Author | Hacked accounts - solution |
1. Player is registering their game account, he give their mail
2. Creation of game account MUST be confirmed by click on link or paste that in browser, retype code received in mail - etc.
3. Change password to account - player receive mail with link - only by click the link, retype received password - etc. e-mail pinned to game account can be changed.
This is simple and prevent any hack of account, like what we see today. And this is simple to create.
Change e-mail when cheater know username and password?
This is stupid now - i not understood why this is possible....
Now i log into victim account, change their e-mail and block their access to his account - great solution.... |
Change e-mail when cheater know username and password?
This is stupid now - i not understood why this is possible....
Now i log into victim account, change their e-mail and block their access to his account - great solution....
Yes! This is the main problem, e-mail should not be able to be changed. |
Agree. |
+1 |
Maybe I'm reading your idea wrong. It sounds like your suggestion is in fact pretty much the same as the current method except for the link part, which doesn't accomplish anything.
e-mail pinned to game account can be changed.
That's what the scammers do. They have you change your email to their email. Then they change your password via the password recovery through your email.
To prevent from being scammed:
Just don't give out your password, password recovery answers, or do something like changing your email or password to someone else's.
To prevent from being phished:
Don't use links provided by others. Type web addresses instead of clicking (clicking can take you to addresses different from what you can see on your screen). Especially be wary of phishing whenever you are typing in your login information.
To prevent from being hacked:
This one is tough. Other than having the latest security updates and software, there's not that much you can do. Thankfully there's not much hacking going on. |
The key failures in this SECURE system are from the user. Re-invent the wheel though, by all means! |
Agree. |
Heh admins don t care...
Why not secure questions when changing password or e-mail. Too much work...
Same like when you give loan why only charge player who stole money. Too much work for empire too return it... - simple solution for that would be forbid any loans. Heh but than some players would have extra gold and they would not need diamonds.
Diamonds and more diamonds without care about community. xD |
Yes! This is the main problem, e-mail should not be able to be changed.
No it ist'n
email must can be changed but when someone try to change the e-mail this game auto send an email to the old registration email that have 3 days of time to stop the email changing
:) |
Maybe I'm reading your idea wrong.
You are. He means that the e-mail is unchangeable so hackers can't change it. |
it doesn't stop people simply looting the account though |
#11 True. But he can't loot your fsp/guilds/level, that's why this idea is better than nothing. |
But he can't loot your fsp/guilds/level, that's why this idea is better than nothing.
Yep, ask anybody high-level here who has spent a zillion hours building their character, and they'll tell you they wouldn't mind losing all their gold/resources/elements as long as they get their account back.
I know of a lvl 13 player (very active/good in card games, and made like 0.5-1 million) who just got his account stolen a few days ago. His account was emptied. And the hacker even got the cheek to use his account to start 20,000 card games (!?!). I watched to see if anyone joins, but he canceled the game before anyone could.
The hacked player said he's quitting the game, and I really feel sorry for him.. :(
Our numbers is already so low, and these hackers are making more people leaving this game. The admins/mods/whoever-have-the-power should really send these hackers to... 'hell'. |
The poor guy even starts hunts and requests assistance. As if he had abilities to play combat level 13 hunt. :-(
Ring of doubts with -2 morale for elf, no splitting of troops, no mana and nature magic for hunt, 6 luck when 5 is maximum luck effect,
maximum trees for a hunt instead of shooters.. |
#13, #14
But he can't loot your fsp/guilds/level, that's why this idea is better than nothing.
Err... in a way he did. After said character was looted of all their gold/resources/elements/arts, some of the gold and arts were returned so the hacker could play a level 13 character. |
i agree with Jedi-Knight ...
somebody should really send these hackers to... 'hell'. |
Sorry, there are no Hackers. So far I have seen no attemed to use a security hole in software to do something. In fact if such Hacker would exist, he would just hack the server and get the thing he wanted.
Accounts get only stolen via phisher and scammers. You can't do much about people that are willing sharing their password (and breaking the rules) willingly. |
Accounts get only stolen via phisher and scammers. You can't do much about people that are willing sharing their password (and breaking the rules) willingly.
+1 to that
I genuinely feel sorry for the 'hacked' players and wish that all the scammers would be run out of the server as soon as possible. But the main problem is, players (even high level ones) want good stuff for little effort. Even those who fell victim to phishing sites did so because they were promised rewards :( |
+1 |
+1 for email cant be changed! |