On the Mandatory Password Change

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: Tricks.2430

Tricks.2430

Ok so lets get this straight, I have Gmail with 2 step authentication turned on, I also have the mobile authenticator turned on for GW2, this makes “hacking” my account virtually impossible, unless my phone’s stolen.

Yet I’m going to have to create another long strong unique password..

Can you please tell me this will be the only time I have to do so?

Because I don’t see the point in having all the extra protection if you don’t feel my password is safe.

www.desospeak.com / Desolations Community Teamspeak

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: Darkobra.6439

Darkobra.6439

Change a number or letter or two in your password if it really is as strong as you believe. That way it’s still just as strong and it’s brand new. Sorted.

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: Peskie.6835

Peskie.6835

Changing a number or letter is irrelevant and is exactly what a hack script would do.

What does compromise password security as well is also forcing people to change their password (usually on a regular basis) as they inevitably end up using a password that is easy to guess/compromise as a result.

Another way to compromise passwords is to be made to use the same account for the game as well as the games official forums.

Not all those who wander are lost.

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: toafarmer.8401

toafarmer.8401

so, we will have a mandatory password change in february. is this because you had your database hacked or because you didnt have enough tools to guarantee the safety of our passwords?

i change my password whenever i feel it is necessary and i keep it safe. a mandatory password change is both annoying and worrisome. since it is everything safe on my side, this makes believe we might have major security problems on anet’s side.

can we have some oficial info about this topic? or lets just delete this post, infract me and send ninjas to my house?

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: toafarmer.8401

toafarmer.8401

that makes me strongly suspect anet might have had their databased accessed. this is both annoying and worrisome.

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: Wraeththix.1429

Wraeththix.1429

I’m looking forward to the people who just start trying passwords to brute-force ban all combinations.

The one thing I like about Anet and security is they’re astoundingly consistent. Present them with a problem, and they will come up with the worst possible solution. All this does is cause people to change ‘password1’ to ‘password2’. I’m not sure if this is worse than GW1’s “require a character name” change, but it’s pretty well up there.

We already have an ISA method for account security. 2-factor auth with password and rolling key code. It works plenty fine. You’ve even stickied it above.

Forcing password changes has never been shown to increase security. In fact, in most cases it’s been proven to degrade security, because it causes people to write it down and leave it in a position that’s easily compromised. Studies on SOX requirements have already proven this. Then again, this is coming from a company that had max-password length tagged at 14 characters for close to 8 years.

People’s accounts that get compromised get compromised for other reasons. All you’re doing is causing grief by changing the terms to try to protect people from their own poor choices.

(edited by Wraeththix.1429)

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: Knighthonor.4061

Knighthonor.4061

that makes me strongly suspect anet might have had their databased accessed. this is both annoying and worrisome.

Didnt Blizzard get hacked a few months ago? this could lead to people’s GW2 account info getting out.

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: toafarmer.8401

toafarmer.8401

that makes me strongly suspect anet might have had their databased accessed. this is both annoying and worrisome.

Didnt Blizzard get hacked a few months ago? this could lead to people’s GW2 account info getting out.

why? anet has their database on blizzard’s servers?

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: Wraeththix.1429

Wraeththix.1429

why? anet has their database on blizzard’s servers?

People have a tendency to use the same password for multiple sources. In fact, many people just use a variation of one password for basically everything. Password1, password 11, etc.

Usually if you know the password requirements and one of the user’s current passwords you can come up with the correct password in maybe 10 tries.

That’s where a lot of compromised accounts come from. People that have a guild forum, or curse or something like that, that use the same credentials on there that they do for the game.

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: Airala.8629

Airala.8629

that makes me strongly suspect anet might have had their databased accessed. this is both annoying and worrisome.

Then you haven’t been paying attention.

ANet began tracking the passwords being attempted during unauthorized account access attempts some months back after Blizzard’s database was compromised. From this, they’ve built a database of passwords they know are compromised and/or being tried by those who want to access someone else’s account.

