Name:
Pass:

Account Security


It’s no secret that account security has always been a concern: As long as we’ve had online accounts, there have been people who have wanted to get our login details. Even back in the heyday of AOL, warnings were posted as you logged in not to give out your password and that staff would never ask for it.

It seems easy enough to avoid: Don’t give your password to anyone (ever), don’t use any cheat programs (which could have a keylogger attached to them and are almost definitely against the EULA of whatever game you’re playing, anyway), and don’t save your passwords on any public machines. You’ll also want to keep your PC free of viruses, spyware, etc., though most people try to do that to begin with. Another good tip (thanks, Fae) is to use multiple E-mail addresses and passwords. Logic here is that, if you are hacked, having multiple login identities keeps the culprit from getting access to every one of your accounts. Also, keep your E-mail secure and take advantage of any security measures offered by your provider (especially true if you keep your logins stored there, perhaps in a folder called “Kenny Logins”).


Authenticator


Even if you do all that, you can still fall victim to hacking. When Guild Wars first launched, there weren’t any real security measures in place: Just put your password in and play. After a time, a little extra security was added, requiring you to type in one of your characters’ names. Not too shabby, but not the best out there, either: Newer features in other MMOs include mobile apps for your smartphone or a key fob that generates a disposable password, used in conjunction with your account password, to help keep your account safe. This could be the future of account security for Guild Wars 2, since ANet has said they are committed to keeping hacks as low as possible, and a similar system was used in RIFT. However, GW2 account security is still a mystery at the moment.

I actually had the misfortune of a hacked Guild Wars account. I think it happened with a brute force attack, but there could have been a keylogger attached to something I was infected with. Thankfully, only one of my characters was deleted, but the hackers did take every piece of gold I had and sold some of my items (I still miss you, Mini Certadon). Also fortunately, I think my account had been used for farming because there was a stack of ectos waiting in my storage when I got access back.

So, what do you do if you’re hacked? Well, you’ll probably only know about it when you try to log into your account and realize your password isn’t working. First thing you should try is resetting your password. My E-mail address had been changed by the hackers, so that didn’t help me. After panicking a bit, I shot an E-mail to NCSoft Support. Within a day, my question was answered (… and routed to the proper department). They asked a series of questions (login name, retail keys, date of birth, address, name, some credit card details, and in-game store purchases… try to keep track of as much of this info as possible!) – make sure you’re using your real info, so you can offer proof if necessary. Once I compiled the requested information, they updated my E-mail and reset my password – I was able to access my account again. They would not, however, restore any items or characters.

More recently, ANet has introduced an account restoration which might be able to get you back into shape, but there are limits on what they can do. Additionally, there are now official Guild Wars Support forums (including Account Support), so definitely check there (but remember not to give out your personal info on the public forums!).

In the end, if you have a decent enough password and stay away from any shady dealings, you should be okay. Guild Wars hacks may have been somewhat common, but we can hope for better in the sequel, as ANet seems committed to increasing security. Oh, and as a final note, don’t buy gold or powerleveling services – that just encourages account hacking. Plus, why would you pay someone to play a game for you?

- RD


You can register an account to comment or fill in the forms below to comment.
  • Also check your PC regularly for things like keyloggers to be safe and make sure you have something like Avast running. You can never be too safe when it comes to your MMO account.

  • Listen up folks, because there’s some advice in here that does NOT work.

    Once you have a keylogger, it’s usually there until your next format c:. As almost all keyloggers and games-targeting trojans are custom built and non-replicating, this means that no virus scan will detect them, ever. They aren’t known because each is unique, and they can’t be scanned because they don’t have replicating code or fishy footprints. Virusscans nor firewalls will keep your account safe.

    So what does work? As I said, these things are built custom. They are built for YOU. Not for your raid partner, he gets his own custom thing. You are personally targeted because you have been flaunting your GWAMM or obsidian. Someone knows you check out a certain website, he gets on there, posts a picture containing a keylogger and you got it.

    Basically, don’t tell online peeps which forums you go to, don’t let forum peeps know who you are in game. Whenever you download something, make sure it is actually the type of file you expect. And when it doesn’t do what you expected it to do (like a pic not opening), format c: without thinking twice.

    I hope this helps.

    oh and don’t download maphacks, cracks, cheats and the like. These are also custom made but this time for stupid people.

  • Thanks for those additional tips harniq :)
    Although in MMOs where the community is basically built on knowing each other’s IGNs that particular tip is hard to follow for, well, people who want to be a part of the community. A vibrant community being key for a successful MMO, it puts the onus on the game developer to offer a proper two-factor security system, like authenticators. People could keylog all day long but would still not be able to log into the account without the authenticator. If those solutions are good enough for my bank, that is what I want for a game I put hundreds, maybe thousands of hours in to.