Guild Wars 2

We are making it too easy for hackers to profit from us! If everyone would turn on 2-step verification for our e-mail accounts it would make it so much harder for them to do so. MSN, Hotmail, Outlook, google all have this option. It is not turned on by default, you need to activate it.

If you own a smartphone. If not, email authentication will have to do.

Outlook does not require a smartphone you can do it with a phone number and alternate e-mail address.

Cool. Though, I personally would never use Outlook. Ack!

Good information for others, though.

These guys show you how to set up 2-step verification with your Microsoft account.

http://www.cnet.com/how-to/how-to-use-two-step-verification-with-your-microsoft-account/

Inculpatus cedo.9234:

Cool. Though, I personally would never use Outlook. Ack!

Good information for others, though.

Outlook.com is a very good website (much better than gmail, IMO). If you are just discounting it because it’s ‘hip’ to hate Microsoft, you should reconsider.

Gaile,

As you stated, it does appear that the vast majority of recent account hacks have come from hacked email accounts. In light of this, has any consideration been given to altering the policy of blindly issuing change password requests that come in from legit email accounts? I fully understand this would inconvenience users that legitimatley want their password changed and may possibly cause more front end work for Support, but I have to believe that if this policy were changed (so that email requests would be redirected to the on-line ticket submission system….that ASKS for validation of the user info), Support’s need to handle hacked accounts would also VASTLY be reduced.

I get that email account security isn’t Anet’s responsibility, but in light of the rash of compromised player email accounts being used to hack GW2 accounts, the change just seems to make sense (for both players account security and Support workload standpoint).

Just asking if it is being considered.

Brother Grimm.5176:

Gaile,

As you stated, it does appear that the vast majority of recent account hacks have come from hacked email accounts. In light of this, has any consideration been given to altering the policy of blindly issuing change password requests that come in from legit email accounts? I fully understand this would inconvenience users that legitimatley want their password changed and may possibly cause more front end work for Support, but I have to believe that if this policy were changed (so that email requests would be redirected to the on-line ticket submission system….that ASKS for validation of the user info), Support’s need to handle hacked accounts would also VASTLY be reduced.

I get that email account security isn’t Anet’s responsibility, but in light of the rash of compromised player email accounts being used to hack GW2 accounts, the change just seems to make sense (for both players account security and Support workload standpoint).

Just asking if it is being considered.

Instead of making support authorize password changes, maybe add a security question. Even something as simple as mothers’s maiden name or name of first pet would stop an outsider.

I think every player (at least those that have been hacked SHOULD) would appreciate something other than, “Can’t remember PW…HELP!” (the exact ONLY words use in the email that resulted in my account being compromised) being all that is needed to get Support to initiate a PW change.

I would hope that anything that could be done to help players avoid a compromised account would be worth considering and I SERIOUSLLY think a policy change on this issue would greatly REDUCE Support workload (and likely reduce hack attempts like these in general once hackers realize they can’t use this method to gain access to accounts any longer).