Guild Wars 2

My password is EPIC.

I created it solely for this game and I have never used it for anything else.

It is a full (but non-grammatical) sentence, around 10 uncommon words, with intentional misspellings, capital letters, punctuation, etc.

There is virtually no possible way I could conceive of a better, more secure password than this one.

So by forcing me to change my password, you guys are compromising my account security.

Thanks, Obama!

ETA: I do respect and acknowledge the need for greater game-wide account security. But I’m not part of that problem.

I was wondering about that new post. It is the exact same thing as was posted a year or so ago. It is just a re-hash for new players, or are we forced to change our passwords, yet again?

Can I ask what post you two are referring to, please?

This one:

https://forum-en.gw2archive.eu/forum/support/account/Account-Security-What-you-need-to-know/first#post3884144

As Inculpatus said, it’s basically what they posted a year ago. But it has an edit time of today, and the GW2 Facebook page recently posted something directing us to it.

Yeah, I read it as he was putting it up. Each time I refreshed the page there was more to it. I tried to ask in the thread, but just as I hit ‘reply’, he locked it.

Thank you very much. I thought there had already been a thread about account security in the stickies for quite a while so did not check it in my search for the post that was being discussed. It basically being a repost that may include some updated information explains it. Thank you again.

If they are truly forcing you to change your password, and this is the first time I’ve heard of it, just tack on a 1 to your old EPIC password. Easy to remember and your account security isn’t compromised.

Astral Projections.7320:

If they are truly forcing you to change your password, and this is the first time I’ve heard of it, just tack on a 1 to your old EPIC password. Easy to remember and your account security isn’t compromised.

:headdesk:

I work in information security… a post like this tells me I have utterly failed at it.

One key idea that you should have gotten from the sticky post is that there is no such thing as a “secure” password.

The way to look at security is in a holistic manner. In addition to passwords, look at the patterns that many people use to “change” their passwords – by adding 1, and then 2, and then 3 onto a password that is thought to be “good” and don’t let people fall into that trap. Don’t just assume Anet’s database being secure is enough, work on securing your own system. Don’t depend on single authentication (“something you know” aka a password) but also implement two factor authentication (add in “something you have” like a smartphone or key fob).

To the first OP, sure, your password might be theoretically unbreakable. It may not be prone to bruteforcing even if Anet’s database is breached. Yes, changing your password can be annoying. But this isn’t just about you. It is also about the other million Anet customers. And if large numbers of those other customers are compromised, it is also bad for you – the secondary effects that will be a disrupted game experience.

Tamasan.6457:

Astral Projections.7320:

If they are truly forcing you to change your password, and this is the first time I’ve heard of it, just tack on a 1 to your old EPIC password. Easy to remember and your account security isn’t compromised.

:headdesk:

Snip

Yes, and being snarky to people trying to help others gets your point across so much better.

http://sourceforge.net/projects/keepass/

https://lastpass.com/

Use a variation of your fancy password as a master pass, along with a key file. Back up both regularly. Now you can change your GW2 password as often as you want without having to remember it.