| Author |
 Topic Search
 Topic Options
|
Ashleigh Jayne 
New Poster
Joined: 16 Jul 2015
Location: UK
Status: Offline
Points: 20 |
 Posted: 01 Dec 2015 at 13:51 |
|
Bob, I remember chatting to you the day you 'abandoned' - so sorry to hear that something has happened to your account. As Rill says, hope to see you back on the game soon!
|
|
^^^ Ashleigh Jayne (AKA) AJJ
|
 |
Sheza
Forum Warrior
Joined: 16 Oct 2012
Location: Kumala
Status: Offline
Points: 325 |
Posted: 01 Dec 2015 at 16:39 |
Wartow . Evony ( I know thats a bad word sorry) had to add a security code t
o our accounts.
cause that is a issue there. But cool down should work and I dont know if its a bad thing or not? Good luck Bob,
Edited by Sheza - 01 Dec 2015 at 16:40
|
|
If Horses don't go to Heaven when they die. then I want to go where they go.
|
|
Brandmeister
Postmaster General
Joined: 12 Oct 2012
Location: Laoshin
Status: Offline
Points: 2396 |
Posted: 01 Dec 2015 at 17:31 |
|
If the passwords were hacked, it is most likely a brute force attack. The same approach led to the hacking of celebrity iCloud accounts last year. The solution is quite simple, the account just needs to go into lockout after 3 bad passwords are attempted. It doesn't even have to be a full lockout, it can just be a 5 minute cool down between attempts if the password is wrong 3 times in a row.
|
|
Pellinell
Forum Warrior
Joined: 08 Apr 2012
Location: United States
Status: Offline
Points: 298 |
Posted: 01 Dec 2015 at 18:16 |
|
If players are indeed being hacked, this is a very concerning matter. Particularly for those of us who have been here for many years. I hope the devs get on this now and make sure there is a system in place to avoid this. I like the email verification idea best. Seems it would be easy to implement and would not affect terraforming.
Get on this devs please!
|
|
Serpentina
New Poster
Joined: 13 Oct 2014
Status: Offline
Points: 7 |
Posted: 01 Dec 2015 at 18:43 |
|
I want to say that BonTron's abandoning seems very odd to me. He's been really active in the alliance and wasn't showing any sign of leaving.
I wasn't online yesterday, but I see that Bob was chatting with others in our AC at 30 nov 00:35.
Rikoo, can you see if Bob's abandonment was done during the same session? Or in a subsequent session from the same IP? If it was done from a different IP, and that traceroutes to a different geographical location, it'd sure lend credence that this may have been a hack.
|
|
GM Rikoo
Moderator Group
Community & PR Manager
Joined: 28 Mar 2014
Location: Mars
Status: Offline
Points: 1233 |
Posted: 01 Dec 2015 at 19:50 |
1) We already warn players to make secure passwords, etc, and to not share accounts. Even if we had multiple steps of verification, players will still have their accounts "stolen" which could mean many things (they shared it, they play at a public library, etc.) I will pass on the concern for more security, but considering how rare it is, I think we're generally pretty good.
2) IP addresses, etc would not tell the entire story. Again, though, the player is responsible for maintaining their account.
3) As I said before, no matter what, we will not reinstate an abandoned account.
Thanks all! We are aware of possible hacking attempts and -- trust me -- keep a look out for them. Pass this on as an example of the importance of practicing security through tough passwords, not sharing accounts, etc.
I will not be discussing the particulars of any one player's case, so need to ask.
Thanks all!
Rikoo
|
|
Illyriad Community Manager / Public Relations / community@illyriad.co.uk
|
|
Artefore
Forum Warrior
Player Council - Biographer
Joined: 21 Feb 2014
Location: Earf
Status: Offline
Points: 312 |
Posted: 01 Dec 2015 at 20:10 |
 GM Rikoo wrote:
..so need to ask.
|
...so *no* need to ask.
Is what I think you meant.
|
|
"don't quote me on that" -Artefore
|
|
GM Rikoo
Moderator Group
Community & PR Manager
Joined: 28 Mar 2014
Location: Mars
Status: Offline
Points: 1233 |
Posted: 01 Dec 2015 at 20:16 |
You're right, Arte.
NO need to ask. :)
Rikoo
|
|
Illyriad Community Manager / Public Relations / community@illyriad.co.uk
|
|
Pellinell
Forum Warrior
Joined: 08 Apr 2012
Location: United States
Status: Offline
Points: 298 |
Posted: 01 Dec 2015 at 21:48 |
|
One player being hacked seems enough reason to me to make a change. Whether or not it happens once a year or once a decade, it happens and therefore should be addressed.
It doesn't seem to be to much to ask or particularly difficult to implement a email verification. I've put a significant amount of time and effort into building and maintaining my account over the last four plus years. If this were to happen to me I'd be very upset with "we are sorry but even though it can be prevented you don't matter enough for us to fix it" that to me doesn't show the devs care very much about the community that make their game what it is.
Thus I ask again please fix this.
Edited by Pellinell - 01 Dec 2015 at 21:52
|
|
GM Rikoo
Moderator Group
Community & PR Manager
Joined: 28 Mar 2014
Location: Mars
Status: Offline
Points: 1233 |
Posted: 01 Dec 2015 at 22:01 |
I am not going to try and convince anyone that we care about the community because we have not immediately placed new players of protection into a system that has already worked for years.
I would also like to remind everyone that "hacking" is often the first term that is used to describe any number of situations that are quite possibly not hacking... at all. People also refer to a chat silence as a ban. :)
I will pass it on to the team! If you have any other questions, let me know.
Rikoo
|
|
Illyriad Community Manager / Public Relations / community@illyriad.co.uk
|
|
Tweet
Account Hacks