Closed Thread
Page 1 of 82 1 2 3 4 5 11 51 ... LastLast
Results 1 to 15 of 1219
Like Tree3Likes

Thread: Account Security Discussion

  1. #1
    Community Manager Elrar's Avatar
    Join Date
    Nov 2010
    Posts
    2,584

    Exclamation Account Security Discussion

    Hi everyone,

    If you have been reading the forums it’s hard to miss the many discussions on compromised or “hacked” accounts. We have been investigating the causes and individuals behind these attacks and, as mentioned previously, are taking steps to protect you against them.

    One step we are taking is implementing the “Coin Lock” feature tomorrow (3/17/11). This feature is automatically enabled should your account be logged in from a significantly different location or computer and prevents unauthorized individuals from selling your items and money.

    Should you log in from a location that enables Coin Lock on your account you will be able to easily disable it via a code that is automatically sent to your email. Simply copy the code, locate the “Coin Lock” icon above your Hot Bars and enter it when requested. For more details on coin lock please see the full announcement: Update on Hacked Accounts. We’re also happy to say that, starting tomorrow (3/17/11), reporting mail spam will ignore the user and individuals on your ignore list will no longer be able to send you mail, thanks for your feedback on this issue.

    While only a small fraction of our players have had their accounts compromised they are our highest priority and we know the frustration and confusion it can cause when it happens to you. As we have seen in other games, those responsible for these attacks will always be driven to do so as long as selling game currency, items, and characters remains profitable.

    These individuals and groups have been accumulating account and email information spanning across the industry for as long as there has been one and their efforts continue to become more coordinated. As such it is very important that the password you use to access RIFT is unique and, most importantly, not shared with the email account associated with your game account.

    Here are some quick tips to using a secure password:
    • Make sure your password is unique and not used with other games, RIFT related websites, or your email.
    • Use a combination of upper and lowercase letters, numbers, and symbols.
    • Increasing the length and variety of your password can increase security. Shoot for at least 6+ characters.

    These attacks are client side and can be indicative of invasive programs being installed without your knowledge. Never click a link that advertises selling (or free) RIFT Platinum or other game currencies and furthermore never click a link that you do not trust. Should you receive an email from Trion or RIFT, the address should only go to riftgame.com, trionworlds.com, or trionworlds.custhelp.com (our support center). To be safe we recommend copying and pasting the link from the email to your browser. Another indicator of a fraudulent email is poor grammar and misspellings. We do our best to write properly.

    Should you discover your account has been compromised change your password immediately and contact Customer Support. While we are constantly expanding our CS team and working to respond to appeals as quickly as possible there may still be a significant wait and we are grateful for your patience and understanding while we assist others in queue before you.

    We’re constantly working to improve account security and are looking into providing free authenticators you can use on your iPhone and Android phones as well as via text message in the future.

    Thank you for your continued vigilance. We are committed to account security and want everyone to enjoy the game and will continue act swiftly against those who seek to disrupt your experience.

    Please use this thread to discuss your questions or concerns and help us by passing the information on to your friends and fellow players across the game.
    Last edited by Elrar; 03-16-2011 at 02:31 PM.

  2. #2
    Banned
    Join Date
    Dec 2010
    Location
    Louisiana
    Posts
    6,449

    Default

    Great info. I bet some hackers are going to mad tommorow

  3. #3
    Rift Disciple Moods's Avatar
    Join Date
    Jun 2010
    Location
    Denmark
    Posts
    176

    Default

    I appreciate your effort to better security in Rift, but I do think you have alot to learn when it comes to customer support, its one thing to be backed up, but not even giving a message back to people after 8 days so we know your working on our ticket.

    I dunno, i dont think this is acceptable.

  4. #4
    Champion Thorrand's Avatar
    Join Date
    Oct 2010
    Posts
    577

    Default

    Wish it could have been implemented sooner. logged on this morning to a naked toon. Put in a ticket about 9 hours ago with no response. Will this be fixed soon or should I go ahead and cancel my acct?

  5. #5
    Rift Disciple
    Join Date
    Feb 2011
    Posts
    175

    Default

    Really are you kidding me another thread closed that is talking about security.

    Over 600 messages listed in http://forums.riftgame.com/showthrea...acked-Accountshttp://forums.riftgame.com/showthrea...acked-Accounts and it gets shut down and moved.

    What is going on with rift.

    Security issues.

    Will not even update data in their own forums or in game.

    I love this game but support seems to be an issue. They do not consider how their actions will be percieved by their CUSTOMERS.

    I have discussed security in and the sillyness of the coin lock in 3 forum threads that have been closed or deleted.

    Does this mean they want us to to restart the discussion all over again?

    Great programmers but someone needs to teach them product support.

