Guild Wars 2

1.) I can sell 13 items in the Black Lion Trading Company then I have to “wait”….Really!? I have 5 20 slot bags and I an only clear 13 items?

2.) Your password system is terrible…I never know what my password is because your system is far far far far far far far far far too restrictive. I thing its “monkey purple wrench pool” right now. So easy to remember!

I’m glad your designers put effort into these two issues as they were game breaking before.

Skeletor.9360:

1.) I can sell 13 items in the Black Lion Trading Company then I have to “wait”….Really!? I have 5 20 slot bags and I an only clear 13 items?

It is NOT 13 items. It is also not a bug. It is intended and working as intended. It works so that bots have trouble botting the tradepost. So the mechanic is important. As usual with anti-botting mechanics, it is not discussed how it works publically (otherwise botwriters could circumstance it better). But more or less it is like this (numbers fictional cause that is the unknown part).

The time out is hit based on the time between listing items. Everytime you list something you get e.g. 5 points. Every second not selling anything a point is removed. whenever you hit e.g. 50 points, you get the error and have to wait till you drop below the 50 points again (and it is actually better to wait for a good amount of time till it resets.

The best way to circumstance this is either selling in parts, or taking more time between sales. I’m often selling while chatting. I do that inbetween and never got issues.

Skeletor.9360:

2.) Your password system is terrible…I never know what my password is because your system is far far far far far far far far far too restrictive. I thing its “monkey purple wrench pool” right now. So easy to remember!

The password system is perfect and to be honest, you shouldn’t need to remember your password. Mine is stored in my GW1 jewel case, which is stored in my bookcase in my home.

I live alone and I trust my visitors. If someone breaks in my home I doubt they will do so to steal my GW2 password. If you can’t trust the people with whom you live, then I think there are more important reasons to get a locked cashbox to safe important papers in like your list of passwords.

The password system is complicated so that your account doesn’t get hacked i nthe first place. Take security serious!

mercury ranique.2170:

Skeletor.9360:

1.) I can sell 13 items in the Black Lion Trading Company then I have to “wait”….Really!? I have 5 20 slot bags and I an only clear 13 items?

It is NOT 13 items. It is also not a bug. It is intended and working as intended. It works so that bots have trouble botting the tradepost. So the mechanic is important. As usual with anti-botting mechanics, it is not discussed how it works publically (otherwise botwriters could circumstance it better). But more or less it is like this (numbers fictional cause that is the unknown part).

The time out is hit based on the time between listing items. Everytime you list something you get e.g. 5 points. Every second not selling anything a point is removed. whenever you hit e.g. 50 points, you get the error and have to wait till you drop below the 50 points again (and it is actually better to wait for a good amount of time till it resets.

The best way to circumstance this is either selling in parts, or taking more time between sales. I’m often selling while chatting. I do that inbetween and never got issues.

Skeletor.9360:

2.) Your password system is terrible…I never know what my password is because your system is far far far far far far far far far too restrictive. I thing its “monkey purple wrench pool” right now. So easy to remember!

The password system is perfect and to be honest, you shouldn’t need to remember your password. Mine is stored in my GW1 jewel case, which is stored in my bookcase in my home.

I live alone and I trust my visitors. If someone breaks in my home I doubt they will do so to steal my GW2 password. If you can’t trust the people with whom you live, then I think there are more important reasons to get a locked cashbox to safe important papers in like your list of passwords.

The password system is complicated so that your account doesn’t get hacked i nthe first place. Take security serious!

Your password is so complicated that you have to write it down and you don’t think that kind of defeats the purpose? If it has to be that complicated that it needs to be written down and almost never entered why not just give each player like 25 random numbers and letters and make them use that as a password?

Idk. Don’t you always have to write the password down somewhere. With everything on the internet needing its own unique password, there is no way I’m going to remember them all. I have a password lock box with each written down and Guild Wars 2 is no exception. I remember mine, but it’s still written down for those days I have password memory failure. So, what’s the problem?

https://forum-en.gw2archive.eu/forum/archive/bltc/Trading-Post-6-Stack-Sell-Cap/first#post809353

Developer response in regards to the trading post error.

Technical limitations. Kind of like the loading screens between zones and condition caps.

I remember most of my passwords (including my long, complicated GW1/GW2 account ones), but I also have my most important ones written down on a sheet of paper I keep in part of my desk. So, I’m not sure why requiring a long password or having to write down those passwords is a bad thing.

I have an unique password for GW2 and other for my e-mail, for the rest I have 2 standard passwords, and all of them exists only in my memory.