This password change is forcing people to choose passwords that do NOT show up in the database of potentially compromised passwords that they’ve amassed.

Incidentally, in regards to other comments, this also means that if the individual seeking to compromise accounts is using software that varies the password by a character or a few characters, (password1, password2, etc.), the database will reject an attempt by a rightful owner to change their password in such an easily compromised manner.

Will this completely stop accounts from being compromised? Unlikely – people continue to be amazingly stupid about their choices when it comes to account security, and there will inevitably be someone who changes their password here… and promptly goes to every forum & game & social networking site they use and change all those passwords to the new one they selected for here. But that’s on them. They’ve chosen to essentially stick a big flashing neon sign out there that says “HERE’S MY PASSWORD!!!”

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: bloosh.6397

bloosh.6397

Changing it slightly sounds nice, but every time you change it the previous password is added to your blocks so over time if they continue forcing password changes it will become a huge pain. For me its an issue with freedom. I don’t want to support companies that force these types of things on me. I have never been hacked or protected by one of these systems in the 12 years I’ve been playing online games so I would say I know what I am doing. I guess I will not be playing this game anymore.

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: MuffinOrama.7531

MuffinOrama.7531

Changing it slightly sounds nice, but every time you change it the previous password is added to your blocks so over time if they continue forcing password changes it will become a huge pain. For me its an issue with freedom. I don’t want to support companies that force these types of things on me. I have never been hacked or protected by one of these systems in the 12 years I’ve been playing online games so I would say I know what I am doing. I guess I will not be playing this game anymore.

Let me get this straight:

You’re going to quit a game you love…
Because you are being ‘forced’ to change your password…
Which will literally take two seconds.

This isn’t an issue of freedom or anything, the entitled consumer argument only goes so far. I know that you’re probably just being a drama-queen but seriously, nobody would stop doing something they enjoy because (HEAVENS FORBID!) they must protect their account.

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: vespers.1759

vespers.1759

… i already have to jump through hoops for the email verification and now this? are you kittening kidding me?

i’d rather take my chances on being hacked than have to deal with this. it’s like doing up your seatbelt on an airplane. it does nothing.

Bristleback can’t hit anything? Let’s fix the HP bug instead.

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: Tamaki Revolution.3548

Tamaki Revolution.3548

I like how the gestapos at anet think they can determine how I can play. Did I want to change my password?! No. This goes against their Manifesto, I want to play in the way that I deem fit.

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: Airala.8629

Airala.8629

… i already have to jump through hoops for the email verification and now this? are you kittening kidding me?

i’d rather take my chances on being hacked than have to deal with this. it’s like doing up your seatbelt on an airplane. it does nothing.

It may not save you if the plane goes down, but you’re sure going to be glad it’s hooked properly if the plane hits severe turbulence and it saves you (or your child) from being thrown about the cabin.

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: wauwi.9162

wauwi.9162

http://howsecureismypassword.net/

let’s find out…
it would take 6 billion years for my GW2 account, 377 billion years for my e-mail and 345 quintillion years for my steam account for the brute force method of an average PC to hack me.
septillions can be easely achieved when adding symbols.

i should be safe for a while (yeah i know, that site’s isn’t that accurate about that)
btw…i didn’t got forced or suggested to change my password yet.

i assume, that a-net’s blacklist is created mostly by all the failed log-in attempts using popular phrases and names.

[EU/GER]Elona’s Reach: Aerrith: Lv80 Ranger / Sephirra: Lv80 Mesmer
“Only the finest of potatoes in my zerkburgers.”

(edited by wauwi.9162)

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: Retrospek.4583

Retrospek.4583

Changing passwords every now and then is not more secure, and I really wished that so called “experts” would learn it’s bogus. If your password is secure, changing it often only leads most people to writing their passwords down in an area that is insecure (like sticky notes on a computer that anyone can see).

