Alpha_Swift posted:

---

Let's just hope that people don't use the same password for their email as they do for Rift.

Authenticator is safer -- it's something you have.

---

wowplayer321 posted:

---

I can see they have ramped up their obnoxious security efforts to almost Blizzard levels.

---

Sprawl-zero1eye- posted:

---

What are your security recommendations?

---

wowplayer321 posted:

---

I had (e-mail) conversations with several of their Customer Service people and ended up with someone who said they were the head CS person.

To each person I explained what a VPN was and how it worked. Then I asked if there was going to be any problems with logging in from various cities across the US and changing IP's while playing.
Every single person automatically said I would have no problems except the head of department who (said) they checked with the programmers before saying that I would be fine.

So, the next day I set my VPN to normal operation where it changes cities every hour. Sure enough, I was quickly booted from the game with the message, "Your IP has changed since logging in."
I have never played since.

Luckily this was the day before regular release and I was able to cancel both the game and the 3 month collectors edition with little fuss over the phone.

Now, I don't want to call these people lairs. I prefer to think of them as simply ignorant. Except for the head CS person whom I WILL call a bold faced lair.

I can see they have ramped up their obnoxious security efforts to almost Blizzard levels.
Blizzard will freeze your account under these conditions and force a password reset before you can have your account back.

Also, there is no way you can opt out of this monitoring with either company. I asked. The Trion people said that they don't monitor IP's but you can see why I did not believe them.

---

jojo263 posted:

---

wowplayer321 posted:

---

I had (e-mail) conversations with several of their Customer Service people and ended up with someone who said they were the head CS person.

To each person I explained what a VPN was and how it worked. Then I asked if there was going to be any problems with logging in from various cities across the US and changing IP's while playing.
Every single person automatically said I would have no problems except the head of department who (said) they checked with the programmers before saying that I would be fine.

So, the next day I set my VPN to normal operation where it changes cities every hour. Sure enough, I was quickly booted from the game with the message, "Your IP has changed since logging in."
I have never played since.

Luckily this was the day before regular release and I was able to cancel both the game and the 3 month collectors edition with little fuss over the phone.

Now, I don't want to call these people lairs. I prefer to think of them as simply ignorant. Except for the head CS person whom I WILL call a bold faced lair.

I can see they have ramped up their obnoxious security efforts to almost Blizzard levels.
Blizzard will freeze your account under these conditions and force a password reset before you can have your account back.

Also, there is no way you can opt out of this monitoring with either company. I asked. The Trion people said that they don't monitor IP's but you can see why I did not believe them.

---

After reading this I'm not shocked that you have had account problems.

---

wowplayer321 posted:

---

The reason I will not use the current Blizz dongle is because I have to read something off it each time I want to login. Even with USB extender cables it's a PITA to be moving it from one machine to another then back then to another all day as I jump on and off WoW. I just am not going to do it no matter how many threatening e-mails they send me.

All they would have to do is make one that simply needs to be plugged into the machine trying to login to WoW. I remember them well from the 80's so it's not like this is new tech. Throw on some 1024 bit encryption and you are GTG.

---

White_Bunnay posted:

---

Sprawl-zero1eye- posted:

---

What are your security recommendations?

---

USB Fingerprint scanner would be nice. Though the keychain option seems to work fine.

---

GutterSludge posted:

---

Again, it has more to do with the time between those logins vs. the distance between them.

If you log in from France, and then 10 minutes later login from China, you will get locked.

If your last login was 3 days ago, and then you login from China, you probably will not be locked.


I have traveled all over the southeast U.S., from Miami to Atlanta, and never once been locked out.


player is intentionally cycling different cities with the VPN, and is bringing the lock upon himself by doing so, and then complaining about it.

He goes through all of this (supposedly) so that he doesn't have to type in 6 whole digits every time he logs in.

/chuckle

---

jojo263 posted:

---

GutterSludge posted:

---

Again, it has more to do with the time between those logins vs. the distance between them.

If you log in from France, and then 10 minutes later login from China, you will get locked.

If your last login was 3 days ago, and then you login from China, you probably will not be locked.


I have traveled all over the southeast U.S., from Miami to Atlanta, and never once been locked out.


player is intentionally cycling different cities with the VPN, and is bringing the lock upon himself by doing so, and then complaining about it.