  6. #6
    Plane Touched Temko Firewing's Avatar
    Join Date
    Jan 2011
    Posts
    291

    Default

    Android authenicator <3

  7. #7
    Rift Chaser Excelsia's Avatar
    Join Date
    Jan 2011
    Posts
    279

    Default

    I am happy the mail spam will stop now. Got tired of the same email every day, and I couldn't find a place to put them on ignore. The Ignore list doesn't have an Add button... or if it does, I couldn't spot it.

    And I am not sure about this coin thing, but what about the code thing, like what Aion installed. You have to click your own chosen numerical code with your mouse each time you log onto the game. Isn't that a pretty good system? That way, even if they got the username/pw, they wouldn't have to log in code? Im not that schooled in security things, but it seems pretty good.
    Last edited by Excelsia; 03-16-2011 at 02:48 PM.

  8. #8
    Rift Disciple
    Join Date
    Feb 2011
    Posts
    175

    Default

    Would someone please please please explain how the coin lock will help us.

    If we have keyloggers they simply hop into our email that they would have logged as well and ok the coin. Oh and steal more while they are there.

    if it is a man in the middle will not work.

    Client error how will this help.

    Server issue. Does not affect it.

    Since it is same username and password for forums games etc and many people will use same password for mail as game this fix does not make sense to me.

    If you can explain it please do and use small words ;)

    this sounds like that idea that was bounced around in a board meeting and the big picture was not looked at. Kind of a knee jerk reaction to keep us quite for a short time.

    Maybe I am wrong.

  9. #9
    Telaran
    Join Date
    Feb 2011
    Posts
    78

    Default

    Great news and for sure a good start! Thanks for posting!
    KnightStalker
    Guild - Majestics - majestics.guildlaunch.com
    Class - Mage lvl 50 all out Chloro

  10. #10
    Community Manager Elrar's Avatar
    Join Date
    Nov 2010
    Posts
    2,584

    Default

    Not at all,

    And I've personally been reading and following all of the previously stickied threads. However, as you noted there were many of them and we want to prevent confusion and make it easier for players to find all the information contained in this single thread.

    If there's anything specifically that you feel we haven't addressed at this time let me know, thanks!

    Quote Originally Posted by Safiraa View Post
    Really are you kidding me another thread closed that is talking about security.

    Over 600 messages listed in http://forums.riftgame.com/showthrea...acked-Accountshttp://forums.riftgame.com/showthrea...acked-Accounts and it gets shut down and moved.

    What is going on with rift.

    Security issues.

    Will not even update data in their own forums or in game.

    I love this game but support seems to be an issue. They do not consider how their actions will be percieved by their CUSTOMERS.

    I have discussed security in and the sillyness of the coin lock in 3 forum threads that have been closed or deleted.

    Does this mean they want us to to restart the discussion all over again?

    Great programmers but someone needs to teach them product support.

  11. #11
    RIFT Fan Site Operator Aieny's Avatar
    Join Date
    Feb 2011
    Location
    Earth
    Posts
    472

    Default

    Really are you kidding me another thread closed that is talking about security.
    One thread closed, another opened. They likely want to keep discussion to a single thread, and some if those larger threads can get unwieldy.

  12. #12
    Plane Touched
    Join Date
    Aug 2010
    Location
    Texas!
    Posts
    165

    Default

    Quote Originally Posted by Safiraa View Post
    Really are you kidding me another thread closed that is talking about security.

    Over 600 messages listed in http://forums.riftgame.com/showthrea...acked-Accountshttp://forums.riftgame.com/showthrea...acked-Accounts and it gets shut down and moved.

    What is going on with rift.

    Security issues.

    Will not even update data in their own forums or in game.

    I love this game but support seems to be an issue. They do not consider how their actions will be percieved by their CUSTOMERS.

    I have discussed security in and the sillyness of the coin lock in 3 forum threads that have been closed or deleted.

    Does this mean they want us to to restart the discussion all over again?

    Great programmers but someone needs to teach them product support.
    This is their response. This is our update.

  13. #13
    Telaran
    Join Date
    Feb 2011
    Posts
    90

    Default

    Quote Originally Posted by Safiraa View Post
    Kind of a knee jerk reaction to keep us quite for a short time.
    Maybe I am wrong.
    ^^ this. And tickts will still open.. no eta, no replys.

  14. #14
    RIFT Guide Writer Sinfullysweet's Avatar
    Join Date
    Jan 2011
    Location
    Georgia
    Posts
    2,525

    Default

    Quote Originally Posted by Elrar View Post
    Not at all,

    And I've personally been reading and following all of the previously stickied threads. However, as you noted there were many of them and we want to prevent confusion and make it easier for players to find all the information contained in this single thread.

    If there's anything specifically that you feel we haven't addressed at this time let me know, thanks!
    Elrar, any idea what could have caused it or source? Still haven't found anything on my pc, and still unnerved a bit. Changed password, changed email, to literally something not known on any machine or account. Never registered my rift account anywhere other than with rift.