Plain and simple, forcing people to change their passwords is a foolish idea. I have NEVER had an account hacked because someone brute force (or even guessed) my password.

Passwords are generally not hacked, they are stolen by either finding sticky notes, giving the password out to “trusted friends”, or by a password stealing virus.

Guess what? None of those above situations can be remedied by forcing someone to change their passwords. Sticky notes are still there, “trusted friends” will still be trusted, and a password stealing virus (such as a keylogger) will still be on the persons machine stealing their passwords.

/facepalm

(edited by Retrospek.4583)

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: Seera.5916

Seera.5916

You only have to change it if you made this password BEFORE they first announced the password blacklisting.

I’d imagine we’ll only be forced to change passwords again if another major MMO or MMO community database gets their password database hacked. I doubt it’s anything they’ll do regularly.

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: Wraeththix.1429

Wraeththix.1429

It may not save you if the plane goes down, but you’re sure going to be glad it’s hooked properly if the plane hits severe turbulence and it saves you (or your child) from being thrown about the cabin.

Both are terrible analogies. A password is 100% secure, up until it’s not. A changed password is exactly as secure as the previous password. If the first password is compromised, there’s just an good chance that the new password will also be compromised. All mandatory changes, combined with unusual password requirements (which anet has NOT done) actually do, is force people to generate new passwords that they haven’t previously used; thereby decreasing the chance it’s been compromised through a non-controlled but meta linked source. Since they haven’t varied the requirements, they’re not even getting that right.

So, as the guy was saying, he hasn’t been compromised in the past. His password rules are probably working.

A seatbelt is a physical restraint. Not buckling it would be similar to not having a password at all. We can visually inspect physical restraints to (generally) see if they’re compromised in some way. It’s difficult to know if your password has been compromised, which is why a physical key (like a rolling code) works better.

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: vespers.1759

vespers.1759

… i already have to jump through hoops for the email verification and now this? are you kittening kidding me?

i’d rather take my chances on being hacked than have to deal with this. it’s like doing up your seatbelt on an airplane. it does nothing.

It may not save you if the plane goes down, but you’re sure going to be glad it’s hooked properly if the plane hits severe turbulence and it saves you (or your child) from being thrown about the cabin.

my password is not going to be half hacked. it will either be taken completely or not at all just like a plane will either fly or crash, in which case my seatbelt will not save me anyway.

Bristleback can’t hit anything? Let’s fix the HP bug instead.

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: Leablo.2651

Leablo.2651

http://howsecureismypassword.net/

let’s find out…
it would take 6 billion years for my GW2 account, 377 billion years for my e-mail and 345 quintillion years for my steam account for the brute force method of an average PC to hack me.
septillions can be easely achieved when adding symbols.

i should be safe for a while
btw…i didn’t got forced or suggested to change my password yet.

Except that you just gave your password to some random website. Seriously?

Security isn’t a thing, it’s a process. Doesn’t matter how strong your password is if you don’t know how to protect it.

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: bloosh.6397

bloosh.6397

Changing it slightly sounds nice, but every time you change it the previous password is added to your blocks so over time if they continue forcing password changes it will become a huge pain. For me its an issue with freedom. I don’t want to support companies that force these types of things on me. I have never been hacked or protected by one of these systems in the 12 years I’ve been playing online games so I would say I know what I am doing. I guess I will not be playing this game anymore.

Let me get this straight:

You’re going to quit a game you love…
Because you are being ‘forced’ to change your password…
Which will literally take two seconds.

This isn’t an issue of freedom or anything, the entitled consumer argument only goes so far. I know that you’re probably just being a drama-queen but seriously, nobody would stop doing something they enjoy because (HEAVENS FORBID!) they must protect their account.

