Jump to content

  • Curse Sites
Help
Rate Article   * * * * * 1 votes

Posted Image


Martin Kerstein has written a new blog article stating that there will be a mandatory password change coming soon. As mentioned in a previous article by Mike O'Brien, ArenaNet has created a blacklist of passwords that have been previously used by hackers for new accounts. Since the system has been rather successful for newly created accounts, they will be forcing existing account owners to change their old passwords.

If you still have the red banner at the top of your launcher, it means your password precedes the blacklist and you will eventually be forced to change it. You can go ahead and change your password at your leisure, but if you wait, you will be forced to change it on February 7th.
Posted in: News

Comments

#1 Azure Skye

Azure Skye

    Golem Rider

  • Members
  • 2099 posts

Posted 31 January 2013 - 11:44 PM

I think a few people are going to get mad over this but i think its a good idea with people that are using crummy passwords. >.<

#2 Bohya

Bohya

    Vanguard Scout

  • Members
  • 216 posts

Posted 31 January 2013 - 11:51 PM

This is *ing retarded. I'm not the type of person who's password is ''1234'', but I have to fall victim to this. I've never been hacked nor will I ever be, but because of those idiots that essentially let themselves get hacked, I have to pay the price. I like to have a constant password for everything, because I can remember it. I don't want to have five different passwords floating around in my head and more forgotten because of ArenaNet thinking that we are all twelve year olds. I've been a devoted fan since Prophecies, but they have lost my respect by forcing this change.

#3 Raagar Deathclaw

Raagar Deathclaw

    Asuran Acolyte

  • Members
  • 123 posts

Posted 31 January 2013 - 11:54 PM

[quote name='Bohya' timestamp='1359676272' post='2155634']
This is *ing retarded. I'm not the type of person who's password is ''1234'', but I have to fall victim to this. I've never been hacked nor will I ever be, but because of those idiots that essentially let themselves get hacked, I have to pay the price. I like to have a constant password for everything, because I can remember it. I don't want to have five different passwords floating around in my head and more forgotten because of ArenaNet thinking that we are all twelve year olds. I've been a devoted fan since Prophecies, but they have lost my respect by forcing this change.
[/quote]

if this is all it takes for anet to lose your respect than it obviously isn't worth much to begin with, having said that i agree with the rest of your post i just think this is a bit of an overreaction

#4 beadnbutter32

beadnbutter32

    Sylvari Specialist

  • Members
  • 618 posts

Posted 31 January 2013 - 11:59 PM

Wait are is the series of slickly produced videos with paid 'spokes people' portraying themselves as young hip developers hyperventilating about the new "Living Security Adventure" to be released February 7th?

I can hear their melodious voices now waxing ecstatic over how you will be able to choose any combination of characters for a list of over 256 and arrange them in any order before you test them against the super boss known as "Password Validity Checker."

Oh I can't wait, Anet knocks another one out of the sandlot.

#5 Dosearius

Dosearius

    Asuran Acolyte

  • Members
  • 97 posts

Posted 01 February 2013 - 12:00 AM

[quote name='Bohya' timestamp='1359676272' post='2155634']I like to have a constant password for everything[/quote]


Wait...wut?  Are you basically saying that you would use the same password you use for your guild wars account with say, your email account and your guru account??


If so then THAT is exactly why Anet feels the need to do this.

#6 Omega X

Omega X

    Vanguard Scout

  • Members
  • 293 posts

Posted 01 February 2013 - 12:16 AM

This is a very good idea. You get 'hacked' often because of weak passwords. Criminals are very good at using common terms to get into accounts.

The great service hackfest that went on in the past couple of years forced me to use a new method for passwords at every site I used.

#7 Featherman

Featherman

    Seraph Guardian

  • Members
  • 1028 posts

Posted 01 February 2013 - 12:21 AM

I think there's something to be said about how ANet has to enforce this. I mean, how hard is it to change passwords every now and then?

#8 Bohya

Bohya

    Vanguard Scout

  • Members
  • 216 posts

Posted 01 February 2013 - 12:26 AM

[quote name='Dosearius' timestamp='1359676804' post='2155640']
Wait...wut?  Are you basically saying that you would use the same password you use for your guild wars account with say, your email account and your guru account??


