Guild Wars 2

Interesting, this is good info and should probably be mentioned in a stickied post somewhere. TY for mentioning it here.

Malmathir.7459:

Great… thanks. Gonna go back and change all my important passwords now. Guess I got to be more creative from now on.

Even if you come up with a really long password that people are not likely to guess, don’t use that same password at multiple locations where you care about your account.

I’d rather just get rid of the commander icons completely as all it leads to is zerg vs zerg from what I have seen. People blindly follow the little commander icons and don’t want to branch out on their own.

Cheers to the few who are willing to break free of that and go their own way.

But no, Anet will never get rid of the icons. I’m sure it’s a source of income for them as some will buy gold to get those icons. Of course it’s also a source of income for the RMT gang, but that’s another story.

Raising the price is just going to mean people will buy more gold to get them. None of the current problems involving commander icons would change.

While it’s helpful to post that to keep people aware, I doubt that is the reason why most of the hacked accounts were actually hacked. You’d be surprised how many people use the exact same login credentials (email and password) at most or every site they visit. That, and the fact that many, many, many people use passwords that are common or easy to guess means that people often get their accounts compromised.

It happens at just about every site that has login functionality. Some sites get targeted more than others when it comes to using massive lists of people’s credentials to try to gain access to their accounts. Because MMOs are an online business where the account hijackers can potentially make a lot of money, it’s inevitable that GW2 players’ accounts are going to be compromised. This isn’t a weakness at ArenaNet. It’s due to players choosing weak security.

ArenaNet employees have repeatedly told people to use strong passwords that aren’t used anywhere else. Many players aren’t going to do this, ever. Not here, and not at other sites.

I’ve tried telling my parents over and over to use strong, secure passwords. My mom’s aol account was hijacked a few weeks ago. Her password was a name followed by a number. /sigh

I’d like to disable the icons completely. If someone wants to advertise that they spent 100 gold, let them if it makes them happy. But in pvp I keep seeing masses of people blindly following people with a commander icon, to the point where it’s zerg vs zerg with people with purdy icons leading each zerg. Some of us prefer more challenging fights, but it’s hard when so many just want to follow the hordes led by the icons.

And to have it in pve? Why not just say
/map I spent 100 gold on this purdy icon

and be done with it?

Yes it’s aggravating, and I too would rather be forced to enter my security code each time, but an alternative is to reset your IP address each time you sign in (to a different network), assuming you are able to do that, and granted most people can not. Annoying, yes, but it’s an option.

Smokesacks.1084:

Although the number of players that have had their accounts hacked is a small portion of the population, this issue still effects everyone that plays the game. No reasonable person would expect an entire company to drop everything they are doing to work on account restoration but it is reasonable to ask that someone does work on what should be basic service to an online only game.

Then perhaps you haven’t seen the multiple posts where it is indicated that ArenaNet is working on offering account restorations, and they do currently offer basic account services. No game offers every single account feature or service, but many, including ArenaNet, do offer basic services and add to those services as time goes on.

zbrkesbr.4173:

Actually there is an alarming amount of hack reports on forums. If you consider that only 5-10% of playerbase uses forums (and even less are posting), then it does look like a security problem on A-Net’s side. While some hacks may have occurred due bruteforcing, but ability to target certain players is an evidence of either database theft or a serious security overlook in log in process.

I would expect that people who’ve had their accounts compromised WOULD post in the forums about it even if those people have never used the forums before.

If more of their focus is on new content instead of restoring hacked accounts or fixing bugs that affect a very small subset of the player base, I see nothing wrong with that. I’d be willing to bet a few months of paychecks that the vast majority of players have never lost access to their GW2 accounts. It’s logical for a company to focus most of its resources on pleasing the majority of the players. If most GW2 players were getting their accounts hacked, then yes the bulk of the development efforts would probably be on account restorations.

If there was a database breach you’d hear about account hackings in droves, not what we’re currently hearing about. I trust the security of ArenaNet’s system MUCH more than I trust the security practices of individual users. The vast majority of the time whenever an account in any service is taken over by someone else, it’s due to the security (or lack thereof) implemented by the owner of the account.

