The "@username" system MUST be done away with before

Post » Tue Mar 04, 2014 6:35 am

Exactly...If you're in a guild with 300-500 people and can see all their user names, all you'd have to do is plug in a list of passwords such as this and get several hits.

User avatar
Bee Baby
 
Posts: 3450
Joined: Sun Jun 18, 2006 4:47 am

Post » Tue Mar 04, 2014 4:28 pm

That will mean that you can login at least 3 accounts, max out their creditcards and log out again. Maxis will probably find out and ban you, but they will not give the victim his/her money back.

And sometimes I like to get away from the crowd without one of those 500 guildies whispering to me. Privacy is a great thing.

User avatar
Emma Parkinson
 
Posts: 3401
Joined: Wed Jul 26, 2006 5:53 pm

Post » Tue Mar 04, 2014 6:29 am

Yes, because people choosing to remain ignorant so they can feel safe causes quite alot of problems realistically.

The more people can differentiate between perception and reality the better things can be for everyone. It means less wasted time bickering/arguing, less time "making people feel safe" and more resources used elsewhere. It also means that people end up with a better understanding of the realities involved and thus are more empathetic with those implementing those features and reality.

Basically to choose to remain ignorant so that one's life is easier or "feels" better is an extremely selfish endeavor that puts the burden on everyone else.

User avatar
Marie
 
Posts: 3405
Joined: Thu Jun 29, 2006 12:05 am

Post » Tue Mar 04, 2014 2:58 pm

really so your saying its such a BAAAAD thing for me to want to create my own username when I first create my account that will be my displayed username.....

User avatar
elliot mudd
 
Posts: 3426
Joined: Wed May 09, 2007 8:56 am

Post » Tue Mar 04, 2014 8:27 pm

The horrible thing is that my posts proving that there is no security issue seemed to be ignored. Guess people just want to argue.
User avatar
adame
 
Posts: 3454
Joined: Wed Aug 29, 2007 2:57 am

Post » Tue Mar 04, 2014 11:22 am

Even if there were no security issue, I wasn't aware when I created my user name (which has historically been private in games I've played and websites I belong to) that it would be broadcast in game, as most people weren't. If I had been aware, I would have chosen something different. A lot of people will have used the same type of name they use on many other accounts, not knowing any better. For a lot of people the name they chose was private to them and has been used on other private accounts, or reveals information pertaining to other accounts that they don't want made public.

User avatar
BEl J
 
Posts: 3397
Joined: Tue Feb 13, 2007 8:12 am

Post » Tue Mar 04, 2014 2:31 pm

I doubt traditional guild hopping would be an issue regardless. 5 guilds per account makes sure of that.

We will see how robust their additional security measures are. I had not heard of any of them prior to this thread. If they work as described, they would likely do much to minimize this concern.

There are other issues I see with the system, but they are minimal by comparison. Of course, they might not seem minor to a person who opted to use personal identifying information or an email address for their username, not having been told that they would be public.
User avatar
George PUluse
 
Posts: 3486
Joined: Fri Sep 28, 2007 11:20 pm

Post » Tue Mar 04, 2014 6:01 pm


You can have cs change it.

And Holt, I dont usually agree with you but I do here.

Too many people are thinking in outdated security mode, and you never want to use personally identifying information for a username unless you have no choice.

For instance, my banking username is first initial, ladt name and a number. They generated it for me. Here I used my forum handle, which is my wow main's name, and my beta forum login isnt either for some dumb reason.

Literally different user/password for beta forums and game ac ount. Not sure why they did it that way. I use Sakiri for everything tes related from here to Tamriel Foundry.

My ESO password isnt shared with anything. Which means Ill probably forget it at some point.
User avatar
electro_fantics
 
Posts: 3448
Joined: Fri Mar 30, 2007 11:50 pm

Post » Tue Mar 04, 2014 8:50 am

I think different account info for game and forum was a great idea. My understanding is that phishing with fake forums is one of the most common ways people get their accounts stolen.

IMHO, it isn't a bad idea to write down your PW and stick it in the game box if you got a physical copy. That's what I always do with my game PWs, easy to remember where it is.
User avatar
Manuela Ribeiro Pereira
 
Posts: 3423
Joined: Fri Nov 17, 2006 10:24 pm

Post » Tue Mar 04, 2014 1:42 pm

I can only repeat, this issues of account hacking en mass, by usernames has never happened in any other MMO that uses it.

I do agree, it would be a good idea to let people change it so it is not the same as their account name.

User avatar
Haley Cooper
 
Posts: 3490
Joined: Wed Jun 14, 2006 11:30 am

Post » Tue Mar 04, 2014 2:11 pm

Except that it doesn't bother me in the slightest and it's not a security issue.

User avatar
Jhenna lee Lizama
 
Posts: 3344
Joined: Wed Jun 06, 2007 5:39 am

Post » Tue Mar 04, 2014 4:37 pm

They should use a nickname system for your account, every account should got a unique nickname on top of the account login info. Your nickname is displayed in guild chat as oppose to username which is a huge security risk.

