Sometimes I like to browse into the forum when I can’t access my computer with gw2.
I don’t want my game password be at risk because I wanted to talk all over the forums.
Please keep these two separate.
Note: If you are against this suggestion:
Don’t tell me alternatives.
Don’t victim blame.
None of this will help the problem at all. Instead:
Directly say the consequence of this suggestion. Such as, making two separate passwords will make me remember two passwords, and it causes headaches to me. Therefore, I have to waste $10,000 on headache medicines.
How is it a risk to have the same password? Doesn’t ANet control this forum also? Considering it’s tied to their support and the blogs they post on, I would think it would be very secure.
Long Explanation: If you type your password in a public place like a internet cafe or the library, someone will have your password. Then they can hack into your account and steal it.
You can browse the forums without logging in, thats what I tend to do. Since you can do such things as change your password through the website, it wouldn’t be secure anyway.
I’m not sure if the combined password is Anet’s choice.
I used to play City of Heroes, and at one point NCSoft decided it was more secure to combine the passwords, for some reason. Then, to make sure it didn’t cause security issues, messed with the ability to remain logged in. yeah.
Anyway, if you want more security, I recommend switching to the mobile authenticator. If you don’t like the Google Auth program, there are several other apps that can do the same thing off the info for setup. For example, Authy for iOS.
You can browse the forums without logging in, thats what I tend to do. Since you can do such things as change your password through the website, it wouldn’t be secure anyway.
Sometimes, I go to the login screen when I am browsing. So no, this doesn’t work.
Why should you be more lackadaisical about your forum account’s security than your game account’s security? If one is important to you, then why not the other?
Nothing stops you from perusing the forums without the need to log in. Again, I’m sure the Devs will consider your suggestion, although I’m not sure this is the proper sub-forum, as previously suggestions were usually directed to a different sub-forum. /shrug
Thus the OP should NOT log in from a public computer he does not trust.
This is not an issue of GW2 security but of that public computer.
Anet has linked the forum with the in-game account by design and the OPs desire to access the forum from an potentially compromised computer is not a legit reason to change it.
We go out in the world and take our chances
Fate is just the weight of circumstances
That’s the way that lady luck dances
So, if I understand you correctly OP, you’re saying if you use someone else’s open to all and unsecured internet and you put sensitive information in it someone else might get your information.
Well, yah. That could happen. The answer might be to be careful when using other people’s open internet.
Why should you be more lackadaisical about your forum account’s security than your game account’s security? If one is important to you, then why not the other?
Nothing stops you from perusing the forums without the need to log in. Again, I’m sure the Devs will consider your suggestion, although I’m not sure this is the proper sub-forum, as previously suggestions were usually directed to a different sub-forum. /shrug
The only thing I compromise in my forum account is my ability to post on the forums. I can always go to support and ask for my forum account back if the password changes without me knowing.
On my game account, I compromise all my gems, all my items, all my progress, all my characters. Years of hard work all given to hackers. ANet will not re-roll it if I get hacked twice or more.
So, if I understand you correctly OP, you’re saying if you use someone else’s open to all and unsecured internet and you put sensitive information in it someone else might get your information.
Well, yah. That could happen. The answer might be to be careful when using other people’s open internet.
Which is also why, having separate passwords for forums and game account is needed.
Possibly it’s done this way so that only people with Guild Wars 2 accounts can post on the forum? I’m not sure how other games handle official forums and whether or not they use a separate password.
I read WoW forums occasionally and see they require an account. Do they have a separate password?
Possibly it’s done this way so that only people with Guild Wars 2 accounts can post on the forum? I’m not sure how other games handle official forums and whether or not they use a separate password.
The system can automatically put the game and forum password the same as default. Then the player can change their forum password themselves whenever they want.
I can’t see how it is a big headache.
Still, you have not answered why you are so against this suggestion so much.
Possibly it’s done this way so that only people with Guild Wars 2 accounts can post on the forum? I’m not sure how other games handle official forums and whether or not they use a separate password.
I read WoW forums occasionally and see they require an account. Do they have a separate password?
Like I said above, NCSoft used to have separate game and forum accounts. It was tied to the same active/inactive info as the game account.
