Guild Wars 2

As I see in these forums, a LOT of people have had their accounts hacked lately and have a mobile authenticator put on without them knowing about it plus a lot of their stuff missing and characters deleted

My suggestion is this:
- Put a pin code request in game for accessing the account bank and
- Put a pin code request in the character selection screen for playing a character. Make the pin code character based even if you are allowed to set the same pin code for all characters
- Put a pin code request in the character selection screen for deleting a character after writing the character’s name.

These pin codes should be mouse clicked when set up and have like 5 to 8 digits

If a hacker gets your password and access your game, he will need to get your pin codes to actually get into the game with your characters. Also the hacker would need to know the pin codes to delete your character.
If by chance he can get one pin code from you, he will still need to find a pin code for the bank

To make it less hassle for the honest players, the first time they access the bank in one gaming session. they can get the option to not use the pin code again until they log out.

This system exists already in many F2P MMOs so I don’t see why not use it for GW2 too where the users actually paid for the game not like in F2P ones

No. Absolutely no. Why should we all have to suffer through additional security inputs because a few players can’t secure their own PCs? Players get hacked because they aren’t careful of which naughty websites they visit, or because their passwords are too easy to decipher.

Smooth Penguin.5294:

No. Absolutely no. Why should we all have to suffer through additional security inputs because a few players can’t secure their own PCs? Players get hacked because they aren’t careful of which naughty websites they visit, or because their passwords are too easy to decipher.

If you read forum, people with 20+ character passwords were hacked. Including myself.
The amount of hacks lately are not due to infected PCs or easy passwords, but with vulnerable databases.

if you think this is is hassle, you can have the option to have or not the pin codes. like the mobile authenticator.
by the way, have you read how many had this authenticator put on their account by the hacker? Did we the players ask for it? no, so we still got and have to suffer from it

Way overkill and over-cumbersome for regular use. Your credentials ARE your to access the account. If they really wanted to stop the latest (from my view) largest compromise vector they should start verifying users that ask for password changes rather than just change them with 4 word email from the users email address. I get that a compromised email account is NOT Anet’s security problem, but I would hope that being complicit in a hack (be an integral PART of the account compromise process) would rub Anet the wrong way and make them reconsider their current policy of changing passwords and enabling mobile authenticators via a simple email request.

Just my 2 cents.

EDIT: If by vulnerable DBs you mean another DB using the same 20 character password then the fault lies with the other DB security and you for using the same password. If you are implying ANet’s DB, you are flat out wrong. If the Anet DB were compromised there would be tens of thousands of hacked accounts, not a couple of dozen. My guess is your email was compromised and you either do not realize it yet (i.e. it’s STILL compromised and the hacker is lurking in there waiting for some info to compromise something of actual RL value) or are just trying to blame someone else. Per the above, I DO think Anet could do something to halt the GW2 account accesses due to compromised email accounts, but they honestly are not obliged to do so (and are certainly not at fault).

Ronah.2869:

Smooth Penguin.5294:

No. Absolutely no. Why should we all have to suffer through additional security inputs because a few players can’t secure their own PCs? Players get hacked because they aren’t careful of which naughty websites they visit, or because their passwords are too easy to decipher.

If you read forum, people with 20+ character passwords were hacked. Including myself.
The amount of hacks lately are not due to infected PCs or easy passwords, but with vulnerable databases.

if you think this is is hassle, you can have the option to have or not the pin codes. like the mobile authenticator.
by the way, have you read how many had this authenticator put on their account by the hacker? Did we the players ask for it? no, so we still got and have to suffer from it

No. That’s not Anet’s problem. You got hacked because of your own personal security flaws.

I’m sorry you lost everything. Thankfully there’s Account Restoration services that you can ask for… if you qualify.

Ronah.2869:

Smooth Penguin.5294:

No. Absolutely no. Why should we all have to suffer through additional security inputs because a few players can’t secure their own PCs? Players get hacked because they aren’t careful of which naughty websites they visit, or because their passwords are too easy to decipher.

If you read forum, people with 20+ character passwords were hacked. Including myself.
The amount of hacks lately are not due to infected PCs or easy passwords, but with vulnerable databases.

A person can have an infinitely long and complex password, but if they use it for too many different accounts, it becomes very easy to get a hold of.