You can completely prevent yourself from getting hacked due to weak passwords, passwords used elsewhere, malware on your pc, etc. All of us can prevent such security breaches, but many of us don’t. We can’t control what ArenaNet does with their database, but we can control how effective our own login credentials are.

As for ArenaNet’s response time, it does take them a while as they have limited resources (same as every other company on the planet), and there are also people allowing their own accounts to be compromised, allowing others to cheat them in trades, etc. There is only so much the company can do. Patience is required.

In the meantime, come up with a password around 15+ characters in length, combination of upper-case and lower-case letters, numbers, and symbols. DO NOT use a password you have used elswewhere, and don’t make it similar to any you have used elsewhere, especially if you have used your GW2 email address elsewhere. Add email verification to your account. Don’t share your gw2 or email login credentials with anyone, doesn’t matter who it is.

I went a lot longer than 3 months and was still able to log in to my gw1 account. It has nothing to do with your inactivity level.

I went by “gassy” in another game and started out with that name here but then saw “Make inappropriate references to human anatomy or bodily functions” in the naming policy. So I changed my name and, alas, no suspension.

While “poopoo” might be amusing to you and others, it’s still considered a reference to a bodily function. If you have other names that refer to bodily functions I suggest changing them when you get your account back.

ArenaNet isn’t screwing around by swatting people’s hands and saying “please don’t do that.” They mean business with regard to players following the code of conduct. I’m surprised everyone hasn’t realized that yet.

And I’ll be # 1875. I’d like to have to enter the authentication number each time please.

It would be pointless to ban people based on IP address since people can change IP addresses whenever they want, and they could inadvertently ban a legitimate player.

If you got banned for RMT activities then it’s likely your account was indeed engaged in that type of activity, regardless of whether it was you or someone else controlling the account. From what I’ve read, ArenaNet typically blocks the account from being used when they detect it has been compromised, followed by a ban if the account was used by someone for selling gold or spamming gold ads. After the compromise is resolved and the RMT activities investigated, the account is restored.

I’ve never heard of them banning based on IP address.

My guess is no it’s not against the policies, but that’s just a guess. I don’t see how a VPN is necessarily going to help you out unless you are hitting a certain network path that is having traffic issues. I’m sure you know that using VPN is likely going to add a few hops, at least, to your packets. This could in fact slow down your connection.

It has been known for many years that a specific country is the source for most RMT activity. Are we really not allowed to mention that country here? Anyone who has played mmos before likely knows which country it is. For anyone who doesn’t, look up “gold farming” in wikipedia.

Anyway, it doesn’t matter where they come from since virtually they can come from almost anywhere. Blocking IP addresses is pointless since IP addresses can change, and sometimes legitimate players can be blocked. Also, considering I could play the game using an IP address in many different countries, despite living in the US, I could still play the game even if every IP address in the USA was blocked. So blocking the USA wouldn’t block me, but it would block millions of legitimate players. (NO, I am NOT a gold farmer… lol… I am just using myself as an example)

Blocking specific IP address isn’t the solution. User education about maintaining account security (and not supporting gold farmers!!!), and giving players the tools with which they can maintain that security, is much more effective in the long run.

kipz.8701:

It was but I de activated it because of the hassle of entering a code every single time I got DC’d which was alot recently. Apart from I have used the same password info since I opened my Prophecies account and have never had problems with it or given the info out.

I strongly suggest adding the authenticator back to your account once it’s restored, if that hasn’t already happened. The hassle of entering a code every time you disconnect isn’t nearly as bad as the hassle of someone else taking over your account.

I haven’t read the entire thread, but make sure the password you use for your GW2 account isn’t used anywhere else. You say you haven’t “given out” your password, but if you are using your GW2 password at other sites then yes you are indeed giving out your password. Ideally use different email addresses for the sites where you really don’t want your account compromised, but at a minimum everyone should be using a different and secure password for each important site. There are no exceptions.

I don’t know how to disable that, but if you are not using the google authenticator then I strongly suggest using at least one of them (either email auth or the google authenticator). If someone gets your email and password for gw2, and you have no second form of authentication set up, there is nothing stopping them from signing in with your account.

Regardless of how safe anyone thinks they are, ALL of us can have our accounts compromised through various means.

You might want to read this.

https://forum-en.gw2archive.eu/forum/support/account/Email-Authentication-email-has-not-arrived

I don’t know if there is a way in-game to see if it has been activated.

