Blue Tracker
World of Warcraft Blue Posts
Diablo II: Resurrected Blue Posts
Diablo III Blue Posts
Hearthstone Blue Posts
Overwatch Blue Posts
Heroes of the Storm Blue Posts
Diablo IV Blue Posts
BlizzCon Blue Posts
Warcraft Rumble Blue Posts

Securing an account, for real

Forum Avatar
TWMagimay.9057
#1 - Jan. 5, 2014, 7:04 a.m.
Blizzard Post

So, I was reading the Mike O’Brian article…and got annoyed by it.

story time A while ago me and my fiancé bought GW2 and started playing(2 accounts). We were both using the same password that we’ve been both using since we met. Then came the blacklist and the “please, change your password”. I, being a good girl, did exactly that. When I told him he should, he looked at me and told me they can go puppy themselves. I had a bran new GW2-approved password, he didn’t. Roughly a month later I received 15 authentication e-mails in 2 days. All Chinese IPs(we live in the Netherlands). Mailed support, got another brand new password. Got banned for RMT 2 days later. Mailed support again, proved it was me, all good. Few months passed, I got bored of GW2 and played a different game for 10 months or so. Upon returning 1 month ago, I found my account banned for botting. Went through the usual support fun, had my account restored, got yet another brand new password.

It was at that point that I noticed how anybody who adds me as friend(which I don’t need to agree to) automatically becomes the owner of 50% of my account(he has the log-in name and a char name). Then I listed to my fiancé talking to people about how long they’ve been playing GW2…anybody in that conversation was 75% account owner of each of those accounts. Disturbing, right? Back to the story…

31.12 I woke up and tried to log in on the forum. Wrong password. I got yet another new password and found yet another Chinese IP authorized to log in my account. There was no trace of the password change or the new IP in my e-mail… I’m still waiting for support to respond in any way end story

So, here’s the problem. My PC undergoes weekly full scans. No threats found. My e-mail holds 2 serial codes(for me and my fiancé). I followed all their security instructions while he ignored them completely. I lose my account on a monthly basis. His is intact, never even attempted to login. What can I do(apart from unistalling GW2 and never looking back) for this to stop happening? I sincerely regret changing my password last year…because that’s when it all started…should’ve known better, I guess…

Forum Avatar
Gaile Gray
#24 - Jan. 6, 2014, 7:08 p.m.
Blizzard Post

So let me be clear — you had not had a single human response (just the “got your ticket” auto-response) and then a survey? I’m thinking that the access to your e-mail account may include someone deleting our responses, but could you give me this ticket number, please?

I don’t like to think we’d say “How’d we do?” until we, you know, did something.

Forum Avatar
Gaile Gray
#28 - Jan. 8, 2014, 11:22 a.m.
Blizzard Post
TWMagimay.9057:

Hmmm, isn’t that a bit…dangerous? If somebody gets access to such an account, they literally take over your entire life… Yes, I’ve grown paranoid over the last few days.

On the paranoid note: Support decided to mail my new log in address to the old e-mail. I deleted it roughly 3h after it arrived(I sleep at night), didn’t seem to have been touched… Should I be worried?

My advice: Can’t be too careful. Update the ticket through the NEW email address. Tell them what happened and ask that they auto-generate you a NEW password and send it only to that address. Explain that if the system sends to both the old and new addresses, that can put your account at risk. In this situation, the agent may be ahead to manually reset and not send you an auto-generated password. If he/she does that, simply change the password to something of your choosing once you access the account.