I can live with changing my password. I had to put up with that from blizzard always detecting the school network as someone hacking me and I have to change a password every time (After two weeks of this I just decided to quit for a couple months until they fixed their crap so yes people actually do quit games they enjoy when the developers kitten them off). My issue is with how they made it so every time I change my password it gets added to a blacklist. I wasted 5 or so variations of my current password just testing it out. Its more like the lunch ladies in some elementary school a while back that forced a kid to eat school lunch instead of her lunch she brought because they thought it wasn’t healthy enough when in reality it was probably healthier then the schools anyway.

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: ShadowGryphon.6257

ShadowGryphon.6257

What is truly idiotic about this is the numerous reams of research data that has proven that mandatory password changes are LESS secure given the fact that it forces people to write them down and keep them in unsecure places.
Bravo Anet, you’re dropping the ball.
No….
You’re not dropping the ball, as that implies making a mistake…
You’re spiking the ball and you’re doing so at the expense of the players.

If someone is talking behind your back… Fart.
North Alabama Guild Wars Players
http://tinyurl.com/y9hj2h4b

(edited by ShadowGryphon.6257)

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: Dante.1508

Dante.1508

Also makes me think Anets been compromised, bit of a worry..

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: Malediktus.9250

Malediktus.9250

Learn to use and enjoy http://keepass.info
Its really helpful…

1st person worldwide to reach 35,000 achievement points.

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: wauwi.9162

wauwi.9162

http://howsecureismypassword.net/

let’s find out…
it would take 6 billion years for my GW2 account, 377 billion years for my e-mail and 345 quintillion years for my steam account for the brute force method of an average PC to hack me.
septillions can be easely achieved when adding symbols.

i should be safe for a while
btw…i didn’t got forced or suggested to change my password yet.

Except that you just gave your password to some random website. Seriously?

Security isn’t a thing, it’s a process. Doesn’t matter how strong your password is if you don’t know how to protect it.

what are the odds that they’ll find out which services and usernames those passwords do belong to if they WOULD save it?
not to mention that you don’t have to press “enter” when punching in any letters there…

btw…why do people write down passwords in the first place?
if i ever have to choose and remember a REALLY lengthy password, like my routers one (63 randomly mashed keys), i photoshop a randomly chosen *.mp3 file stored at any portable media device (USB stick, mp3-player, phone).

[EU/GER]Elona’s Reach: Aerrith: Lv80 Ranger / Sephirra: Lv80 Mesmer
“Only the finest of potatoes in my zerkburgers.”

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: fractalKinesis.8569

fractalKinesis.8569

If this only happens like once a year, it might not be too annoying. But having to get rid of my good, secure password in favor of another that I must now memorize, likely every month or two knowing this silly game, it going to really get the hell on my nerves.

Xiro, High Five Warriors [HFW], Jade Quarry

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: wauwi.9162

wauwi.9162

keep in mind, that the rule of thumb about internet and password security is, the more it annoys you, the stronger the security is.

but it still should be an option, not mandatory…of course after a flashy red warning screen, which tells you about the risks of lower security.

[EU/GER]Elona’s Reach: Aerrith: Lv80 Ranger / Sephirra: Lv80 Mesmer
“Only the finest of potatoes in my zerkburgers.”

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: MistyMountains.3751

MistyMountains.3751

so, we will have a mandatory password change in february. is this because you had your database hacked or because you didnt have enough tools to guarantee the safety of our passwords?

i change my password whenever i feel it is necessary and i keep it safe. a mandatory password change is both annoying and worrisome. since it is everything safe on my side, this makes believe we might have major security problems on anet’s side.

can we have some oficial info about this topic? or lets just delete this post, infract me and send ninjas to my house?

Glad I’m not the only one who assumed Anet had their database hacked “again” (believe they did so as well around last December hence why we had so many account hacks then, and failed to mention it.) =/

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: Seera.5916

Seera.5916

I’ll repeat it again:

NOTHING has been said that it’s going to be regular password changes. This is the forced password change they mentioned way back in September last year.