While Guild Wars 2 doesn’t use master accounts they could simply have it be accessed by logging into the main site with the game login info and have the forum account be a section in the account page.
Possibly it’s done this way so that only people with Guild Wars 2 accounts can post on the forum? I’m not sure how other games handle official forums and whether or not they use a separate password.
The system can automatically put the game and forum password the same as default. Then the player can change their forum password themselves whenever they want.
I can’t see how it is a big headache.
Still, you have not answered why you are so against this suggestion so much.
I haven’t actually said I was ‘against this suggestion’.
I first asked for a clarification then noted that any use of an open unsecured internet was problematical and people needed to be careful. Then said a possible reason why it’s done this way and asked if other games did the same.
Funcom allow different passwords for game and forum. I have no idea why it is as it is here, but this is the wrong subforum to ask. You are better off asking in support/account subforum.
Everytime you try to access your account (forum or game) and it is from a different IP, you need to access your e-mail to allow that IP, so if you have a different password for your e-mail and game account you are pretty much safe, just access the e-mail from your mobile, and not from the insecure computer, otherwise you’ll be “giving” both passwords :P
Charter Vanguard [CV] – HoD Bardy Belzebuson – Ranger Sir Belzebu – Herald
(and the other 8 elite specs maxed too)
Funcom allow different passwords for game and forum. I have no idea why it is as it is here, but this is the wrong subforum to ask. You are better off asking in support/account subforum.
Oh, the OP wants to POST on the forums. Not just read. That is why it says he has to log in. If you want to post, yes, you’ll have to log in. If you want to use public places to log in, you’ll risk your password. Deal with it. That isn’t on Anet. They aren’t going to completely separate their forums and game just because people want to use public places to log on. Because then you’ll have to contact support to get it reset, which costs them money to assist you. Anet doesn’t have a sub fee for the game, so they only can for certain get the money when you purchase the game. Gem money is not guaranteed income, so they can’t plan it for monthly budgets.
TLDR; Learn to protect your own property. Anet can only do so much.
2-Factor authentication. Use the Google Authenticator for your GW2 account. Problem solved.
I don’t use a cellphone. Plus, it is too confusing to set up.
Not solved.
Have a tablet? Same application. Don’t have a tablet? Run BlueStacks and install the authenticator there.
Confusing? It’s too confusing to install an app and either type in a number sequence or scan a QR code, then verify it back to the system? You must go through conniptions every month when your corporate password expires and you have to enter a new one…
TL;DR: Arenanet has already provided a fairly bullet-proof method to secure your account. The fact that you refuse to use it isn’t their problem.
2-Factor authentication. Use the Google Authenticator for your GW2 account. Problem solved.
I don’t use a cellphone. Plus, it is too confusing to set up.
Not solved.
Have a tablet? Same application. Don’t have a tablet? Run BlueStacks and install the authenticator there.
Confusing? It’s too confusing to install an app and either type in a number sequence or scan a QR code, then verify it back to the system? You must go through conniptions every month when your corporate password expires and you have to enter a new one…
TL;DR: Arenanet has already provided a fairly bullet-proof method to secure your account. The fact that you refuse to use it isn’t their problem.
And two password for forums and game account is a problem because…?
Because then you’ll have to contact support to get it reset, which costs them money to assist you.
TLDR; Learn to protect your own property. Anet can only do so much.
I have to contact support to get “What” reset?
I can see ANet providing a simple useful feature that is two separate password for in game and forums possible. It doesn’t sound like it needs 5 years, several grants, and a research team.
Because then you’ll have to contact support to get it reset, which costs them money to assist you.
TLDR; Learn to protect your own property. Anet can only do so much.
I have to contact support to get “What” reset?
I can see ANet providing a simple useful feature that is two separate password for in game and forums possible. It doesn’t sound like it needs 5 years, several grants, and a research team.
Because if someone hacks your forum account, you have to prove you are the owner to get it back. Anet just won’t hand it over to anyone if you want it reset. And for them to put in the effort to change it would also cost money. Bottom line, It will all cost them money when it’s really on you to keep YOUR password safe. Don’t use public computers to log into the forums to post. Don’t use public wifi to use the the forums. Keep your personal information safe.
