Well, since this just happened to me sometime between 6 hours ago and 10 minutes ago, I hope this change comes quickly.
I only hope my account can be rolled back.
And I am one of the ones who can answer "No" to every question -- No falling for phishing, No 3rd party software, No giving password out to friends, No using simple password, etc etc etc.
I have petitioned, but only a short while ago, so I don't expect any results yet hehe.
This is an interesting idea, but it does have the potential to be ultimately pointless.
As Trion themselves have said, 80% if the "hacked" account complaints they have dealt with are a result of keyloggers (aka, the user screwed up and didn't keep his own system secure, and then *****es to Trion to fix it for them).
Now, with this system, all a hacker needs to do is wait until he has not only the game account password from the infected computer, but also the password for that e-mail account (though a person that was stupid enough to have a keylogger installed on their system probably has the same password).
So, all this does is mean the "hacker" needs to wait a little longer after installing the keylogger, and then they can log in to that persons e-mail account and get the Coin Lock code to unlock it all. It may take them a week or two to figure this out, but they will get there eventually.
If 80% of the "hacked" accounts are via keyloggers, then this will do nothing for that 80%.
I'm going to be mildly (but not totally) shocked if my account gets hit. I don't use a web browser on my PC to do ANYTHING but grab updated video drivers. I don't do anything on it but play games, using steam (unrelated account name and password), CoH (unrelated account name and password)...
Basically, it scans as clean and never does anything now but run the RIFT client.
amazingly good decision. Good to see Trion is on top of this.
OS: Windows 7 Enterprise 64-bit, Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz, Memory: 8.00 GB RAM
DirectX Version: DirectX 11, Display Card: NVIDIA GeForce GTX 460, Display Memory: 768 MB
MMO Experience: EQII, WoW, LotRO, Lineage II, GW, Aion, Vindictus, PWI, Shaiya, Aika, HoTK, ME, SUN, CO
This won't matter because the hackers will just brute force the account name password as well, which happens to be the same damn email that the coin lock code will be sent to!
So, yesterday my Rift account was hacked sometime late Friday night / Early Saturday morning, i guess there is a first time for everything. The funny thing is, my WoW and EQ2 accounts are both untouched. What gives? scanned my computer using Malwarebytes and Windows Security Essentials (both with the most recent updated definitions), not surprised but they both turned up nothing. I submitted a ticket Saturday around 3pm, havent heard a single thing from Trion. I guess what my question is, is how did they manage to get the info for my Rift account and not get either of my other MMO's (as I have logged into both of them to check my toons there) and how long does it generally take to get a GM to respond? taking 36 hours so far and I have heard NOTHING, it would at least be nice to hear something like, sorry we are busy, average wait time is 5 hours or something along those lines, this is insane. I have changed my Email and password already. Has anyone else with subs to other games notice its just their Rift account? or were your other accounts compromised as well?
There is substantial evidence suggesting that whatever's going on, it doesn't seem like keylogging is all there is to it. Lots of people who can't find any evidence of a keylogger despite a lot of scanning.
It sorta looks almost like the attackers have a list of login names and are trying to brute force them or something.
Well, I'm on day 4 waiting for a simple restore of my plat. It wasn't much, but it was a major hassle right before I was about to get my 40 mount. Had to stop and try to make money just because Trion is slow on doing this.
I can't help but think there might be something tied in to the Auction House somehow -- specifically, I wasn't hacked until I purchased a bunch of crafting materials. A few of the names that I purchased from (who happened to have the best deals) were quite odd... things like Pfifgnqwks and the like. perhaps there is some exploit from there?
I don't know, I'm probably just paranoid.