User avatar
Georgia Fullalove
 
Posts: 3390
Joined: Mon Nov 06, 2006 11:48 pm

Post » Tue Mar 04, 2014 6:01 pm

Actually, it is a security issue. There is no extra authentication except an IP check and send an email to you which people can hack into.

User avatar
priscillaaa
 
Posts: 3309
Joined: Sat Dec 30, 2006 8:22 pm

Post » Tue Mar 04, 2014 11:43 am

People trying to hack you will get your username anyways.

User avatar
Andy durkan
 
Posts: 3459
Joined: Fri Aug 03, 2007 3:05 pm

Post » Tue Mar 04, 2014 8:40 am

Agreed I should login with an account ID that is never shown in game to anyone else I'm playing with.

I don't like account bound things either like the 5 guilds system, but thats a whole different kettle of fish!

User avatar
Daniel Brown
 
Posts: 3463
Joined: Fri May 04, 2007 11:21 am

Post » Tue Mar 04, 2014 4:56 pm

And we don't let them get it easier than it should be. If you are in a guild and you join the guild forum, chances are, both your email and username is known to another player in the same guild and thus they have a better chance to target you.

User avatar
Talitha Kukk
 
Posts: 3477
Joined: Sun Oct 08, 2006 1:14 am

Post » Tue Mar 04, 2014 2:30 pm

FWIW, the IP check works on their website as well. I just tried to log in via a different IP than normal, and was required to enter an email code.

That makes me feel a bit better.
User avatar
Robert Garcia
 
Posts: 3323
Joined: Thu Oct 11, 2007 5:26 pm

Post » Tue Mar 04, 2014 7:17 am

The IP check doesn't work in the game tho.

I have used VPN on and off and it never asked me one time to enter an access code.

And even if it does work for the game, its not fail safe. An authenticator apps would be better but not showing your login name should be the bare minimum.

User avatar
Andrew Lang
 
Posts: 3489
Joined: Thu Oct 11, 2007 8:50 pm

Post » Tue Mar 04, 2014 1:10 pm

Pretty much this.

They're not going to brute force your account. And if I have your username, I don't necessarily have your email address.

Why in Hate's name would you join a guild with people like that in it? And why in Hate would you use the same email as you do for important things?

All of my forum logins are sent to a junk email I keep for just that purpose...

There are a LOT of dumb things going on in this thread. :/

Yes, current PTS patch added this to the game as well.

We've said a few times that it went in the last PTS patch, not the 3 builds old version we had this weekend.

And they're not going to change how the login works this far along.

Some of you folks are really obtuse about how big of a problem this is, because it's really *not* a problem. It really isn't.

User avatar
Janette Segura
 
Posts: 3512
Joined: Wed Aug 22, 2007 12:36 am

Post » Tue Mar 04, 2014 1:21 pm

Guild Wars 2 has survived just fine with this system for nearly 2 years.

If you are not comfortable with the system, double the length of your password.
User avatar
Mackenzie
 
Posts: 3404
Joined: Tue Jan 23, 2007 9:18 pm

Post » Tue Mar 04, 2014 1:18 pm

I'm not a fan of the current system either, honestly. It was actually changed to be like this, since at first you were logging in using your email address, which was never shown anywhere in-game unless you typed it out yourself. Now your login is easily seen in the game.

I simply don't like it. I don't see why it was changed. It's surely not more secure.

Mind you, I'm totally fine with having ZOS's version of CoH's @Global system. (Someone wanting to hide theirs for whatever reason is a separate issue.) I just don't care for my login credentials being so easily available. There's simply no upside to it at all that I can see.

User avatar
Mason Nevitt
 
Posts: 3346
Joined: Fri May 11, 2007 8:49 pm

Post » Tue Mar 04, 2014 6:53 pm

Let's contribute every single legitimate issue / concern to Hate. Because everybody is so trusting on the internet that ZOS shouldn't even need to implement a better system. They could have used the character name in guild chat and guild roster but they decided to use username instead, so they have the responsibility to implement a better system on security.

And for the PTS build argument, its pointless anyway because the IP check is only an email for an authentication code and we know email is unhackable.

User avatar
james reed
 
Posts: 3371
Joined: Tue Sep 18, 2007 12:18 am

Post » Tue Mar 04, 2014 9:18 am

just so much qq its ridiculous. only retards get hacked and if they do its easy to get your account back. no massive amount of players is gonna get hacked cause of that reason. kid, your a clown stop posting. its sad that two others eggd you on and agreed with you. get out of here you scoundrels!

your just like the one complaining about the bag space and long walks in pvp. man thats part of the game thats what makes it hardcoe. you die you, kick rocks take a hike.

User avatar
james tait
 
Posts: 3385
Joined: Fri Jun 22, 2007 6:26 pm

Post » Tue Mar 04, 2014 10:13 pm

I can't remember if you can use 'nickname' which you are referred to in the game for login. However, this is the reason why they implement the authenticator now.

User avatar
His Bella
 
Posts: 3428
Joined: Wed Apr 25, 2007 5:57 am

Post » Tue Mar 04, 2014 3:48 pm

That's a fair point.

Maybe TESO just needs a similar authenticator system?
User avatar
Sammykins
 
Posts: 3330
Joined: Fri Jun 23, 2006 10:48 am

PreviousNext

Return to Othor Games