Guild Wars 2

lionhardt.2938:

As do I, this does not protect you. All they do is run a program to type random emails into the log in (or do it manually as this is a full time job in some countries.) When they get one that is registered it will say incorrect password. At that point they switch to the PW cracking program which will run millions of passwords until they crack your account.

Yes a gpu can crack a weak password in a few seconds. That’s why people should be using long passwords that can’t be easily guessed. Someone trying to compromise an account by brute forcing a password isn’t going to spend weeks or months trying to crack one account when so many other accounts can be cracked in seconds.

As for typing in random email addresses, the logical choice is to use lists of email addresses that have been used elsewhere, especially for games and gaming sites. It’s already known that those emails are in use, and the lists are a dime a dozen, available to anyone. There is no need to spend human or machine resources guessing email addresses that might not even be in existence when lists of known email addresses are much more reliable. As for spam, yes those get sent to email addresses that are not in use, but that’s usually in the form of admin@whatever or info@whatever.

I initiated the same request 8 days ago (to have my cc details removed, just in case….), on Sept 5th , and all I know is it was apparently forwarded to the billing department on the 12th. I am not going through the nuisance of closing my card as I don’t at all believe my credit card is currently at risk as I use a unique email and password that wouldn’t be guessed, but I would like to remove it anyway so it’s not just lingering around.

Considering people have been waiting a few weeks to get into the game, I am willing to wait as needed to get my card details removed and I don’t think it’s unreasonable to have to wait.

However, I do hope they are going to add a way for people to remove their own cc info so that if their accounts ARE compromised, they don’t have to deal with the extra stress of fraudulent charges that they have no control over. Losing one’s GW2 account is bad enough, but having to deal with the credit card company to get gem purchases reversed just adds salt to the wound.

They’ve said they don’t currently have the ability to restore individual characters or accounts. They’ve also said they will, at some time in the future, have the ability to restore entire accounts from a time before the account was compromised, but not individual characters or items. Sorry, I don’t know where this was posted but it was in one of these threads.

So you can wait for that restoration ability to be offered (no time frame has been given), or you can start playing with your character or with new characters. They would be wiped, presumably, if you chose to go for the restoration whenever it is available.

You should clear out the email address in that screenshot. Don’t give yourself more problems.

From what I have read, those who had their accounts compromised would see a message saying their accounts were permanently blocked / suspended / banned. The word “permanent” is key here.

If your suspension is for 72 hours, you probably did something you shouldn’t have done.

Right, I read that in their post about the email lists. But I haven’t read anything about ArenaNet blocking those emails from registering. Do you have a link to where ArenaNet states they are blocking email addresses that aren’t yet registered for GW2?

Gold sellers would go away if people would stop buying from them. Unfortunately that will never happen. People think with their wallets instead of their brains.

To those who buy gold from the RMT crew: every time you make a purchase with them, you are encouraging them to compromise more GW2 accounts. The next account they compromise could be yours. Either earn the gold in-game or buy gems from ArenaNet and convert to gold. Don’t be a part of the RMT problem.

Dunno, but I strongly suggest changing your password before someone else changes it for you.

Click the world select button in your character select screen and pick a server.

You can create a support ticket acccount that is not the same as your GW2 account (I did this myself). And it’s a good idea to do this if you suspect your account was compromised. Using the same credentials for your GW2 account as you use for the support ticket just means the person can access your tickets, as you unfortunately found out.

I hope the credentials you used for your GW2 account and your support ticket account are not the same email address and password you use to acess your email account.

Someone probably sent it to you by mistake. I’ve received those before and sent them back as I’d want someone to do the same for me if I sent stuff to the wrong person.

Be nice and hit the return to sender button.

Widowmaker.5812:

I thought it was obvious that people knew this is what the hackers were doing. I figured that out after the first time they stole my account. I’m still without an account now for 8 days.

One of the biggest issues I see with the premise that these hackers have a large list of emails and passwords to hack the AreaNet security is that the cycling through a list that large is abrute force attack against a single URL and would appear as a DNS attack and should be REALLY easy to pickup by security.

Something just doesn’t add up for me that the sole vector of attack is an email/password list combination attacking the login URL/client.

If there are thousands of legimitate people signing in every minute, or even hundreds, another hundred or two from a subset of IP addresses won’t likely trigger any detection assuming ArenaNet is looking at the total number of attempted logins.

Considering how often people re-use their credentials from site to site, if the ones doing the account hijacking were using a large list of emails and passwords, especially a list obtained from another game, it most likely wouldn’t take many login attempts to find valid GW2 credentials.