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: Visiroth.5914

Visiroth.5914

You only have to change it if you made this password BEFORE they first announced the password blacklisting.

I’d imagine we’ll only be forced to change passwords again if another major MMO or MMO community database gets their password database hacked. I doubt it’s anything they’ll do regularly.

What makes absolutely no sense is they are requiring everyone to change their passwords, regardless of whether or not those passwords are on the blacklist. If my password is not on the blist then it’s secure…I don’t want to come up with yet another unique password, this one is already original.

Regarding brute forcing, I’ve always thought those “time to crack” durations are bogus when dealing with online services that handle authentication. Last I checked you can’t attempt a log-in for GW2 thousands or hundreds of times a second. I’d assume after X failed tries the system would also lock you out.

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: wildcode.5403

wildcode.5403

I believe ANet get their password blacklist form the same places the hackers do. This is why they keep telling us to make a password unique to GW2.

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: Farron.4071

Farron.4071

My password is 29 characters long with multiple capitols and numbers. why am I forced to change my password when nothing is wrong with it.

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: Seera.5916

Seera.5916

You only have to change it if you made this password BEFORE they first announced the password blacklisting.

I’d imagine we’ll only be forced to change passwords again if another major MMO or MMO community database gets their password database hacked. I doubt it’s anything they’ll do regularly.

What makes absolutely no sense is they are requiring everyone to change their passwords, regardless of whether or not those passwords are on the blacklist. If my password is not on the blist then it’s secure…I don’t want to come up with yet another unique password, this one is already original.

Regarding brute forcing, I’ve always thought those “time to crack” durations are bogus when dealing with online services that handle authentication. Last I checked you can’t attempt a log-in for GW2 thousands or hundreds of times a second. I’d assume after X failed tries the system would also lock you out.

And how is ANet supposed to know yours isn’t one of them? I’d imagine they’re trying username and passwords, one by one, with some variations on passwords until they run into the lock out. If they hit the lock out, move on to the next one in the list.

Yes, it stinks that they feel this is the best course of action. But I don’t blame them for doing it. Reduces number of tickets they’ll receive due to the hacked database causing stolen accounts. Which means CS can spend more time on more important matters.

And well there is this saying: one bad apple spoils the bunch. The bad apple here being the person who uses the same username and password combination.

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: TexZero.7910

TexZero.7910

Not a fan of mandatory changes.
It’s the lazy way of administration.

But whatever, ill change my password, not because its mandatory but because its good practice.

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: Xauhes.9634

Xauhes.9634

http://howsecureismypassword.net/

mine is 90 quadrillion years lol…

funny website

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: Max Lexandre.6279

Max Lexandre.6279

I hate to change my passwords, If this happens I will invent one and after, change it back to the old one.

UNLESS there is any security issue for we are getting forced to change the password.

I’m The Best in Everything.
Asura thing.

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: Kaiarra.7641

Kaiarra.7641

I fail to see why a forced password change is required on top of the already irritating ‘new IP wait 10 minutes for an email to log in’ thing I already had to put up with.

Suggesting we change it is one thing, but forcing us to do it? Seriously? Makes me wonder if I can even be bothered or I just won’t change it and not bother to log in anymore.

Weird how such a small and meaningless demand can be so infuriating.

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: Tera GX.8149

Tera GX.8149

This is frustrating. I came up with a very nice algorithm to make sure my password was 100% UNIQUE (exclusive to GW2) and the algorithm is also the means to remember it. Because of this, I’m going to have to come up with a new algorithm. Merely slapping on one new character would be more difficult to remember than sticking to the method I setup…

Unless Anet were to say this is because they were in fact breached, I find this very unreasonable.

Tera Xenphos of Fort Aspenwood (guildless, deliberately)

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: UnderdogSMO.9428

UnderdogSMO.9428

I thought that this was only effecting the players with confirmed compromised passwords that hackers are atemting to use that have to do this?

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: Andile.2963

Andile.2963

This thread is pure lolcat bait.