He goes through all of this (supposedly) so that he doesn't have to type in 6 whole digits every time he logs in.

/chuckle

---

Yay someone that gets it.

---

GutterSludge posted:

---

If you travel to South America, and login from there, you will not have just logged in from your house, and therefore would probably not set off a flag.

---

Sprawl-zero1eye- posted:

---

They aren't tracking you anymore than a website that records your IP address, and all of them do, including this one. They are merely adding a step that compares the two, and if vastly different, block.

---

Exodus_The_Mage posted:

---

Authenticator is better than a physical token plugged into the machine directly.

In the case where your machine is compromised, a hacker can keylog your login/id and remotely login to your account via your own machine.

For authenticator, the hacker will need to be physically at your place to use the computer and the authenticator to login to your account.

---

Quazimortal posted:

---

Exodus_The_Mage posted:

---

Authenticator is better than a physical token plugged into the machine directly.

In the case where your machine is compromised, a hacker can keylog your login/id and remotely login to your account via your own machine.

For authenticator, the hacker will need to be physically at your place to use the computer and the authenticator to login to your account.

---

Exactly, which means if an authenticated account is logged into successfully 300 miles away 2 minutes after you logged off then they had to have done it with your consent and with you providing them with the authentication code. That means there is zero need for your account to be temporarily locked because they logged in from far away and yet sure enough you will be. Stupid redundancy is stupid.

---

Exodus_The_Mage posted:

---

Authenticator is better than a physical token plugged into the machine directly.

In the case where your machine is compromised, a hacker can keylog your login/id and remotely login to your account via your own machine.

For authenticator, the hacker will need to be physically at your place to use the computer and the authenticator to login to your account.

---

GutterSludge posted:

---

Quazimortal posted:

---

Exodus_The_Mage posted:

---

Authenticator is better than a physical token plugged into the machine directly.

In the case where your machine is compromised, a hacker can keylog your login/id and remotely login to your account via your own machine.

For authenticator, the hacker will need to be physically at your place to use the computer and the authenticator to login to your account.

---

Exactly, which means if an authenticated account is logged into successfully 300 miles away 2 minutes after you logged off then they had to have done it with your consent and with you providing them with the authentication code. That means there is zero need for your account to be temporarily locked because they logged in from far away and yet sure enough you will be. Stupid redundancy is stupid.

---

Which is a violation of the TOS and EULA.

I guess they could step it up to an outright ban, and skip the "lock/password change" procedure altogether.

---

The_Korrigan posted:

---

[quote=Exodus_The_Mage]
If your computer is compromised to the point that someone can remotely use it to log into a WoW account, then you have way more important things to worry about than your WoW account anyway, first thing being to immediately shut down that Internet connection of yours by physically unplugging the cable or disabling the network adapter. Because if someone can control your machine this way, it's not just your WoW account which is at risk.

---

Quazimortal posted:

---

Well if I were someone who did that and was banned they would be losing another customer because I wouldn't be getting a new account. I don't like being told who I can or can't give access to my accounts. Mind you I don't share my information at all, but if I did that is the stance I would take.

---

Arch_Magi posted:

---

I can't wait for my free Authenticator app for my smart phone that Rift is coming up with.

---

Sprawl-zero1eye- posted:

---

Quazimortal posted:

---

Well if I were someone who did that and was banned they would be losing another customer because I wouldn't be getting a new account. I don't like being told who I can or can't give access to my accounts. Mind you I don't share my information at all, but if I did that is the stance I would take.

---

When you hit agree to EULA, do you cross your fingers behind your back?

---

Sprawl-zero1eye- posted:

---

What do you guys think of this anti-hacking measure Trion put into place for RIFT?

[link=http://rift.ign.com/articles/news/7423/Anti-Hacking-Measures-Coin-Lock http://rift.ign.com/articles/news/7423/Anti-Hacking-Measures-Coin-Lock [/l ink]

---

Sprawl-zero1eye- posted:

---

Arch_Magi posted:

---

I can't wait for my free Authenticator app for my smart phone that Rift is coming up with.

---

WoW has this, and it works pretty decently unless you happen to let your phone's battery die. Then you are on hold with Blizzard/Trion trying to unlock your account.

---