Guild Wars 2

Unfortunately this wont work for me. My mobile is old enough, i never managed to go online with it.

Hello there,

My account was hacked in 26/3/13 and after reading all the anet suggestions about how to be secure, i realized that i MUST suggest that they check a bit the email authentication system…bc it seems it can be by – passed by hackers.

I made a post but the topic was locked by Gaile, and replied that i should send a ticket. and i want to thank him for this fast reply. Well of course i sent a ticket and i am back in my account, otherwise i wouldnt be able to login and post here. I wait now to see if my account will be restored. But the purpose of my post is to make a suggestion to Anet to check a bit the authentication system. And also to inform us on how we can be more safe

The whole post is at this link…
https://forum-en.gw2archive.eu/forum/support/account/Hacked-Account-ANet-Will-Restore-or-Not/first#post1717998

Also to thank Anet for letting us restore our accounts but is once per lifetime, and would be nice to have more chances on that if the system is not that secure yet, bc then is not our fault, right?
I really would need some suggestions on what to do more in order to be more secure. I changed both password of email and of GW2 to be totally unique both of them. And im carefull about keyloggers, but is this enough? Till now seemed it is not, if the hackers can reset our passwords. So what to do more? Any suggestions on that? I feel that this can happen to me again, and this first time ok my account propably will be restored so is not big deal, but what about next time that this can happen? I will lose all the work i did for months? I hope Anet udnerstands why i had to make this post and that i need suggestions from them or from players who know better than me.

Thanks a lot

Korina

Hello there,

My account was hacked in 26/3/13. Mike O Brian, in his article “How Hackers Steal Accounts” says :
“We have a feature in place, email authentication, that’s designed to help keep your account secure even if a hacker does know your account name and password.
Here’s how it works. When you first login, we ask you to validate your email address. After that, whenever you attempt to login from a new location, we send email asking you to approve or deny the login attempt.
So keep in mind, if you ever see an unexpected email asking you to validate a login attempt from a location where you’re not playing from, that means a hacker already knows your account name and password! The only thing that’s keeping him from logging in as you is the email authentication system! Change your password immediately.”

But i never received in my email somethign about asking authenticating…so how the hacker was even able to login in my account if he was not “authenticated” by me?
I think thats strange isnt it?
I only received 2 emails saying
“Someone -hopefully you!- has requested to change the email address associated with your Guild Wars account.
Need help or have questions about your Guild Wars account? Visit our support site: http://support.guildwars2.com/.
Thanks!

-The ArenaNet Team"

Thats great eh? (“hopefully you!”…and that email is not even asking if i agree or not!!! We just HOPE is you…!)
Also here is the password change email in 25/3/13 afternoon while i was playing GW2 and ofc was not checking my email at that moment.

So the hacker asked for reseting the password…HE DIDNT HAVE THE PASSWORD…as Mike O brian states!!!!

Somebody (hopefully you!) asked to reset the password on your Guild Wars account.
To change your password, click the link below.
https://account.guildwars2.com/reset-password/confirm?s=E316E280-46CD-4DBB-A2D3-D71F04ECB251
If you did not request to reset your password, you can ignore this email and no changes will be made to your account.
Need help or have questions about your Guild Wars account? Visit our support site: http://support.guildwars2.com/.
Thanks!

—The ArenaNet Team"

So as you can see…the email says “IGNORE this email if you didnt ask for reseting your password”. Even if i have seen it i would have ignore it as Anet advices me to do.

But the truth is the hacker didnt know the password…because they asked to reset it and somehow they rested it WITHOUT needing any authentication from me!!!

I wonder if Anet could do something to fix this issue. The hacker has first reseted the password and then changed the email.

Could you do somethign to fix this issue? Because this way authenticating email seems that can be by – passed and not helps our safety.

What you think about this?

At least i hope my account will be fully restored because i lost everything , mycharacters are even totally nude , no armor nothing…I was full exotic, some had cultural armors…loads of expensive materials like ectos etc…