This is a little late, but if anyone still sees them can you file a support ticket about the bots? Not sure how they are handling those, but if they don’t know about them through the ticketing system (in-game), I doubt the bots will go anywhere.

In the meantime, if they’re still there I suggest continue killing them. lol But don’t stay there too long just in case your activity there with the bots triggers any alarms.

You will need to file a support ticket if you haven’t already. That is how they are handling follow-ups of compromised accounts. Click the support link at the top of the page.

In the meantime, for any sites where you use the same password as you used at gw2, change that password.

Renegadeimp.8439:

You overlook one thing. Nobody compromises video game accounts using a brute force algorithm.

They ALL use keyloggers which record anything at all that is entered into the game client or launcher.

I’m lazy. I don’t want to do any more work than I have to do. If I was going to look for login credentials to try at various sites, including gaming sites, I’d do one or 2 google searches, at most, and get myself lists of emails and passwords that both work at the site from which they were obtained and also at other sites. If someone else has gone to the effort of hacking into an account database and posting login credentials in plaintext files online, there’s no reason for me to try either brute force attacks (not practical for an online service) or keyloggers. Security programs will pick up most keyloggers, and even if I managed to get some installed, the chances that I’d get mmo account data is probably not that great. Besides, if I was going to try to use keyloggers, I’d be going for bigger data such as banking credentials.

Just to clarify, I’m NOT the kind of person who would try to get and use someone else’s credentials. Never have, never would. But I have seen many many many lists of login IDs and passwords posted online for various online services. They’re rather easy to get, and with people so reluctant to use different passwords, there isn’t much need for brute force attacks or keyloggers any more, at least not as much as there used to be.

Just my 2 cents.

They do not offer phone support. You will have to wait for a response to your ticket. Please don’t file extra tickets as that apparently slows down the process.

If you have been waiting for more than 5 days for a response, go here:
https://forum-en.gw2archive.eu/forum/support/account/Tickets-for-Review-5-days-and-older-merged/first

and read the first post, and then add a reply with your ticket info IF the first post applies to your situation.

I don’t know what all they are able to return to you, if anything. It is possible you might not get any items back. But you can change servers yourself at the character select screen within the client.

Just because you think your previous online accounts were never compromised doesn’t mean they weren’t. You admit to using passwords that are not the best. It would not surprise me if your previous accounts were compromised and you just didn’t know it.

A list of close to half a million (yes, half a million) Yahoo emails and passwords was posted online a few months ago. I couldn’t believe the passwords I saw. I would not be surprised if several thousand or so of those accounts are registered with GW2, with unchanged passwords. I’d also bet that if the people weren’t required to change their Yahoo passwords, many would never even know that their account credentials were leaked.

NortyBits.8097:

Dear Support,

This is my friend’s account because I have set my password and then promptly forgotten it. I see that there has been problems with people spamming the Reset Password tool and so you have taken it down. And so I humbly request that someone reset it so I can log on again.

Account: ShoMinamimoto.8260
Email: <deleted>

I can’t seem to find my GW2 Key at the moment, I hope that isn’t necessary…

Let me know if there is anything else you need from me, otherwise I hope to get this resolved quickly and get back to playing! Thanks for your time!

First, please do not post email addresses here. That is half of what is needed to sign into a GW2 account.

Second, you will need to file a support ticket which can be done through the support web site: http://en.support.guildwars2.com/app/utils/create_account

About a week ago someone linked a piece of gear in /map chat, and the icon clearly did not match the actual item. I think the icon was a pair of gloves, but the item description said it was pants, or something like that. So yes it is possible that Haka selected an item expecting to get shoulders but instead got pants, although the situations are different, assuming the linked item doesn’t always have to match the actual item (two different database values, for example). I did not preview the item that was linked in map chat.

tldr; It’s in RMT companies’ best interests to get as much gold as possible as quickly as possible, and if they had access to a list of GW2 credentials obtained from hacking a database then the 5-hour delivery times would be much shorter.

There actually were several thousand accounts compromised according to ArenaNet, and ArenaNet stated that evil-doers are trying to find accounts by using known lists of emails and passwords. ArenaNet engineers/admins have access to their own login server logs, so they know better than any of us about the types of authentications that are occurring.