    If I could find a keylogger or something I would be at ease. But I can't find a thing. Any idea on yalls end of what has been the common place or statistic of where this came from?

    Sinfullysweet of Grievance on Wolfsbane
    PLAY ~*~Twitter ~*~ Raptr ~*~ Sinfullysweet's Steam ~*~ Sin's Xbox Profile
    WorldofWardrobes.net is no longer available due to hosting issues *RIP*.

  15. #15
    Rift Disciple
    Join Date
    Feb 2011
    Posts
    175

    Default

    Quote Originally Posted by Elrar View Post
    Hi everyone,

    If you have been reading the forums it’s hard to miss the many discussions on compromised or “hacked” accounts. We have been investigating the causes and individuals behind these attacks and, as mentioned previously, are taking steps to protect you against them.

    One step we are taking is implementing the “Coin Lock” feature tomorrow (3/17/11). This feature is automatically enabled should your account be logged in from a significantly different location or computer and prevents unauthorized individuals from selling your items and money.

    Should you log in from a location that enables Coin Lock on your account you will be able to easily disable it via a code that is automatically sent to your email. Simply copy the code, locate the “Coin Lock” icon above your Hot Bars and enter it when requested. For more details on coin lock please see the full announcement: Update on Hacked Accounts. We’re also happy to say that, starting tomorrow (3/17/11), reporting mail spam will ignore the user and individuals on your ignore list will no longer be able to send you mail, thanks for your feedback on this issue.

    While only a small fraction of our players have had their accounts compromised they are our highest priority and we know the frustration and confusion it can cause when it happens to you. As we have seen in other games, those responsible for these attacks will always be driven to do so as long as selling game currency, items, and characters remains profitable.

    These individuals and groups have been accumulating account and email information spanning across the industry for as long as there has been one and their efforts continue to become more coordinated. As such it is very important that the password you use to access RIFT is unique and, most importantly, not shared with the email account associated with your game account.

    Here are some quick tips to using a secure password:
    • Make sure your password is unique and not used with other games, RIFT related websites, or your email.
    • Use a combination of upper and lowercase letters, numbers, and symbols.
    • Increasing the length and variety of your password can increase security. Shoot for at least 6+ characters.

    These attacks are client side and can be indicative of invasive programs being installed without your knowledge. Never click a link that advertises selling (or free) RIFT Platinum or other game currencies and furthermore never click a link that you do not trust. Should you receive an email from Trion or RIFT, the address should only go to riftgame.com, trionworlds.com, or trionworlds.custhelp.com (our support center). To be safe we recommend copying and pasting the link from the email to your browser. Another indicator of a fraudulent email is poor grammar and misspellings. We do our best to write properly.

    Should you discover your account has been compromised change your password immediately and contact Customer Support. While we are constantly expanding our CS team and working to respond to appeals as quickly as possible there may still be a significant wait and we are grateful for your patience and understanding while we assist others in queue before you.

    We’re constantly working to improve account security and are looking into providing free authenticators you can use on your iPhone and Android phones as well as via text message in the future.

    Thank you for your continued vigilance. We are committed to account security and want everyone to enjoy the game and will continue act swiftly against those who seek to disrupt your experience.

    Please use this thread to discuss your questions or concerns and help us by passing the information on to your friends and fellow players across the game.
    Please also answer how you know that the issue is client side? You have examined no client side logs or anything.

    If hacked accounts are your top priority why has it taken up to 5 days and counting to get my account back.

    contact customer support you say. 90 minutes on hold on Monday to be told to open a ticket in game. Oh I had done that. Only one response in 5 days and that is please wait. Come on!!!!
    These attacks are client side and can be indicative of invasive programs being installed without your knowledge. Never click a link that advertises selling (or free) RIFT Platinum or other game currencies and furthermore never click a link that you do not trust. Should you receive an email from Trion or RIFT, the address should only go to riftgame.com, trionworlds.com, or trionworlds.custhelp.com (our support center). To be safe we recommend copying and pasting the link from the email to your browser. Another indicator of a fraudulent email is poor grammar and misspellings. We do our best to write properly.
    Seriously? what possible data can you have to say that these are invasive programs. Because you think so. Any data. What program do i use to find and remove it. Nothing I have can. Not even sure what to look for. Give us the process or something. Throw us a bone.

    I am happy to believe it is my side but if so waiting a week to get my stuff back to only be hacked again is stupid. If my security suites can not find it and your coin idea seems to have little merit what do we do get hacked wait, get hacked wait?

    This sort of post is insulting to your customers without anything to back it . Days with no answers from you guys.

    Am I venting heck yes. If you know what the security leak is throw us a bone so we can fix our side and please do not tell us to run security essentials I saw on one of your posts that is plain insulting. If you do not have anything for us to look at this is damage control and insulting.

Closed Thread
Page 1 of 82 1 2 3 4 5 11 51 ... LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts