Guild Wars 2

We desperately need an authenticator option. I’d gladly pay whatever amount for it. I’m receiving multiple emails telling me there have been login attempts on my account from places like Tokyo. I run a very large guild and buy gems. I can’t afford to have my account compromised. Why on earth didn’t we get authenticators at launch? WoW, ToR, even Runescape all have authenticators. We need them! Please read this and give us the option to buy an authenticator!

I’m really wondering what this “login attempt” e-mail means. I got one of them saying someone attempted to login from Beijing, but what I don’t get is: did they get my username and password correct but their location was wrong so it was denied or did they just try guessing my password and get it wrong? I did change my GW2 password already, but I admit that I used that password on other site, but ONLY on sites I trusted to be secure like the bank and the electric company. Obviously, if they’ve got my password now, it’d be very smart for me to change those. If it was just a failed attempt at guessing my password, however, I might just let it slide.

done and done. thanks Gaile!

they nailed me while i was asleep / cry i had a extreamly good password never used it before and still got hacked they changed my login/email for the account while i was asleep without even a email authentication now i am stuck been that that way for the last 6 days good thing i bought a book to read!

120905-010289

…and a sad note to what Gaile mentioned…all of this is perfectly legal in China, in fact is supported and funded by the Chinese government in some cases. Its like the Chinese jails which make inmates play stolen accounts on WoW and other games to farm gold and advertise for these companies. Pathetically sad really…shows how low some go to make money.

If you’re getting login attempt emails you should be really worried, because it means they’ve figured out your email / password combination and the only thing that’s stopping them from cleaning out your characters or changing your account details is the email authentication process.

The first thing you should do is immediately change your password to something long and preferably completely random with at least some numbers and capital letters mixed in and longer than 12 characters. Write it down temporarily if you have to, or use a password safe program. Optionally also change your email address to a new one never used before, since they would then have to guess 2 new pieces of information instead of 1.

Secondly you should be scanning your system from top to bottom with at least 1 Antivirus program and 1 Anti-Malware program (like Spybot or Malwarebytes), but more than 1 of each is best if you want to decrease the chances of missing stuff (since one of them might detect something the other doesn’t and vice versa).

If the scans find malware on your PC it’s possible your details were caught by a keylogger, which means after cleaning everything, you should immediately change your password again as above (making sure it bears no resemblance to the last one).

If multiple malware scans come up clean then your details were sourced through either phishing emails or as Gaile mentioned from lists obtained through compromised accounts on other websites and MMO’s. Even if you never used the same email / password combination elsewhere, heck even if you didn’t use that particular password before yourself doesn’t mean they weren’t on the list, because some other random person may have used it in the past.

Given that they abused both the password reset form and the account registration form to figure out which emails already had GW2 accounts attached suggests that they were desperate enough to get their hands on GW2 accounts that they were using plain old passwords guessing techniques, whereby they go through a long list of known passwords hoping one of them will work with the email they know has a GW2 account. If they can’t find a match they will move onto the next email. This means the people who are the most secure are those whose emails have never been caught, followed by those whose emails are known but have sufficiently long and complex (complete gibberish essentially) passwords that are extremely unlikely to feature on any list.

In the next few weeks it’s likely we’ll see a decrease in random password guessing and an upsurge instead of accounts compromised through phishing emails and keyloggers instead, since that means a lot less work for them. Especially keyloggers are dangerous since they can easily lead to both the game’s login and the email’s login being compromised, which means the email authentication process can be easily circumvented before the user even realises their account is in danger.

If they know which email address you’re using for this game, I actually recommend changing your email address as well – use a new and unique email address just for this game (in combination with a new and secure password) That’s the best way to ensure that you won’t get hacked.

A good Keylogger is your best bet.