If someone has a list of valid gw2 credentials that they obtained by compromising a database, they aren’t going to bother slowing down their login rates by intentionally mixing in invalid auth attempts. They’re going to go straight for the goods. These are people whose goal it is to get as much gold as they can, as quickly as they can.

The buyers don’t want to be kept waiting. Some of the RMT spammers advertise a 5 hour delivery, or something like that. If they really did have access to a list of valid GW2 credentials, that 5 hours would be 1 hour, or “instant delivery” as I would see in FFXI, which was rampant with RMT bots. People don’t want to wait 5 hours to buy their illegitimately obtained gold and are more likely to buy if there is immediate gratification, just like buying many other things. If you can get something at Best Buy in half an hour or wait a week or 2 for delivery, you are going to go for the more immediate gratification. Assuming there are multiple RMT companies involved with GW2, it’s in their financial best interest to have gold available before their competitor, and of course at a cheaper price.

Unfortunately they are not going to go away as long as people continue buying gold from them and continue using login credentials they’ve used elsewhere. It’s essentially free money for the RMT gang. They don’t have to spend money on games as they can go through lists of emails and passwords and find ones that work and then rob those accounts of everything. They can then spam /map chat using those accounts they obtained for free, and then sell their freely acquired gold to people stupid enough to buy it.

Sadly there will always be people willing to either buy gold from them or pay them to have their accounts power leveled, which is illogical… why buy a game and then pay someone else to play it for you?

I left FFXI years ago solely because Square Enix was doing absolutely nothing at the time about the RMT problem. It does seem ArenaNet is at least trying to squash the maggots when they appear.

Then if you haven’t already done so, set the subject of your ticket to “refund” or something like that (not sure if they have defaults). If you set it to something like “account compromised” then it probably won’t go to the billing department.

kos did you open a ticket? You won’t get any official support unless you open a ticket, from what I have seen. The ticket system is what they are using to process support requests.

I don’t think it’s with ArenaNet. If it was, I think there would be a lot more successful account hijackings at this point in time.

Only you know all the info about your situation. For others, many have admitted to using weak passwords or reusing passwords.

Gatto was referring to his own situation and his own weak password.

Each time you change IP addresses you are going to be prompted to authorize a new login. Depending on how they do their IP mapping, the city name shown may or may not be what you are expecting, but it should be close to your location.

If your wife uses the same email and password to sign into her email account, she should change that immediately to something very long, secure, and strong. The password she uses for her email should not be used anywhere else, ever.

You can use gmail to set up email aliases that are sent to the same gmail account by using “+whatever” within your gmail email address, such as alicebob+yahoo@example.com and alicebob+microsoft@example.com (replace example.com with gmail.com when reading that). Any email messages sent to those email addresses would go to the same gmail account (alicebob).

However, if those email addresses appeared in a list, the person with the list could just remove the +yahoo or +microsoft and have the account ID used to sign into gmail.

Some email services, such as fastmail.fm, allow you to create email address aliases that are nothing like the email address you use to sign into the service (different user name, different domain). Any email sent to those aliases ends up in your email account. But the email address you use to sign into the service is one you can keep to yourself and never use anywhere else. I’m sure there are others, but fastmail.fm is the only one I know of offhand.

I think the point LeCreaux was making was that you should assume that whenever you register with a site, your credentials are not secure. Even if a site where you register has never been hacked, you should always assume that it will be eventually, and create a unique, strong, and long password that you have not used before and will never use anywhere else ever again.

Just 2 months ago close to half a million yahoo login credentials were leaked. Many of those passwords were ridiculously weak, and it’s very possible there were some login credentials in that exposed list that are also used here in gw2. But I bet when most people sign up for an email service, they never think their accounts will be hijacked or their login credentials posted on the internet for anyone to see.

It doesn’t matter if ArenaNet’s system is secure (no system is every 100% secure) and is never hacked, and it doesn’t matter if you think your email provider is 100% secure (it’s not). Always, always, always specify a new password, and preferably a new email address, when you sign up for a site where you care about keeping your account secure. There should be NO exceptions to this. And imo ArenaNet should not have required you to use the same email for gw2 and gw1, but that’s another topic for another day. lol

If your friend uses the same email and password for gw2 and his email account, tell him to stop using the same login credentials across different sites/services/games. If the email and password he uses to sign into gw2 are the same as what he uses for his email account, he might have also lost access to his email. Lists of login credentials are posted on the Internet and shared within various circles of people, so if your friend’s email and password are on that list, it’s probably known by many people.

