Account Security and Theft Policy - READ THIS
Great, now I'd have to sacrifice my cellphone number to play a free game.
So free, so wow. Can't even fix non static IP problems at login and already wants to add another security system. And I really don't get this archaic thinking from a self claimed progressive developer like GGG. People are using RMT sites to skip parts of the game. Better fight against these things pointlessly instead of analysing why people want to skip content and changing the content itself to entice people to play the actual game. I never rmt'd in Diablo 2, every part of the game was enjoyable to play. The only downside was the rmt spam ingame, other than that, everything was achievable solo. Partyplay just sped things up by a huge factor. But I'm sure this won't ever be done since it's too logical. And it's a hardcore game folks, bleeding from the eyes and anxiety attacks/misery are the base requirements for playing this game. Vote +1 to change Path of Exile to Path of Nerfs.
We hate to say, but ProjectPT was right. | |
" I remember when I used to play _____, which was such an enjoyable game that no one ever cheated. A comprehensive, easy on the eyes loot filter:
http://www.pathofexile.com/forum/view-thread/1245785 Need a chill group exiles to hang with? Join us: http://www.pathofexile.com/forum/view-thread/1251403 | |
" Well, if the dynamic of cheating is so enticing, make it part of the gaming experience. If so many people want it, it becomes part of the game. Like heroin addiction, you don't treat it with getting rid of heroin, you treat whatever is causing the heroin to be necessary in the first place. Vote +1 to change Path of Exile to Path of Nerfs.
We hate to say, but ProjectPT was right. | |
Sorry for my bad English. I'll just share how it worked in a different MMORPG for a friend of mine who plays the game regularly with me.
One day she couldn't log into the game and her game client said her account is locked. She checked her email and found a mail from game support. I don't remember the exact words but it was something like: It appears your account might have been compromised and we locked it out. Please reset your password first and then contact support to have it unlocked. We're sorry for the inconvenience. She had reset the password, replied to support and got a reply saying Your account has been unlocked. Please check your characters and open a ticket in game if you need any help. She logged into the game and found her character with empty bank and without gold. She filed a ticket and all her items and gold was sent to her via in-game mail. That's how I call customer service. We're still playing the game, if they reacted like GGG, we'd probably both quit. Btw I don't believe helping the customer is a big problem for game economy. The items are probably already sold instead of sitting somewhere in stash. Pretty much nobody notices if that stash is refilled. IMO a bigger dent for both game and game publisher's economy is when the player quits. And the current system makes trading very hard anyway :) at least for me. Trade channel is not for me. However I need to give credit to GGG for already helping me with a different matter very friendly so it's not all that bad :) |
|
Moderator removed my answer... "please don't discuss how to compronise an account."
Oh yeah, thanks. I just wanted to defend GGG policies and explain what can happen... Hey [name removed by author], why didn't you write an explanation yourself? @nameless: you could let anotherone take your stuff and then get it back from support (this is bad) Dynamit,
Architekturkritik, die man tatsächlich sieht! Farin Urlaub http://www.dailymotion.com/video/x2nz5q9 | |
Keep fighting the good fight! :)
|
|
" Sorry, but this approach is just beyond ridiculous. This was happening daily in D3. How to get rich beyond imagination: 1. amass a decent amount of gold / currency / items 2. let one of your friends "hack" you 3. ask the items to be restored 4. profit. You just doubled your wealth. 5. repeat as long as you can (in D3, they had a policy of one rollback per account. But, some items were worth more than a copy of the game so the BiS items were multiplied and multiplied and multiplied - it is a geometrical sequence, you know) GGG, please never succumb to that. | |
" The game is awesome, the player community is hungry to advance and enjoy. Short-cuts are tempting. It is human nature. ANALYSIS COMPLETE. In order to challenge a player's skill, endurance, and emotional strength, one certainly challenges a player's integrity. " ....so where DO you RMT ? |
|
" ahhh.... good old C salt :) Too subtle ? I find it odd that nobody commented on this. Maybe programmers don't like salt because their blood pressure is too high. echo "The world is full of smart people" |sed -e 's/smart people/sheep/'
|
|
So security is always a concern with me. I handle security issues for the largest tech company in the world, and I see a LOT of compromised accounts daily.
I have gone through and updated all my appropriate passwords with non-recurring passwords. This meaning I never use the same password for two services. I also have authenticators tied to my email address. The question I have is in regards to Steam linked accounts. Does SteamGuard help us here in any way? I would think that someone trying to compromise an account could download the game files without using Steam and access the account that way. SteamGuard has no play here, and would not protect us at all. I feel IP recognition (however pissy some people might get that play in cafes) is your best option here. Other services I have used will ask for either an authenticator when an unverified IP address is recognized, or request the signing in party check their email for a one-time use PIN number. If this is the way its ran, I can easily utilize the authenticator for my account to secure my PoE account outside of steamguard. If a player's email is compromised from under them, thats not really your issue to handle at GGG. Its in everyone's responsibility to secure and utilize the security features that so many companies offer. In all, the IP recognition you could tie in would immediately drop the amount of compromised accounts. You could also look into a series of security questions on login from a new IP to verify accounts. If a user is unable to verify their questions, have them reset and sent to the email on file. I also feel that development of a small authenticator tool for iOS/Andriod software would also give you a huge boost in confidence in your current security implimentation. I appreciate the great game you guys have put together. If security can be tightened, you might just have one of the best dungeon crawlers to date. |
|