Also, if you forget your password you can retrieve it, so no need to have it written anywhere, so yeah, the password restriction is good enough, here where I work our password policy is way worse, we set it to have at least 12 characters, upcase and lowercase are mandatory, numbers are also mandatory, expire every 45 days, can’t contain any part of the user name (if you take my display name here my password couldn’t have ‘be’ or ‘lz’ for example) and different from the last 30 passwords.

Therodin.2970:

Your password is so complicated that you have to write it down and you don’t think that kind of defeats the purpose? If it has to be that complicated that it needs to be written down and almost never entered why not just give each player like 25 random numbers and letters and make them use that as a password?

Because there are neat methods to make long complicated passwords easy to an individual.

For example: ecrvTbSH&&GROW45896:LK (Not my real password of course)

It’s actually just a pingpong of letters staring at E, holding the SHIFT button only for T then after B, capping the middle gap with S and H while holding SHIFT, two &s followed by the word GROW in all caps, then an easy number pattern on the numpad and finally holding SHIFT again and starting at “:” and hitting L then K.

It’s complicated, but more personal than 25 random characters.

BTW, nearly all the times a hacker gets a password, it isn’t by brute force methods, it is the user that typed in computer with a keylogger, or in a Phishing site, and in those cases strong passwords won’t help at all.
And for brute force attempts, a password like this: “ThisIsAnIncredibleLongPasswordOMG1” is much harder to break than “P4$$w0rd” for example.

It doesn’t even need to be so complicated you can barely remember it. Mine is a couple of words with meaning to me. A random capitalization and a some special characters thrown in. There you have something you can remember but not something that is easy to figure out.

Even something simple like horseGrass-/12 is secure enough for this game and easy enough to remember.

Just a flesh wound.3589:

Even something simple like horseGrass-/12 is secure enough for this game and easy enough to remember.

What about: 1Quaggan!2Quaggan!3Quaggan!4Quaggan!5Quaggan!6Quaggan!

You can just use “I like apples” password and activate mobile authentication.

DarkWasp.7291:

Just a flesh wound.3589:

Even something simple like horseGrass-/12 is secure enough for this game and easy enough to remember.

What about: 1Quaggan!2Quaggan!3Quaggan!4Quaggan!5Quaggan!6Quaggan!

Show Spoiler

hide spoiler

Seriously though, that’s probably one of the worst passwords ever :P

How did you guess my password? O.o

You know what? make your password be something like:

=1; drop all tables --

This is ridiculous, if you don’t like the long passwords, then set a short one, and deal with the consecuencies.

They said a suggestion, but the decission is yours.

Skeletor.9360:

1.) I can sell 13 items in the Black Lion Trading Company then I have to “wait”….Really!? I have 5 20 slot bags and I an only clear 13 items?

2.) Your password system is terrible…I never know what my password is because your system is far far far far far far far far far too restrictive. I thing its “monkey purple wrench pool” right now. So easy to remember!

I’m glad your designers put effort into these two issues as they were game breaking before.

It’s interesting when someone complains that the password requirements are far far far far far far far far far too restrictive.

Actually, I also find the password thing annoying. My husband was so annoyed on trying to find a password his is now about 30 chars long and contains many explitives cause he was so mad by the time he finally found one that the game LET him use.

But what really got me was GW1. I had to type in a character name. My first login, I totally forgot my character name and had to email support. Booo!

On the other hand, I like to think my gold is safe from hackers. It’s a trade off.

As for the limit on BL selling, meh. It’s not the end of the world. You really don’t have to wait long to start selling again. I sell as much as I can on TP, then run to vendor to get rid of vendor trash, then back to TP. I sell often rather than saving up, or if I save it up, I’ll do my selling on an early weekend morning when I’m having my coffee. Again, I understand why the thing is there, which probably tempers my frustration somewhat.

Adngel.9786:

This is ridiculous, if you don’t like the long passwords, then set a short one, and deal with the consecuencies.

They said a suggestion, but the decission is yours.

The decision is not ours. you are not allowed to make a bad password. You can not even make the same password as any of the other players. I have two accounts and they even had to have different passwords.

Therodin.2970:

Adngel.9786:

This is ridiculous, if you don’t like the long passwords, then set a short one, and deal with the consecuencies.

They said a suggestion, but the decission is yours.

The decision is not ours. you are not allowed to make a bad password. You can not even make the same password as any of the other players. I have two accounts and they even had to have different passwords.

