Forced password change [merged]

#2 - Feb. 18, 2013, 4:16 p.m.

I’m sorry that you’re upset about the password change, but believe me, changing passwords, even just a bit, is worth doing and it definitely beats the alternative: a hacked account.

If you like your previous password, may I suggest you simply alter a small amount of components? For instance, if your password was d0gandCat, maybe you could use DoGandCat or something like that?

We’re sorry if you feel this is an inconvenience, but the passwords you’re trying are being refused, which means you’re trying ones that appear on “known/stolen password” lists. That puts you at quite a bit of risk of an account compromise. Being allowed to keep that password, or use the risky one, just isn’t worth it when you balance it against the pain and loss of an account theft!

#4 - Feb. 18, 2013, 4:35 p.m.

kraziefox.5697:

They ‘Black Listed’ all the current/old passwords … so you’ll never be able to use the old one again … I think it was a ‘blanket blacklist’ so no one (without exception) can reuse their old password …

Although I understand the principle behind this particular case (they found a huge list of GW/GW2 passwords on the net, or something similar)

Sorta close, but I should probably explain: What we found was millions — I mean millions! — of stolen passwords out there on lists of exposed/ known/ exploited passwords. When we examined things more close to home we discovered that a lot of people use the same password for everything. This means if a hacker gets your Hotmail password, he also has access to your GW2 account, your bank account, and your account over at that comic book site.

We blacklisted any password that was “out there” as a known, stolen password, so that folks would not be able to simply fall back on the old tried-and-true (and hacker-known) password but would be required to make a new password that is more secure. This has been very effective in reducing account hacks, by the way.

#17 - Feb. 19, 2013, 3:35 p.m.

Evalissa.5169:

and I disagree.

And you may disagree, but you still must change your password.

#18 - Feb. 19, 2013, 3:38 p.m.

Fiontar.4695:

I just wanted to reply to the post from Gaile to point out that the blacklist is actually more extensive than was outlined in her post.

I understand, and that seems to be true. There are a nearly-infinite number of potential passwords, so hopefully everyone can choose one that suits him or her and all will be well — and more secure — in the future.

Armon.1620:

And to top it off I can’t even create a support ticket because that system is broken too.

The system is operating just fine. If anyone is having difficulty setting a new password, please Go here and submit a ticket through the “Ask a Question” tab on that linked page.

#23 - Feb. 19, 2013, 5:39 p.m.

We are carefully monitoring the forced-password changes, and I promise you, we are seeing very few tickets. Having said that, if you do submit a ticket, I believe it will be handled very promptly, and we want to help you if you are having any difficulty at all.

Go to support.guildwars2.com, use “Ask a Question” or email [email protected] and the team will help you.

I’m very sorry for your unhappiness and do not mean to sound as if I am discounting a single person’s feelings of frustration, confusion, or helplessness. If you are having issues, please allow us to assist you; it will be best for all concerned if you have a new password and if we make it easy for you to do that!

Thank you for understanding.

#39 - Feb. 20, 2013, 1:05 p.m.

I understand some of you are concerned about security. I strongly believe that you need not have these concerns. I sent out an email to ask about this, but again, feel that you can be assured there is no view of secure information and absolutely no risk through this process.

It’s sort of like sausage. I don’t want to watch it being made, but I have confidence it’s made properly. More info if there is anything to share.

#42 - Feb. 20, 2013, 2:25 p.m.

Oh, FMPEvo, that did make me smile. I’d toss in favorite color, just for a Monty Python reference.

#46 - Feb. 20, 2013, 6:07 p.m.

Dark xZapdos.9081:

I signed into my account and it required me to change my password. I attempted to change my password and it would not allow me to do so and now I am locked out of my account. I would enjoy to play this fine game but I am not currently able to do so in my predicament. Please help me resolve this issue and I will be eternally grateful. Thank you for your time.

I suggest you contact Support by filing a ticket through the “Ask a Question” tab on that linked page. They will be able to assist you. For tips on what information to provide in a ticket, please read this post.

#52 - Feb. 21, 2013, 11:07 a.m.

As far as I understand it, the blacklist contains both known (publicly-exposed) passwords and previously-used passwords. The point is to get something altogether fresh and new.

#55 - Feb. 25, 2013, 4:29 p.m.

I am sorry you feel that way, Dracius. The intentions are not manipulative, I assure you, or intentionally disruptive. It’s not a matter of our attempting to be “security police.” The motivation is purely to contribute to a player’s security, which will help players prevent what can be a devastating incident. Changing a password is a tiny thing that takes just a couple of minutes, at most, and it can make all the difference.

If you haven’t had a chance to read Mike O’Brien’s article on account security from a few months ago, I believe it will explain things very clearly and that it will help you understand our position better. It presents a detailed outline on the subject of security as it relates to Guild Wars and Guild Wars 2.