If so then THAT is exactly why Anet feels the need to do this.
[/quote]

Are you implying that I am careless with my password? Having used my particular password for over a decade, I have not once been hacked. I have always been overly cautious. Also, who ever said that I use my password for those programmes? I have many of my accounts set up to never require a password anyway, as there are far more security options which work even better than just a simple catchphrase. The people who are being hacked in Guild Wars 2 are those who have never heard of authentication. This is an authentication issue, not nessisarily the fact that people are careless with their passwords. ArenaNet should force authentication, not a password change which just becomes inconvenient to everyone else.

#9 whodini

whodini

    Asuran Acolyte

  • Members
  • 117 posts

Posted 01 February 2013 - 12:27 AM

[quote name='Bohya' timestamp='1359676272' post='2155634']
This is *ing retarded. I'm not the type of person who's password is ''1234'', but I have to fall victim to this. I've never been hacked nor will I ever be, but because of those idiots that essentially let themselves get hacked, I have to pay the price. I like to have a constant password for everything, because I can remember it. I don't want to have five different passwords floating around in my head and more forgotten because of ArenaNet thinking that we are all twelve year olds. I've been a devoted fan since Prophecies, but they have lost my respect by forcing this change.
[/quote]agreed to some respect unfortunately there seems to be 13 year old players out there


#10 Darkobra

Darkobra

    Seraph Guardian

  • Members
  • 1366 posts

Posted 01 February 2013 - 12:28 AM

[quote name='Bohya' timestamp='1359676272' post='2155634']
This is *ing retarded. I'm not the type of person who's password is ''1234'', but I have to fall victim to this. I've never been hacked nor will I ever be, but because of those idiots that essentially let themselves get hacked, I have to pay the price. I like to have a constant password for everything, because I can remember it. I don't want to have five different passwords floating around in my head and more forgotten because of ArenaNet thinking that we are all twelve year olds. I've been a devoted fan since Prophecies, but they have lost my respect by forcing this change.
[/quote]

Number 1. Using the same password for everything? THAT ALONE will mean when you get hacked, you will lose every single thing that one password is connected to. That's a rookie mistake. Especially with fansites being hacked and passwords being stripped from those. They essentially already have your password now.

Number 2. In the time it took you to type that entire post, I've managed to change my password and read your reply. It's not a time-consuming task.

Number 3. How fickle is your respect that when they look out for their player base and their product, you suddenly "lose respect" for them?

You have made a LOT of mistakes. You've been lucky. It was a matter of time before you DID get hacked. You should have MORE respect for them protecting your account.

#11 Bohya

Bohya

    Vanguard Scout

  • Members
  • 216 posts

Posted 01 February 2013 - 12:33 AM

[quote name='Darkobra' timestamp='1359678527' post='2155662']
Number 1. Using the same password for everything? THAT ALONE will mean when you get hacked, you will lose every single thing that one password is connected to. That's a rookie mistake. Especially with fansites being hacked and passwords being stripped from those. They essentially already have your password now.

Number 2. In the time it took you to type that entire post, I've managed to change my password and read your reply. It's not a time-consuming task.

Number 3. How fickle is your respect that when they look out for their player base and their product, you suddenly "lose respect" for them?

You have made a LOT of mistakes. You've been lucky. It was a matter of time before you DID get hacked. You should have MORE respect for them protecting your account.
[/quote]

1) All my programmes can only be accessed under certain circumstances, password or not.
2) It's not about how easy it is to change your password. It's about the fact that I find it convenient to carry around only one password.
3) Because they are pushing account protection the wrong way and just meddling around with that which does not matter, making it inconvenient for the reasons stated in ''2)''.

Don't call me lucky. I have never been hacked and I never will, because I will it. Don't go around thinking that I am not actively protecting my information. That's insulting...

#12 Darkobra

Darkobra

    Seraph Guardian

  • Members
  • 1366 posts

Posted 01 February 2013 - 12:36 AM

You have ONE password. You're not. And the fact that you've done it for "over a decade" at the age of 22 means nothing. How good was your password when you were 10 years old?