Because then you’ll have to contact support to get it reset, which costs them money to assist you.
TLDR; Learn to protect your own property. Anet can only do so much.
I have to contact support to get “What” reset?
I can see ANet providing a simple useful feature that is two separate password for in game and forums possible. It doesn’t sound like it needs 5 years, several grants, and a research team.
Because if someone hacks your forum account, you have to prove you are the owner to get it back. Anet just won’t hand it over to anyone if you want it reset. And for them to put in the effort to change it would also cost money. Bottom line, It will all cost them money when it’s really on you to keep YOUR password safe. Don’t use public computers to log into the forums to post. Don’t use public wifi to use the the forums. Keep your personal information safe.
In that case, I will just have to give my serial code, my last four credit card digit number, my character’s name, and other information that ANet ask. A few hours later, Bam, forum account back.
Now, if my game account gets hacked because I logged in. Same process. Same ‘money’ lost. If I want all my items back, ANet will have to lose more time and money to thoroughly investigate if I was hacked. I think it is cheaper to lose only a forum account.
Because then you’ll have to contact support to get it reset, which costs them money to assist you.
TLDR; Learn to protect your own property. Anet can only do so much.
I have to contact support to get “What” reset?
I can see ANet providing a simple useful feature that is two separate password for in game and forums possible. It doesn’t sound like it needs 5 years, several grants, and a research team.
Because if someone hacks your forum account, you have to prove you are the owner to get it back. Anet just won’t hand it over to anyone if you want it reset. And for them to put in the effort to change it would also cost money. Bottom line, It will all cost them money when it’s really on you to keep YOUR password safe. Don’t use public computers to log into the forums to post. Don’t use public wifi to use the the forums. Keep your personal information safe.
In that case, I will just have to give my serial code, my last four credit card digit number, my character’s name, and other information that ANet ask. A few hours later, Bam, forum account back.
Now, if my game account gets hacked because I logged in. Same process. Same ‘money’ lost. If I want all my items back, ANet will have to lose more time and money to thoroughly investigate if I was hacked. I think it is cheaper to lose only a forum account.
The point is, it costs money. Period. Protect your own account. They gave you the tools. Use them, or don’t log on shaddy internet locations. End of story. In the end, YOU need to protect your account. PERIOD. Anet can only do so much.
Because then you’ll have to contact support to get it reset, which costs them money to assist you.
TLDR; Learn to protect your own property. Anet can only do so much.
I have to contact support to get “What” reset?
I can see ANet providing a simple useful feature that is two separate password for in game and forums possible. It doesn’t sound like it needs 5 years, several grants, and a research team.
Because if someone hacks your forum account, you have to prove you are the owner to get it back. Anet just won’t hand it over to anyone if you want it reset. And for them to put in the effort to change it would also cost money. Bottom line, It will all cost them money when it’s really on you to keep YOUR password safe. Don’t use public computers to log into the forums to post. Don’t use public wifi to use the the forums. Keep your personal information safe.
In that case, I will just have to give my serial code, my last four credit card digit number, my character’s name, and other information that ANet ask. A few hours later, Bam, forum account back.
Now, if my game account gets hacked because I logged in. Same process. Same ‘money’ lost. If I want all my items back, ANet will have to lose more time and money to thoroughly investigate if I was hacked. I think it is cheaper to lose only a forum account.
The point is, it costs money. Period. Protect your own account. They gave you the tools. Use them, or don’t log on shaddy internet locations. End of story. In the end, YOU need to protect your account. PERIOD. Anet can only do so much.
You don’t understand what you are saying.
According to that logic, ANet should fire all their customer support because it cost money. If YOU, Ellieanna, get hacked, lost all your items, your gold, your characters and somehow, you could not figure out how you got hacked. It is YOUR fault. Customer support cost money. ANet will say to you, “Tough luck Ellieanna.”
Now, ANet can do so much. I know they can create another passwords for forums. It doesn’t seem a difficult task. I know they can handle password issues for forums as I personally experienced their customer service. I know it is very easy and how fast it takes for them to reset my password, and I can safely assume that it wouldn’t take as long to reset a forum password. I know it takes them a long time to thoroughly investigate a hacked account that wants to re-roll.