I has ur passwerdz?

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: Kaiarra.7641

Kaiarra.7641

I thought that this was only effecting the players with confirmed compromised passwords that hackers are atemting to use that have to do this?

Reads to me that if you made you account before Sept 12th and you’ve ignored the ‘change your password plx’ message on the launcher, then you will be forced to change it if you want to continue playing.

The blacklisted passwords seem only relevant via the fact you may not choose one when forced to pick your new password.

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: Visiroth.5914

Visiroth.5914

And how is ANet supposed to know yours isn’t one of them? I’d imagine they’re trying username and passwords, one by one, with some variations on passwords until they run into the lock out. If they hit the lock out, move on to the next one in the list.

Yes, it stinks that they feel this is the best course of action. But I don’t blame them for doing it. Reduces number of tickets they’ll receive due to the hacked database causing stolen accounts. Which means CS can spend more time on more important matters.

First of all, I thought the problem was originally that there was a list of usernames + passwords that was floating around from compromised sites. It should be trivial to flag accounts based on this.

Secondly, they could compare our hashed passwords in their databases with the hashes of the blacklist passwords? Considering that this is from September such a comparison program would have finished long before now. Forcing us all to change passwords 4 months later isn’t the best way to protect our security or lighten CS’s workload. If that was their goal, they should have done it in October, or even September.

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: Morrigan.2809

Morrigan.2809

I’ll repeat it again:

NOTHING has been said that it’s going to be regular password changes. This is the forced password change they mentioned way back in September last year.

This- if you changed your password after September back when you got the suggestion prompt you are fine- if you didn’t, you change it now.
This is exactly what they said they were going to do back then already.

Gunnar’s Hold

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: Svetli.4276

Svetli.4276

don’t buy gold and you will not gona be hacked

“What you wish for may not be what she wishes for.” – Skull Knight

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: kokiman.2364

kokiman.2364

I get it A.Net hates casualplayers. I myself am a casualplayer and I am not a minority anymore! You have to listen to us casualplayers because we payed money for the game and we are entitled, yes ENTITLED, to play the game the way we want. I don’t have time all they long remembering complicated passwords like some unemployed nerd that plays games 24/7. I still want to use passwords like test123 or thisismysecretpassword. YOU HEAR ME A.NET?

GuildWars 2

Currently playing Heart of Thorns.

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: Tom Gore.4035

Tom Gore.4035

or lets just delete this post, infract me and send ninjas to my house?

This is the most probable result. Especially the ninjas part.

One – Piken Square

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: Lafiel.9372

Lafiel.9372

that makes me strongly suspect anet might have had their databased accessed. this is both annoying and worrisome.

In that case they would have made everyone change their passwords and not just people since september. Also, I think it’s by law they have to tell customers if their database has been breached?

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: Broom.2561

Broom.2561

I’ve worked in IT since 1994, I know what a good password is (and why it’s a BAD idea to use e-mail adresses for user names incidentally… giving away half the information required to hack an account pretty much for free).

My password is already strong. Changing it isn’t going to make it MORE secure. It’s a friggin long string of random characters already. So I consider the mandatory change to be a big pain in the behind.

On the other hand, 2 guildmates were confirmed as hacked. A third might be (toon seen on line, but not responding to guildmates). So I guess it may be better if we bear with it.

Also… dear male players: chosing words referring to the female anatomy for passwords.. or car brands, or alcohol brands… is not smart. They’re ALL in the top 100 of most used (and most hacked) passwords. =p

On the Mandatory Password Change

in Guild Wars 2 Discussion

Posted by: damny.9342

damny.9342

Not a fan of mandatory changes.
It’s the lazy way of administration.

Mandatory changes every few weeks/months = lazy/bad idea anyway.

Mandatory changes when they have a list of weak passwords plus a list of accounts that weren’t protected by a security feature introduced after the game launched, as in this case = good idea.