Guild Wars 2

So many reports on forum and so many hacked accounts selling gold, made me wanna help some of u guys if u dont want to read the text wall from Anet. So my2 cent on account security:

1. Use gmail – enable 2 step verification.
How this works: if a new machine (comp, phone tablet etc) wants to acces your email google sends a code to your phone. You dont have the code u cant access your email. You can set it so it remembers the machine after u enter 1 code so it doesnt have to bee a pain in the a8s each login. Free of charge btw

2. Enable email verification for your account on gw2 site.
How this works: if x wants to enter your gw2 account, x must first enter the email address for that account and click on the link provided there. If someone did get your account details they still have to get past the email/ hack the email to use your gw2 account and that its kinda hard if u do step 1 (email on the internet, phone in your pocket => they need james bond for this one )

3. Setup a nice and safe password.
If u love your gw2 stuff dont use the same password u have on some random internet account that u have used for years and can be compromised by now. Setup a new one.
Use Capital letters, use numb3rs, use symb*ls – d1dYoug3tit& ?

This 3 little steps saved me from more than 10 China login attempts. I hope it helps some more ppl. HF

There is a problem with what you say not everyone owns a mobile device therefore cannot take advantage of the 2 step auth.
In that case a 2 step auth is a flaw it’s actually a security hole to those who can’t use it.
Because it leaves the hacker be it on gw2 account or a gmail account the the ability to pretty much own half your account. I don’t have a mobile device and I’m working on getting my account un-hacked as we speak.

Reply to your 3.
I tell you secret i just happened find out on my own 2 days ago when I went to try retake my account I changed my password to unicode (yes anet supports unicode in pw thats something they should update the page about security unicode password would make passwords nearly impossible to brute force. If you wonder what I mean by unicode here is an example: ?????? ?? ?? < was the unicode forums dont support it but password here does lol anyways Unicode is for example hold ALT key down then type on numpad 0919 that would make upside down question mark. hacker that got me got by an 18 character number letter upper and lowercase and symbol password. So my password was not weak and was unique not used no where else, would have took 10 years to brute forced that and one i used for email that he got was not the same one but was same format numbers upper and lowercase letters and symbols but only 12 characters long and that one had to be cracked or stole as only way you could have gotten it would be called my ISP in that case you’d have know the phone # what country state area code then when i called yesterday they would have been a ticket with my ISP tech from someone that called to get it so i think we know he cracked the pw.

Where he got knowledge of my email is the question i have because there was nothing assigned to that account other than gw1 and 2 my gw1 account has never been hacked or touched by a hack in the past or present *shrugs" you tell me now im not gonna throw out there anet has a security hole or has been breached but boy makes me wonder not just because of the fact i never used that email any where else never assigned any other accounts to it that’s why i assigned gw1/2 to it in the first place was because it was never used for anything else…..

1st time any account of mine has been hacked ever in the 14 years I have been online and in online gaming. Sure there 1st time for everything but still makes me wonder……
Then fact like 100s posts on here in past 2 weeks about hacked accounts not counting the people that didn’t make post as I didn’t i went straight to support page 1st cause I know these forums not going help me get my account secured or chars rolled back to prior intrusion

So can’t always say do this or that not everyone can do everything 2nd auth in my opinion is trash it’s a security hole for me 2 step auth should need 2 email addresses and 2 confirmations to reset a password rather than 1 also they wanted step up security a little more make us need cd-key to change pw…… hackers need our cdkeys before they could even reset our passwords then that would stop alot of hackers im sure and probably keep alot of your friends you think are friend from stealing your account aswell lol I bet some cases are that rather than a hacker I’ve never let anyone use my account or even used on another pc so i don’t know for sure..