#13 whodini

whodini

    Asuran Acolyte

  • Members
  • 117 posts

Posted 01 February 2013 - 12:37 AM

Yes. It is always a good idea to use different pw's but if your confident enough and strictly should be the right to the player to know that there same pw won't be hacked.  All mine never have been for over 20 yrs now

#14 Digilodger

Digilodger

    Vanguard Scout

  • Members
  • 172 posts

Posted 01 February 2013 - 12:42 AM

[quote name='Bohya' timestamp='1359678411' post='2155659']
Are you implying that I am careless with my password? Having used my particular password for over a decade, I have not once been hacked. I have always been overly cautious.
[/quote]

To add to what [url="http://www.guildwars2guru.com/topic/79969-mandatory-password-change-is-coming/#entry2155662"]Darkobra has said[/url], sometimes it isn't your carelessness; it's the webmaster's carelessness . . . that happens to affect you.  


For example, let's say that you use the same password for your email, Guild wars2 Guru, Xbox Live, and some other sites.  Then suddenly, one of these sites' database got hacked by someone.  If the site doesn't salt and encrypt your password but instead transfers and stores it in plain text, then the cracker now has access to everyone of your accounts.

Also, besides other people's carelessness, you could also be unlucky.  For example, if you're on a non-secure WiFi  such as a public library or coffee shop, someone could "sidejack" you and steal your cookie session.

#15 whodini

whodini

    Asuran Acolyte

  • Members
  • 117 posts

Posted 01 February 2013 - 12:44 AM

[quote name='Darkobra' timestamp='1359678978' post='2155665']
You have ONE password. You're not. And the fact that you've done it for "over a decade" at the age of 22 means nothing. How good was your password when you were 10 years old?
[/quote]LOL they didn't even have atari, commadore 64 out when I was 10

#16 Auenwing

Auenwing

    Asuran Acolyte

  • Members
  • 144 posts

Posted 01 February 2013 - 12:47 AM

Thanks for the heads up.

Nothing is hackable-safe, however, I know my password (unique to this game) is strong enough.

I'll change it. Then change it back.


PS: Dear ANet, it would help if you would allow at least spaces, if not non-alphabetic, non-numeric characters in the passwords (e.g. special characters.) Unless that has changed since release?

#17 whodini

whodini

    Asuran Acolyte

  • Members
  • 117 posts

Posted 01 February 2013 - 12:58 AM

All I'm saying if the Guy or gale  feels strong about it let them do it there way. Thy didn't ask for help and was clear there not taking advice.  That situation just let it go

#18 Danael

Danael

    Vanguard Scout

  • Members
  • 413 posts

Posted 01 February 2013 - 12:59 AM

They also wrote that you [b]have [/b]to change the password [b]if[/b] yours is blacklisted. Which you see by a notice in the launcher. If it's not there I think it's safe to assume that you won't be [b]forced [/b]to change it.

[quote name='Auenwing' timestamp='1359679624' post='2155677']
I'll change it. Then change it back.
PS: Dear ANet, it would help if you would allow at least spaces, if not non-alphabetic, non-numeric characters in the passwords.
[/quote]

Please read the blog post again: they wrote quite deliberately that you can't use old passwords. Also, mine has non-alphabetic and non-numeric characters. It should therefore be possible for you as well.

#19 jazzbrownie

jazzbrownie

    Fahrar Cub

  • Members
  • 46 posts

Posted 01 February 2013 - 01:14 AM

Fantastic.  I have a 16 character password (uppercase, lowercase, numbers, special characters) that I only use for GW2, which is tied to an email address used only for GW2 (and requires an authenticated log in) . . . and they're telling me that my password made a blacklist?

I call bullshit.

I've ignored their insistence that I create a new password for a reason: my account is not in jeopardy.

I know this is a silly thing to get upset over, and I still generally feel that people complain about anet and the game way too much, but it's annoying that I'm going to have to learn yet another password after all of my precautions.

#20 NuclearDonut

NuclearDonut

    Sylvari Specialist

  • Members
  • 684 posts

Posted 01 February 2013 - 01:32 AM

I just changed my password and I quite like it, do I still have to change again?