Now THAT sounds like a security vulnerability right there. You should NOT be alerted if the password you typed matched somebody elses.

DarkWasp.7291:

Therodin.2970:

Adngel.9786:

This is ridiculous, if you don’t like the long passwords, then set a short one, and deal with the consecuencies.

They said a suggestion, but the decission is yours.

The decision is not ours. you are not allowed to make a bad password. You can not even make the same password as any of the other players. I have two accounts and they even had to have different passwords.

Now THAT sounds like a security vulnerability right there. You should NOT be alerted if the password you typed matched somebody elses.

It’s any password that’s ever been used at any time since launch as well as all the ones that ANet has blocked because hackers tried to use them.

You can’t use a password twice. When my ipad got a bug where each time it logged me out of the forum, it made Guild Wars 2 forget my password, I had to make a brand new password once or twice a day for some time. My old passwords are unusable. (And let me tell you, it was not a fun time making new passwords every single day)

the TP timeout is to protect against bots as well as flooding the webserver with sell/buy/gem requests. its not perfect but it works.

As for password management, Keepass is the best system IMHO. Come up with a nice master password, then setup Username/Password templates in KeePass to copy/paste from between that and your Applications.

KeePass also supports SSO auto entry on application detection, with using SendKeys you can have it work with the GW2 launcher :-)

Backup the KDB file to a CDROM for a long term backup solution, and done.

KeePass and similar programs are, when running, as unsafe as having a text file lying around with all your passwords.

DarkWasp.7291:

Therodin.2970:

Adngel.9786:

This is ridiculous, if you don’t like the long passwords, then set a short one, and deal with the consecuencies.

They said a suggestion, but the decission is yours.

The decision is not ours. you are not allowed to make a bad password. You can not even make the same password as any of the other players. I have two accounts and they even had to have different passwords.

Now THAT sounds like a security vulnerability right there. You should NOT be alerted if the password you typed matched somebody elses.

Except that is not what it does. It’s any password anyone has ever used or tried to use or has been on any leaked/stolen password databases.

MegumiAzusa.2918:

KeePass and similar programs are, when running, as unsafe as having a text file lying around with all your passwords.

1. you dont save passwords in clear text
2. You use the timeout feature of keepass to ask for the master password again. 30-45seconds in between application access is more then enough to copy/paste your usernames and passwords. This is hardly a security issue.

Belzebu.3912:

You know what? make your password be something like:

=1; drop all tables --

lol, some places will love your password.

Clever, but most organisations with a decent web dev team will enforce form validation and include a web app firewall to prevent SQL commands in submit forms :p

(i remember a chap who had a number plate on his car as a SQL drop table command which wiped the ANPR database at a fuel station)

+1 for KeePass, works flawlessly but as with everything you need to ensure you’re vigilant with the password. Personally i have an intensely complex password as my master password, and a keyfile which is stored on a password protected AES256 encrypted USB stick.

I only use KeePass for passwords i don’t regularly use as luckily i can remember most of mine.

rhaize.8762:

Belzebu.3912:

You know what? make your password be something like:

=1; drop all tables --

lol, some places will love your password.

Clever, but most organisations with a decent web dev team will enforce form validation and include a web app firewall to prevent SQL commands in submit forms :p

(i remember a chap who had a number plate on his car as a SQL drop table command which wiped the ANPR database at a fuel station)

Yeah, prevent SQL injection is one of the 1st things they teach when you are learning DB programming, only really bad site/system would be affected by such a thing.

LMAO @ the plate idea.

sirsquishy.8531:

MegumiAzusa.2918:

KeePass and similar programs are, when running, as unsafe as having a text file lying around with all your passwords.

1. you dont save passwords in clear text
2. You use the timeout feature of keepass to ask for the master password again. 30-45seconds in between application access is more then enough to copy/paste your usernames and passwords. This is hardly a security issue.

If someone has access to your hdd it’s not hard to access memory, or keypresses.
Tbh if you have to worry about encoding stuff on your hdd it’s already too late.

Use a phrase or sentence, and the first initial of each word. Consistently substitute a number for a letter and capitalize another one.. You get nice, random strings of characters that arent’ difficult to remember. Use the first or last line of your favorite book, then you can just reach over to the shelf and open in if you have problems remembering.

Hfaaa3uf1u11ow – Anna Karenina
1ah1tgtlaH – The Hobbit
1wabcd1Aatcwst – 1984

TheRandomGuy.7246:

You can just use “I like apples” password and activate mobile authentication.

Tybalt? Is that you?