I’ve already seen many posts here and elsewhere from people admitting they re-used their email and password in GW2 that they also used elsewhere. And that’s just the ones I read about who were willing to admit it. I’m sure the vast majority don’t fess up.

Wraith.4103:

https://forum-en.gw2archive.eu/forum/support/account/Possible-reason-why-so-many-Accounts-are-being-100-lost/first#post69308

Take a look at this.
And some still saying its not Anet’s fault.

Correct, it’s is not ArenaNet’s fault when people re-use login credentials they have used elsewhere, and the op admits his wife did that. There is nothing at all ArenaNet can do about such decisions.

However, yes they could improve the security around the ability for someone else to change someone’s email or password after they have discovered the login credentials.

Spectorx.9762:

Peeps be busy over in China.. Every single one of these posts is from someone in China.. Wish they would just block all of China’s IP’s from connecting to US servers.

If they blocked IP ranges, those in China would just use proxies to change their IP addresses. Then they’d still be able to connect to US servers.

Wraith.4103:

It make even less sense when they try to block someone from enter in your account in game but let that same someone enter in your account in browser to steal the account changing your e-mail in seconds.

I see what you are saying. If I am understanding this correctly, what the account thieves can do is this…

1. Thief gets access to email and password (very easily done if people re-use credentials from site to site).
2. Thief signs into GW2 client when valid credentials are found. Thief can’t get in due to email verification. (They could just skip this step completely.)
3. Thief signs into web site using same valid email and password used in step 1. No verification needed other than email and password.
4. Thief changes email address to an email account he can access.
5. Thief signs into the client again. This time the verification email goes to the account he has access to.

The valid owner then can’t access his account because the thief has likely changed the email and the password.

If this indeed works as described above, it renders the email verification essentially useless.

It is still up to the account owner to ensure proper seccurity if his own GW2 credentials, but if any kinds of safeguards are going to be added then they shouldn’t have holes like what’s described above, assuming those steps are correct.

Oh geez, this is what the op originally stated. This is what I get for skimming through posts and not reading them in their entirety.

People were asking about their own suspensions for inappropriate language in a reddit thread. ArenaNet would respond and post what the person had said in chat. That was comedy gold.

I don’t think you want that happening to you.

If you lose access to your email account because you change ISPs, or for any other reason, and you want to change your GW2 email, and ArenaNet decides you have to confirm the change at your old email address, you won’t be able to change it. Not every site requires that you have access to your current email address if you want to change that address within the site.

If you are loose with your password, or if you keep using the same login credentials that you have used elsewhere, or if you share your account with others, or if you have malware on your pc, that’s not ArenaNet’s fault.

Rhapsody.6173:

Here’s a possible reason as to why so many accounts are being hacked.

!http://i3.photobucket.com/albums/y60/ShadowWolf81/GW2AccountProblem.jpg!

While the ‘forgot password’ option sends a confirmation e-mail to the account on file, if a hacker manages to ‘break’ your password and log in to the website, they are then able to IMMEDIATLY change your login credentials (which is basicaly your e-mail that is on file), and there is NO confirmation e-mail sent to the previous e-mail/login prior to this change taking effect. The change is immediate if done directly from the website.

If someone gets your email and password, your account can be compromised regardless of whether the person changes your password. If they sign into your account and take your gold, the damage has already been done even if they don’t change your password (or your email).

People are re-using the same login credentials at multiple locations. This is nothing new and it has been going on for years.

From a few years ago:
http://www.pcworld.com/article/188763/too_many_people_reuse_logins_study_finds.html

and more recently:
http://www.zdnet.com/one-in-five-hacked-logins-match-microsoft-accounts-7000000969/

People are reluctant to change their behavior, and there is not much ArenaNet can do if someone chooses to continue using the same email and password at various places.

Yes it would be nice if there was some kind of secondary authentication, such as a secret question or a hardware authenticator. But unfortunately some people would still have their accounts compromised even if they used two-factor authentication.

Illconceived Was Na.9781:

Hackers have attempted to login using credentials from email addresses that aren’t used in the game yet. ANet blocked those addresses from using the game so that your account cannot be hacked before you start playing.

I’m not sure how they could do that. If I register with me@example.com and a password of abc, and I go away for vacation for a few weeks, and someone else signs into the client with me@example.com / abc, ArenaNet isn’t going to know if it’s me or not.

If you’re saying they are blocking people from registering using email addresses that are in lists floating around, is there a link to such a post?

