Account Security and Theft Policy - READ THIS

what about remove the asian server/ only eu and na servers/ block the Ip that cam from asia.just sayin cause my bro loose everything he had he got hacked so..

"

gerra07 wrote:

what about remove the asian server/ only eu and na servers/ block the Ip that cam from asia.just sayin cause my bro loose everything he had he got hacked so..

Oi, I play from Asia and so do a whole bunch of other legitimate folks.

Enough of this crap already, even I'm bored of it and I'm one of the best rantists I know.

"

Dakku wrote:

Hack's and Bot's = Lose People ingame = Low poblation of players = Nobody Purchase microtransactions. You decide GGG ;)

Indeed, I got hacked just now and few days ago purchased $50 on micro transactions.
If regret killed...

I know that nothing will be done, Ill have to get everything again and now Ill never store orbs again, ill buy quality gems and use them as currency forever. If I didnt stop playing, I have a job, wife and more shit to do with my life than waste time with a low security games.
Not getting hacked in 15 years doing everything in my life online says something about my software security measures.

"

Selanmer wrote:

"

alexsteh wrote:

"

Ruefl2x wrote:

lol another guy who has clearly no idea about what he is talking nor haven't read what devs wrote ... doesn't this make you feel bad?

No idea what I'm talking about? Have you even tried logging into your account with wrong password 1283912389 times and still not blocked? Stop asslicking you fool.

Use a password that takes 10000 years to crack. Boom! Problem solved!

Except that any password can be cracked in a few days using GPU brute forcing. And these new Geforce Titan GPUs and every new GPU after that only further reduces the amount of time it takes to crack a password.

"

haristas wrote:

I guess items dont have unique IDs you can follow.. so when you restore the stolen item you actually move it from the stash of the thieve.

Anyway, thanks Chris for the post.

They do have such a way to track items, however, if they adopt a policy of moving items back into your inventory when you make a support request claiming to be hacked, it allows players to make trades and then claim to have been hacked, and basically steal those items back from the other player.

The thieving accounts will however be located and banned (which will effectively destroy the items in them).

"

darkro90 wrote:

"

Ruefl2x wrote:

bruteforce is valid if you want to crack a file on your hard drive but in no way over the internet! we could talk about rainbow tables but then again it's your fault as you used a non-secure password.

Like I said, no matter how unique your password is, it is crackable as the current security system of PoE allows brute-forcing on users passwords.

The only piece of puzzle remain is how those hackers got the emails.

This isn't true. The current security system does *not* allow brute force. After a certain number of attempts the rate at which further attempts go through is throttled, making brute force no longer viable. After a further number of attempts, the account is locked, but this step is really not required, because it would take hundreds of thousands of years to actually try enough passwords at the throttled rate to have a reasonable chance of guessing anything reasonably secure (assuming you don't have something derpy like "password" or "letmein" as your password).

Even if they didn't throttle the attempts, reasonably unique passwords are not reasonably amenable to brute force attempts. See http://xkcd.com/936/ for a good method of choosing passwords (he suggests 4 random English words as something which is both highly secure and potentially very memorable, and he is mathematically correct).

"

MesostelZe wrote:

"

haristas wrote:

I guess items dont have unique IDs you can follow.. so when you restore the stolen item you actually move it from the stash of the thieve.

Anyway, thanks Chris for the post.

They do have such a way to track items, however, if they adopt a policy of moving items back into your inventory when you make a support request claiming to be hacked, it allows players to make trades and then claim to have been hacked, and basically steal those items back from the other player.

The thieving accounts will however be located and banned (which will effectively destroy the items in them).

Well ok, but if they CAN track items, why there's not an "i've been hacked form" SO AT LEAST they could locate and ban hackers? Maybe locate where they are operating and etc.

I realize that I wont get shit back and its gonna set me back 2 weeks of heavy playing, but at least the hackers will be PUNISHED.

Theres not even a form I can submit the info which could help GGG...or is there?

.

just make a poll about blocking asia from the servers. if that would stop the "goldfarmers, hackings, etc" would be well worth it imo.

"

darkz0r wrote:

"

MesostelZe wrote:

"

haristas wrote:

I guess items dont have unique IDs you can follow.. so when you restore the stolen item you actually move it from the stash of the thieve.

Anyway, thanks Chris for the post.

They do have such a way to track items, however, if they adopt a policy of moving items back into your inventory when you make a support request claiming to be hacked, it allows players to make trades and then claim to have been hacked, and basically steal those items back from the other player.

The thieving accounts will however be located and banned (which will effectively destroy the items in them).

Well ok, but if they CAN track items, why there's not an "i've been hacked form" SO AT LEAST they could locate and ban hackers? Maybe locate where they are operating and etc.

I realize that I wont get shit back and its gonna set me back 2 weeks of heavy playing, but at least the hackers will be PUNISHED.

Theres not even a form I can submit the info which could help GGG...or is there?

You can contact support by emailing support@grindinggear.com. They're pretty good about eventually responding to things. The devs also look through these forums quite frequently, but contacting support is the most reliable way to make sure they get your message.