My rebuttal is: The money they spent is worth it. PERIOD
Runeblade, thank you for your suggestion. I am not the person who gets to decide such things, but I wanted to let you know your suggestion has been seen (both by me and the decider-types). I also wanted to comment on a few things that came up in this thread.
Re: the cost to ANet of supporting multiple passwords
Having a secondary password for forums account would indeed increase our support costs. It wouldn’t be double, since a lot of players don’t use the forums, but password problems are one of our biggest ticket drivers and this would definitely cause us to get more tickets of that type.
Re: other security solutions
If you don’t mind sharing, I would love to know what part of the authenticator set-up process is giving you trouble. We want as many people to use mobile auth as possible, since it’s the best way to secure your account, so I want to make sure the instructions are crystal clear. If you have any suggestions on how to improve them, please let me know!
Re: advice on account security
There’s a lot of really good stuff in this thread. I agree with the other posters who recommend against logging in from sketchy networks/computers, especially if you don’t have mobile auth enabled or a way to check your email on a secure connection and device. Further, make sure your email account password is different from the one you use for the game.
All forum traffic, including login goes through 128 bit encryption. If you are accessing from a device that is already compromised, you can also expect any accounts accessed from that device to be compromised as well (such as email).
If you can’t keep your devices secure, an additional password for these forums is not going to help. Just the fact that you do not log into a game does not prevent a malicious entity from using your email address and email access to hijack your account without even needing your password.
Professor of Bearbow Math @ Tyria State // @Shazbawt // “The Crippler”
Well at the moment you can change your in game password through logging into this website, so that’s a big security risk anyway.
Again I don’t understand why it’s such a big deal to browse forums without logging in. Anything you really want to comment on you can do when you go back to your secure connection and log in there.
At the moment at least most people try to keep their account safe and protect their passwords because everyone knows, if you get hacked there is only one rollback, it’s up to you to keep your account safe. If you had a different password for forums you sound like you wouldn’t care much about your forum account security, which is the wrong attitude to have. Anet would have to deal with too many support tickets if people adopted this attitude of not being careful with their password, even if it’s just for forums it takes them time and resources to sort it.
Again, all you need to do is just not log in on public networks. Read all you want and reply when you get home don’t see this as a big issue
All forum traffic, including login goes through 128 bit encryption. If you are accessing from a device that is already compromised, you can also expect any accounts accessed from that device to be compromised as well (such as email).
If you can’t keep your devices secure, an additional password for these forums is not going to help. Just the fact that you do not log into a game does not prevent a malicious entity from using your email address and email access to hijack your account without even needing your password.
Sarcasm 128Bit how dare you that is not secure enough anymore you need to move to 256Bit. Sarcasm
There may be a time soon that you want too however I don’t think that time is yet.
For the majority of accounts out there having the ablity to have a seperate username and password for forums and accounts will not increase the security of accounts. Because they will use the same username and password. So from a cost perspective the increased security of having multiple accounts with diffrient passwords may not be justified.
A better thing to put money into is add multi-factor authentication. That way if somone get’s your password then… Well good for them they still can’t log in. Lets hope that you used a diffrient username and password then all the other accounts you have out there. You did didn’t you? Perhaps they should add more ways to get a code for those without a mobile device.
To add what Chris said and perhaps add more explanation. If you are connecting to a network that you usually don’t log into you will likely have to access your email to authorize the network in question. There goes your email credentials and you have bigger problems. Your email credentials are more valuable to the person with the keylogger then your game password.
It should also be noted that every AAA MMO under the sun uses the same account for forum and game, and that they all offer a secondary method to secure your account, such as an authenticator, e-mail network verification, etc.
If you don’t like the Authenticator, at the very least, enable e-mail verification so that you’re e-mailed with a limited-lifespan link that allows access from a new network. That way you’ll always know if your account has been accessed from another location.
2-factor authentication is a computer industry security standard, specifically due to the high level of security it affords. I can’t imagine a reasonable scenario where someone would refuse to use it, unless you like things being stolen from you.
don’t see this as a big issue