Would you rather ArenaNet not block your account and let the person who took it over do anything they want with it? While you wait for the ticket to be resolved, this is a good time to come up with a long and secure password you have never used anywhere else and will never use anywhere else. And preferably get a new email address just for GW2 while you wait.

You can change your password within the GW2 web site:

https://account.guildwars2.com/account

Change your password to something long and secure. A password like “aaaaaaaaaaaaaaaaaaaaaaaa” is long but I’d not recommend it. A password like “p@$$w0rd” might look secure, but it’s too short and too easily guessable. Make your password long AND secure, and make sure you have never used that password anywhere else. Either memorize your new password or store it somewhere, and never ever use it anywhere else or give it to anyone. Ever.

If by “appeal” you mean ticket, you will just have to wait. I’ve never heard of ArenaNet making an exception for someone who said another person was using their pc since ArenaNet has no proof of whether this is actually true for anyone, and it’s ultimately up to each player to control access to his/her own account.

omg I love you. I have to try this with my much beloved ffxi music.

Thanks!

Ooooh, I like this idea. I’d pop in the ffxi soundtrack.

BlueStoat.9157:

The same is true of every profession. Its not OP, its just that the player is just smart enough to play to the strengths of the class.

This.

In wvw I’ve probably run across people of every class whom we / I had a hard if not impossible time killing.

If I want to play my guardian like a tank and buff him that way for longer survivability, and if I’m mobile and use my skills correctly, yes I will live longer but my damage output will suffer. I could go for damage instead but would be weaker in defense.

Same is true for every single class.

Yaaay thank you Regina!

Being able to play a pig. What more can a person ask for?

Well, I’d love to be able to play a skritt, but I’ll settle for the pig.

PawPrince.5719:

Given the issue at hand, did anything other than “Butter” need be said for people to know what issue was being discussed?

I lol’d. I think everyone who has been playing the game a few hours would know what the thread was about if the title had just been “Butter”.

But yeah, I have the butter bug too. It makes me want to kill the cows to stifle the supply, but I’m afraid I’ll just loot even more butter.

Now if they would just replace the butter with those keys we all need, life would be good.

I agree with you Alex, and I think you making this thread was a good idea. ArenaNet is not immune to being hacked, and neither are users, regardless of how secure each thinks his/her own system is. But if someone really did breach ArenaNet’s accounts database, I’d expect a lot more compromised accounts. And if someone had access to over a million records, the chances of someone compromising the same account twice is probably about as good as me winning the powerball lotto tomorrow.

Perhaps I should buy tickets.

If you want to insist on the idea that ArenaNet’s db has been compromised, even though you are the only one who has mentioned having your account compromised multiple times, that is your choosing.

I have a master’s degree in network security and have worked on security applications at one of the largest companies in the world. None of that means I’m immune to a malware infection, and neither are you.

Widowmaker.5812:

There’s more to these hacks than ArenaNet is letting on. Gaile and the other GMs are stating that online sources are the cause however, I was hacked yesterday and,

1. I used a brand new email (just created) and never used anywhere before
2. I created/used a 32 chacacter ASCII password (numbers, caps, symbols etc)
3. I verified my email and was watching login attempts (and saw none)

My email was changed and the notification email did NOT give me an opportunity to prevent it.

I’ve come to the conclusion that either the hackers have admin access to ArenaNet systems or buy.guildwars2.com sold my serial key to multiple people and we’re opening hacking tickets making the assignment of it go back and forth. I made a similar post about this yesterday and a MOD deleted it. Why would they delete it?

You admit in other posts to having had your account compromised multiple times. I suggest scanning your PC for malware using BOTH an updated and reliable antivirus program and something that detects other types of malware, such as Malwarebytes Anti-malware.

You claim that ArenaNet’s databases might have been hacked. I find it odd that hackers would get access to over a MILLION accounts but pick just yours to hack multiple times. Unless, of course, their system wasn’t compromised.

Really though, scan that pc. Thoroughly.

There is no need for them to hack into GW2 databases because there are still plenty of existing email and password combinations floating around for them to try.

If you found a set of keys outside a row of houses, you’d go through those keys first before you tried picking any of the locks. It’s easier and faster to get into someone’s account (or house) if you already have a list of emails and passwords (keys).

I am not surprised Blizzard eventually was hacked. But I don’t for a second believe ArenaNet has been compromised at this point in time. If they had been, there would be a lot more reports of compromised accounts considering they sold over a million copies already.