Yes please give people the option to turn this off. If people want to show off the fact that they have a lot of virtual money, let them, but PLEASE let everyone else be able to turn off the bragging.

Of course the one who obtained the list of logins from other sites is responsible, but when you register for a site you have the option of creating login credentials that can’t be used anywhere else. People often are not doing that.

If you have a car and a house, would you want the same key used for both? No. People should be treating online data with more caution than they currently are.

Considering they’ve sold more than 2 million copies, and considering more than half of the players have very likely used the same login credentials that they’ve used at other sites (based on previously conducted studies about password security), I think the current rate of compromised accounts is relatively small.

If people insist on using the same login credentials that they’ve used elsewhere, this forum is going to be busy for a long time.

Change your password to something strong (mix of uppercase letters, lowercase letters, numbers, and symbols) and ideally make it at least 20 characters long. Don’t use the password anywhere else, ever.

You are supposed to be able to change to servers on other continents, last I heard. I don’t know how smooth that process is. Supposedly there is a small delay as your stuff is transferred:

http://www.arena.net/blog/choosing-and-transferring-worlds-in-guild-wars-2

Regarding changing languages, I did a google search and found that supposedly you can change languages after you create your first character:

http://www.guildwars2guru.com/topic/32501-gw2-game-client-language/

I have not tried this myself.

I hope you changed your GW2 password if you still have access to your account and made it a long and secure password that you don’t use anywhere else. If you use the same password for your gmail account that you use elsewhere, change your gmail password NOW and start using unique passwords everywhere.

I was in mumble with a friend last night while we were playing gw2. He said another friend of his started playing gw2, and he mentioned the account compromises to her, telling her that people were using the same password with gw2 as they were using with other places. She told him she should change her gw2 password since it was the same as the one she was using for lotro.

/sigh

“Except that the first form of authentication is broken for many users. E-mail notifications/verifications fail to send. Effectively locking the players out of their own accounts for taking the steps to secure it.

How is this solid?"
———————————
I was referring to passwords. The password is the first form of authentication. When I read that they were working on a second form, I thought this meant for sign-ins, but I could be wrong.

I had to lol at your second post.

I once saw myself in a wvw zone by myself and no npcs but relogging (iirc) fixed it.

Eh it does indeed sound like her account was compromised. I’d suggest updating the ticket to indicate this. I have read about them transferring characters to other servers.

Stupid question, but could the email be in your trash mailbox?

ShadowX.4639:

I think you mean first form of authentication.

I know you were joking, but ArenaNet can’t force people to use a solid first form of auth.

There was already a post made somewhere recently which said they are working on a second form of authentication. You can get thousands more people here if you want, but I don’t see that speeding things up. Anything involving changing authentication needs a lot of time in the dev life cycle if the goal is to avoid more problems. Patience is needed.

In the meantime those with un-compromised accounts should be making longer and more secure passwords BEFORE they get compromised.

lionhardt.2938:

The PW one I used for this game came back as strong. Again read my posts been playing MMO’s since 1993. I am not new to this, been there, seen that. The fact still remains that I did everything correct except changing my account info when Anet reported it may be compromised. Why did I not do that you ask? The system was down just as it is now. My wife and son still cannot change theirs.

Came back strong from where? The game itself? If I go to gmail’s account signup page and put a pass of gw2password it says my password is strong. But I’d sure as heck not use that as a password anywhere.

In any case it doesn’t matter how long you’ve been gaming or how much knowledge you have. Anyone who uses services that require a password is susceptible to specifying one that is not strong enough or one that was already used elsewhere. That means you, me, and everyone else.

I hope everything is resolved quickly for you and the family, if it’s not already.

Err considering the hackers likely don’t have a hash file to use and can’t actually make billions of requests per second when trying to hack gw2 accounts, yes it would take weeks or months for many accounts. My gpu reference was for the case where someone does have a hash table to work with. I seriously doubt that is the case here.