While in whole this post was good and informative, there were a few things about it that really bothered me.
First of all, the ‘correct charged battery horse’ or whatever example he used to demonstrate what apparently Anet considers a ‘strong’ password. IT IS NOT.
Just set GW2 aside for a second and think generally. A password is a password. The only time you -should- use a weak password is for a website or forum you absolutely don’t care about. If there’s ANYthing important on an account though, especially anything that can be linked to another account of yours, you should use a truly strong password.
From a professional standpoint, there is only one way to keep a truly strong password.
1. do NOT use simple words or phrases that can be scanned, guessed, and/or found in a dictionary/database (such as in Anet’s example)
2. use different characters, not just letters and numbers. Caps and symbols.
3. a random string of these combined will always be the strongest.
4. change your password every so often.
5. DO NOT browse malicious websites or download torrents on the machine you access these accounts on. These can become infected with a keylogger, which even the strongest, longest, most random password in the world fails to immediately.
Other than the simple word example, Anet’s advice is sound. And I’m happy they’re rolling out a form of authentication. I just feel like the simple word example is ultimately giving the less learned player the wrong advice. Am I overthinking it? Yes, but I wouldn’t want someone to take this advice and, say, go make their bank/investment account just four simple words.