But I do find it amusing to read the conspiracy posts and threads. lol

Frostpyro, you must not be aware that there are many many many lists of emails and passwords floating around the web and shared between people who try to maliciously access those accounts. If your GW2 account was compromised, your credentials are on at least one of those lists. This is not an issue of ArenaNet being compromised. This is an issue of people not being secure enough with their own credentials.

Last night, just for kicks, I did some searches online and found around a dozen long email and password lists for various sites. I don’t mean a few logins, but a lot in each list. This was just after a few minutes of searching.

There is no need for anyone to bother trying to get into ArenaNet’s databases when login credentials for various insecure sites are freely available for anyone to use. And with people using the same login credentials from site to site, it’s quite easy to find many valid logins for GW2.

If you don’t want to be compromised, do what ArenaNet and others have been saying repeatedly. Use an email and long password you don’t use anywhere else, and don’t use that info anywhere else, ever again. And check your pc for malware.

My account data has not been compromised ever, as far as I know, and my GW2 data isn’t going to be compromised. Why? Because I use a unique email and password, and I don’t respond to fake emails, and I regularly scan my pc. I am proactive about my account security, but many players don’t do the same thing, and they are stuck paying the consequences of their own actions.

Oh come on noobdestroyer, you know as well as I do that they are constantly working on tickets. When there are tens of thousands of players, if not more, who aren’t practicing good security with their login credentials, there are bound to be a lot of support tickets.

To the op, a permanent suspension might indicate your account was compromised, meaning someone else got access to it. ArenaNet is blocking those accounts to try to limit the damage that can be done.

Open a support ticket if you haven’t already, and be very clear in what happened. Only put essential info in the ticket as this will increase the likelihood that your ticket will be classified correctly. Leave emotions out of the ticket.

Next, wait. There is a long queue of people with compromised accounts, so you will have to wait in line. In the meantime, scan your pc with an updated antivirus AND something like Malwarebytes Anti-malware.

Edit: oops just realized noobdestroyer IS the op. lol

If it’s “awaiting your authorization” that means they know your password. So either your password is easy to guess, or you have malware on your pc, or you responded to a fake email and gave someone your password, or you use the same password elsewhere.

I suggest changing the email AND PASSWORD associated with your account. Use an email and password you do not use anywhere else, and make sure the password is very long and secure. Do not use the email and password anywhere else, ever.

Also I suggest running a scan with an antivirus program and Malwarebytes Anti-malware.

And whatever you do, make sure you don’t click that link. If you do, you will be giving someone in China the okay to access your account, after which they will likely rob you completely.

I disagree about the part re: not writing down your passwords. If you live alone it should not be a problem writing passwords down, assuming you lock your doors at night and don’t live in an area where breakins are frequent. Not everyone is going to be technically savvy enough to use programs to remember passwords, and each has drawbacks.

Storing passwords only in an online service can make some people nervous even if the passwords have strong encryption and aren’t sent in the clear, and it relies on the online service always being available. Storing passwords only in your computer can cause problems if your hard drive has issues and you can’t access your password file(s). Storing both online and offline has advantages but relies on a dependable password service.

For those not wanting to deal with all of this, writing down passwords should be fine assuming others can’t normally get to those passwords. Writing down passwords like #hs*b8s@nd! is much better than simply remembering one or two passwords like “mypassword2012”.

Is there an approximate timeline on the account restoration feature, given your higher priorities? Will it likely be this year or next?

Not gonna happen.

http://massively.joystiq.com/2012/08/30/guild-wars-2-is-heading-to-china/

Good question and I’m glad you asked as I have an account that has no characters. But I don’t have an answer.

While you’re waiting for an answer here, I suggest putting in a support ticket indicating you think your account was compromised, if you haven’t already. There is a long queue for this, so the sooner your ticket is added the better.

If they do put something in place to block brute force attacks, I hope they don’t say so. I’d rather those trying to steal the accounts waste their time with brute force attacks thinking they are going through when in fact they’re just wasting their time.

And if you’ve used that same password elsewhere, or a derivative of it, and that password is already on a list of known of logins, it won’t matter how “secure” it is.

Didn’t read it all, but I see you mention near the bottom that your account was hacked. You should post here if you haven’t already as that is where they asked people to post their support tickets:

https://forum-en.gw2archive.eu/forum/support/account/Account-Hacked-Permanently-Banned-Post-here-merged-1

I’m pretty sure just about every single person who is suspended for inappropriate language knows exactly why. People just don’t WANT to be suspended. They claim they didn’t say anything wrong, hoping ArenaNet will release the suspension. Sometimes they will admit they said something they shouldn’t have said, and they still beg to be let back into the game.

