This site makes extensive use of JavaScript.
Please
enable JavaScript
in your browser.
Live
PTR
Beta
Classic
Increase in Hacked Accounts: Cause for Concern?
Post Reply
Return to board index
Post by
43387
This post was from a user who has deleted their account.
Post by
TheReal
Alright, I felt obligated to inform the Wowhead community about the concepts of information security. I turned
this
paper in to my instructor in information security class. If you want to know more, click the link and read the paper. Let me know if you need it in .txt format and I'll upload again.
Please note: the most important concept that I believe needs to be addressed is principle number one. There is no such thing as absolute security.
I see some people saying "get an authenticator, problem solved." While the authenticator is an EXCELLENT way to protect your account, DO NOT think it's all you need. There is this little thing called
social engineering
that resulted in
this
.
Be vigilant my fellow Azerothians, and remember this mantra:
My account name and password should only be entered on the game's log-in screen and on the official site. There are no other cases in which I am to consider entering this information anywhere else.
Post by
300755
This post was from a user who has deleted their account.
Post by
Spinkert
Be vigilant my fellow Azerothians, and remember this mantra:
My account name and password should only be entered on the game's log-in screen and on the official site. There are no other cases in which I am to consider entering this information anywhere else.
Excellent mantra. May I suggest this slight change: 'My account name and password should only be known and entered by me on the game's log-in screen and on the official site.'?
The amount of people who think nothing of letting a friend use their account is shocking.
Post by
TheReal
Excellent mantra. May I suggest this slight change: 'My account name and password should only be known and entered by me on the game's log-in screen and on the official site.'?
The amount of people who think nothing of letting a friend use their account is shocking.
That's an excellent change. The more computers one uses to play WoW, the more chance of using an infected computer. Only play on computers you trust are free from malware. For those who may be interested, I have a
thread
in the Help & Support forum that provides some basic account security advice.
Post by
TheJohan
Quite a few people use the same password for wow as they do in forums and other websites. While Blizzard may be investing thousands into securing their systems, small private forums don't have the staff, time or knowledge to monitor every new security breach. A lot of the software they use for the forums is freeware or open source, meaning hackers can see the code structure, database formats and encryption, and possible exploits. Private forums and websites are not likely to know if they've been hacked, and if they did, they're not likely to announce it publicly that they have.
So, considering that, what username and password did you just use to get into this website?
This is very true. For a long time i used the same password for my email, forum accounts, wow acount, msn etc.. Now i have 4 different passwords that i generally use. Also small variations of the passwords. like "notmyrealpass", "NotMyRealPass", "notmyrealpass65" etc.
Post by
43387
This post was from a user who has deleted their account.
Post by
264787
This post was from a user who has deleted their account.
Post by
119801
This post was from a user who has deleted their account.
Post by
349103
This post was from a user who has deleted their account.
Post by
Flipppppyyy
Today I got hacked =O.
Just happened earlier today I got a message from Blizz (Luckily) saying that someone is using my account and that it will be down for 24 hours. I'm gonna change the password as soon as it comes back up and try to get a authenticator soon too.
I can't say much about what they did on the account since it only happened today and I can't log in. But about a week before I got hacked I got an email from a @sina.com email that said I was hacked, gave a link to get my account back, blah, blah, blah. I didn't click the link knowing it probably had some sort of keylogger or virus and just deleted it.
And about a day before I got hacked I got the same email, from a @sina.com (Witch I've never even heard of) but a different actual e-mail.
But yea, I'll see what happens when my account is unsuspended. =(
Edit: They seemed to have made off with 700g, Deleting all my PvE gear but leaving PvP alone, spending all my honor on gems, selling all the non BoP content in my bags and bank. Now I'm waiting for blizzard to answer a ticket and get my gear back >=U
Post by
358688
This post was from a user who has deleted their account.
Post by
165617
This post was from a user who has deleted their account.
Post by
Antherios
This is a good trick, that i personally practice when changing my account password (1 time every 2 months)
Steps
1
Just go berserk with your keyboard writing a capped and uncapped nonsense word 16 characters long, like this
oiygIHIfufTxOFs
2
Grab the word, and change vowels to another leter.
k t h p w q
... and on
JwygIHIfbfTxKFs
3
Now, just change some leters to symbols and numbers
Jw$g4H%fb!Tx7s
Final Step
Save your password in a .txt file in your computer (
with antivirus protection, of course
) , and when you are going to play wow, control+c and paste ... simple as that
Try to figure out that pass, f.ing keylogger!
:D
Post by
TheReal
Your method does defeat simple keyloggers, Antherios, but please don't think that is the only layer of defense you need to protect your account. Too many people believe that copy-pasting your password into the password box is all they need to do to ensure their accounts aren't compromised. Sadly, that's pretty far from the truth.
Post by
Antherios
Of course not, but is a good start for people like me that cant get the authenticator.. good habits like that one, and others such as having another mail account just for wow, a good antivirus, not clicking suspicious links, not giving information to anyone, and not playing in another pc
Im just saying that things like "my" password method with obviously more tricks, can make an account not 100% sure, but at least really tricky to hack.
Greets :D
Post by
304214
This post was from a user who has deleted their account.
Post by
NeoBlackheart
So yeah earlier today my GLs account was hacked. They got like 30K gold in items and gold from the guild bank.
Post by
CaoimheX
Also....if you are truly paranoid you can always do what I do when I'm on a computer other than your own..
Type your password into google then ctrl+c to copy it and ctrl+v to paste it into the password box in WoW...What that does is allow me to copy my password to the clipboard so that I can paste it into the password box instead of typing it.Save your password in a .txt file in your computer (with antivirus protection, of course) , and when you are going to play wow, control+c and paste ... simple as that
I've seen this sort of thing said so many times, but please, guys, please, this is plain and simply incorrect, and offers absolutely no protection. Being able to access the clipboard is really easy, and
any but the most naïve keyloggers know to fetch text from the clipboard instead of just logging a ctrl-v or shift-insert.
Thy login and password are Holy
Enter them not into divers computers or websites
Post by
Antherios
Also....if you are truly paranoid you can always do what I do when I'm on a computer other than your own..
Type your password into google then ctrl+c to copy it and ctrl+v to paste it into the password box in WoW...What that does is allow me to copy my password to the clipboard so that I can paste it into the password box instead of typing it.Save your password in a .txt file in your computer (with antivirus protection, of course) , and when you are going to play wow, control+c and paste ... simple as that
I've seen this sort of thing said so many times, but please, guys, please, this is plain and simply incorrect, and offers absolutely no protection. Being able to access the clipboard is really easy, and
any but the most naïve keyloggers know to fetch text from the clipboard instead of just logging a ctrl-v or shift-insert.
Thy login and password are Holy
Enter them not into divers computers or websites
Im not sure about this, but i think that when you enter yous password in wow, the clipboard is cleaned...
Thats why i only use when im about to play wow..
Besides, i made an extreme secure clipboard in McAfee months ago, a really cool website explain how to secure your clipboard, and other things..
I dont remember the website, but if you google it you can find it
Im still thinking that the control+c control+v, is a better way that "cookies42$%" or something like that.. is not the solution, but at least is a bit more secure
Post Reply
You are not logged in. Please
log in
to post a reply or
register
if you don't already have an account.
© 2021 Fanbyte
