got hacked need advice
Lol looks like Ur hacker was drunk and power leveled you
You account prolly was used as a farming bot
I guess you have a support ticket for recovering access to your account. I would file a supportticket referring to the first ticketnumber (if you dont have it, explain how you recovered your account) and ask them if it is possible to restore your account.
I know they have a restore system in place, just don’t know if it is also for lvl progress.
Arise, ye farmers of all nations
Arise, opressed of Tyria!
Arise, opressed of Tyria!
Just wonder… How people can hack account with the “new place confirmation by mail” or the authenticator? Does it mean the hacker hacked your IP too? (The place we start the game is by IP, right?)
Just wonder… How people can hack account with the “new place confirmation by mail” or the authenticator? Does it mean the hacker hacked your IP too? (The place we start the game is by IP, right?)
It means that most likely, the hacker gained access to an e-mail account, so he could intercept a verification message. The authenticator, I’m not sure about.
On the topic of passwords, though:
I did a security test with a friend not long ago; within ten minutes, I’d accessed her three e-mail accounts, her Twitter and Facebook accounts, four MMO forum accounts (yikes!), and two chatrooms that she regularly visited.
They were all set with the same password — which I got from the first e-mail account I tried to access just by clicking on the ‘Forgot Password’ link and guessing her secret question.
Change your passwords, folks. Security is only effective if you take the threat seriously.
Best advice you can get is… change your email password, avoid secret questions or play them with fake answers, and if possible use authenticators. Use different passwords for your email and for Guild Wars 2.
On the topic of passwords, though:
I did a security test with a friend not long ago; within ten minutes, I’d accessed her three e-mail accounts, her Twitter and Facebook accounts, four MMO forum accounts (yikes!), and two chatrooms that she regularly visited.
They were all set with the same password — which I got from the first e-mail account I tried to access just by clicking on the ‘Forgot Password’ link and guessing her secret question.
What email service was this? So I can recommend my friends to stay clear of it.
Any good service does not store your password. They store a hash which was created by running your password through an encryption algorithm. You type in your password, they run it through the same algorithm, and if the result matches the hash then you must’ve typed the correct password. That way even if someone hacks the server and gets a copy of all the hashes, they still don’t know what the passwords were.*
So if you click the “forgot password” link and guess the secret question, all you should be able to do is set a new password. It’s impossible for a good service to show you the old password because they don’t know it. Only the truly bad services store your actual password.
Using a single password for everything is still a bad idea though. Many of the recent online gaming hacks stem from people using the same password. Anet can have the best security in the world, but it’s useless if you’re using the same username and password on a different site that has no security. Or if you click a link in a phishing email and enter your login and password thinking it’s no big deal because it’s for some junk forum you once signed up for but never visit. Forgetting that it’s the same username and password you use for your banking.
If you tend to use a single password, I’d suggest using a password manager like KeePass.
(* There are tricks to get around this too, and tricks to counter those tricks. But that discussion falls outside the scope of this topic and forum.)
On the topic of passwords, though:
I did a security test with a friend not long ago; within ten minutes, I’d accessed her three e-mail accounts, her Twitter and Facebook accounts, four MMO forum accounts (yikes!), and two chatrooms that she regularly visited.
They were all set with the same password — which I got from the first e-mail account I tried to access just by clicking on the ‘Forgot Password’ link and guessing her secret question.
What email service was this? So I can recommend my friends to stay clear of it.
Any good service does not store your password. They store a hash which was created by running your password through an encryption algorithm. You type in your password, they run it through the same algorithm, and if the result matches the hash then you must’ve typed the correct password. That way even if someone hacks the server and gets a copy of all the hashes, they still don’t know what the passwords were.*
So if you click the “forgot password” link and guess the secret question, all you should be able to do is set a new password. It’s impossible for a good service to show you the old password because they don’t know it. Only the truly bad services store your actual password.
Using a single password for everything is still a bad idea though. Many of the recent online gaming hacks stem from people using the same password. Anet can have the best security in the world, but it’s useless if you’re using the same username and password on a different site that has no security. Or if you click a link in a phishing email and enter your login and password thinking it’s no big deal because it’s for some junk forum you once signed up for but never visit. Forgetting that it’s the same username and password you use for your banking.
If you tend to use a single password, I’d suggest using a password manager like KeePass.
(* There are tricks to get around this too, and tricks to counter those tricks. But that discussion falls outside the scope of this topic and forum.)
I should elaborate — the first account I accessed used a ‘view password hint’ method rather than a ‘reset password’; her password hint was relatively obscure, but anyone who could get her talking in the right direction would know what it meant in a few minutes (strike one).
From there, I moved to her primary e-mail, which allowed her to either reset her password (by way of the Secret Question) or have it mailed to her at an alternate address — which turned out to be the e-mail I already had access to (strike two).
After that, it was either all the same password, or she’d used the answer to her Secret Question as her password (strike three — yeeeer OUT!).