It’s 100% common sense, nothing more, nothing less. Don’t ridicule other players, harass anyone, use profanity, make real-life racial comments, etc. It’s really not difficult to comprehend assuming people have been taught manners at any point in their lives. But a certain percentage of players want the freedom to say whatever they want, so they come to the forum saying suspensions shouldn’t exist, that players should just block, etc etc etc.

It’s ArenaNet’s playground. If people don’t want to abide by the rules, they can go find another playground where there are no teachers watching. Personally, after years of seeing excessive immaturity in chat, I’m thrilled with the suspensions and hope they continue.

If you can’t be civil, don’t use chat. This solves the problem for everyone.

Well if players would choose to act respectfully when communicating with others, there’d be no suspensions for misbehaving.

What are all of you going to do when you get real jobs and have to interact with managers / supervisors? I can only imagine.

Joker.9810:

Oh and Further more, my steam account is the same name and pass and no issues. Not even an attempt to log in from another computer. im 98% certain guildwars 2 site got hacked not another site…

First of all, RMT folks don’t really have much to gain by trying to hijack steam accounts.

Second, if you are using the same email and password for GW2 and ANYWHERE else, don’t bother complaining that your GW2 account was hacked.

Hopefully you have learned not to use the same credentials, especially for MMOs, at multiple places. If not, we will see you back here again in a month or so, maybe less.

Dorude.9738:

Yes, Anon, How beautiful that they simply suspend without warning. Meanwhile I will wait my 63+ hours for “Racial/Ethnic Slurs” despite it being something said to a friend jokingly. All parties involved were most likely sure of this, despite this it seems that ArenaNet thinks it’s plausible to give no warning besides a ToS. They’re in their right to do so, but hey, whatever.

If you type it in an area where others can read it, you can be reported. If you trust your friend 100% then use /whisper. But keep in mind your friend can still report you.

Best option is to get a voice program and just use that to bash each other. Faster, easier, and no suspensions.

Firestorm.8605:

anonymouse.9053:

From what I’ve read, permabans are usually due to compromised accounts. I suggest filing a support ticket about if it you haven’t already.

I checked online and no one logged into my account but my self. Plus, as I had said already; it happened suspiciously literally milliseconds after I clicked a world in the WvW menu thing.

And it happens to people as they are crafting, or using the AH, or running around in a pve zone, or whatever. It’s coincidence. People don’t get banned for just using the ah, or just crafting, or just entering a wvw zone.

There was a post somewhere saying that if someone else logged into your account it wouldn’t necessarily show up in that list. I don’t remember the details about that post, unfortunately. In any case, my hunch remains that your account was compromised.

Others are getting the same message while actively playing the game and getting booted off, so my GUESS is that the status of your account hasn’t changed but that just the message has. Hopefully a moderator will offer some input.

Dol.4801:

I just now got my account back on 20 minutes ago. I posted my issue up 11:58AM on 9/2/2012. To give you an estimated time on how long you may be waiting.

Lucky for me, the hacker left all my money and gear untouched. He must’ve not of gotten around to it so I’m very fortunate. I wish you the same luck, and i would say you have about 1 or 2 days of waiting left to go. and yes it’s longer than the 72 hour rumor.

Glad to hear it!! Now make sure your new password is long and complex and don’t use it anywhere else!

If you weren’t able to read messages in your email account (hypothetically speaking) due to something such as your email account being hijacked, or you getting a new ISP and forgetting to transfer your gw2 email to the email of the new ISP, or your email provider having problems and not delivering mail, etc., you would not be able to change your email address with gw2 if they required you to have access to your “old” email account. There are pros and cons to requiring that the player have access to the email address he used when signing up for the game.

Dorude.9738:

But even in my case I know that what I said was stupid, I just figured " Eh Whatever, it’s just a game, I didn’t say it to or at anyone so it’s not as if I could possibly offend someone. " but then I remembered about the time my suspension came through: These people… eh Nevermind.

“These people” is right. If “these people” wouldn’t use offensive chat or names then they’d not be suspended for using offensive chat or names.

At least you are willing to recognize that whatever you said was stupid. Next time don’t say it. lol Or at least say it verbally. Don’t type it out, not even in /say. Be lazy like me and use your mouth instead of your fingers. Easier that way.

Some folks refuse to acknowledge that their chat comments or names are offensive, so I’d be willing to bet they’ll do the same thing again. And again.