM
|
|
