Page 1 of 4 1234 LastLast
Results 1 to 20 of 68
  1. #1
    Customer Service TurbineCS's Avatar
    Join Date
    Jan 2011
    Posts
    3

    Default A Word About Account Security

    Hello everyone,

    Given the recent news about a number of popular gaming websites and online games suffering security breaches which left their account details exposed, Turbine would like to discuss account security and some steps you can take to secure your account. Account theft is an ever-present issue in the game industry. It’s also a top priority at Turbine - one that we spend significant time and resources to address every day.

    On a continual basis, the Turbine fraud team monitors all player reports, network activity, in-game behavior, and other information that may indicate fraudulent activity or account theft. We then investigate and respond in accordance with our policies. To date, all indications are that most compromised accounts have been the result of account information stolen from other gaming websites and online games.

    This is possible because many people use the same credentials to log into multiple sites and games. Additionally, other players share their usernames and passwords with people such as roommates, guild members, etc. A smaller percentage of users appear to have fallen victim to keylogging, phishing, or other technology-based attacks. While it is difficult to get to the root cause of every reported incident, there is no data to suggest that account information stored with Turbine is in any way at risk.

    Even though we are satisfied that our account system remains secure, we will continue our ongoing efforts to defend our services against known and emerging security threats. In the meantime there are several steps players can take to help protect their accounts against the most common types of account theft:
    • Change your password regularly to a new, unique password that you have never used for any other product or website.
    • Never share your username and password with anyone else or allow them to log into your account.
    • Use a home network firewall at all times and check the exception list regularly for new entries.
    • Run antivirus and malware scanning tools on a regular basis with the latest definition files.
    • Beware of phishing or spoofing scams that you receive in your mailbox, either in-game or out-of-game. In general, you should avoid clicking links in e-mail you have not requested. If you have any questions about an e-mail or chat you’ve received that claimed to come from Turbine, please contact our Customer Service team at support.turbine.com.
    • Lastly, do not purchase in-game currency from gold sellers. Never encourage your friends to purchase gold. The cash market for in-game gold is the driving force behind most account theft. If players did not buy gold, sellers would not need to steal and strip accounts. We investigate and take action on all players that receive gold from gold sellers, up to and including a permanent account suspension.

    Your security is important to all of us at Turbine, and we hope this information will help address concerns and misinformation about why account compromises occur. If you have any questions or suggestions, you may contact our Customer Service team at support.turbine.com.

    Sincerely,
    Turbine’s Anti-Fraud Supervisor

  2. #2
    Community Member Cam_Neely's Avatar
    Join Date
    Apr 2010
    Location
    Boston
    Posts
    1,444

    Default

    Good info. I spent some time looking for the area to reset my game password, and could not find it, and honestly dont trust googling it. Anyone wanna help me out?
    Quote Originally Posted by MajMalphunktion View Post
    Hate me if you want, as of right now I'm not letting anyone crack open the build for this. Nope no way. Nada. I need developers working on the expansion pack, and that only. Again, hate me all you want, but creating a whole new realm takes priority over a broken bag. This is pretty much true of a few of the other issues that crept in today also.

  3. #3
    Customer Service TurbineCS's Avatar
    Join Date
    Jan 2011
    Posts
    3

    Default

    Quote Originally Posted by Cam_Neely View Post
    Good info. I spent some time looking for the area to reset my game password, and could not find it, and honestly dont trust googling it. Anyone wanna help me out?
    To change your password, visit our account login website at http://myaccount.turbine.com. Log in with the Username and Password you use to log into the game. Once logged in, you will be able to change your password.
    Turbine Customer Service

    Please direct all support questions to our Knowledgebase and Service Portal, at http://support.turbine.com.

  4. #4
    Community Member mws2970's Avatar
    Join Date
    Nov 2009
    Location
    Driving the Clown car in the skies above Sarlona!
    Posts
    1,418

    Thumbs up

    Excellent information. Thank you for sharing!
    Castagir (completionist), leader of the Fighting Clowns of Sarlona. Other alts: Modric, Modrich, Kristna and others. http://fightingclownsofsarlona.webs.com/

  5. #5
    The Hatchery bigolbear's Avatar
    Join Date
    Dec 2009
    Posts
    1,804

    Default

    So... When you gona put a seperate password check on credit card purchases of ddo points. That would be a good measure towards our security that is totaly in your hands.

  6. #6
    Bwest Fwiends Memnir's Avatar
    Join Date
    Jul 2006
    Location
    ¿
    Posts
    16,607

    Default

    Always a good thing to be reminded of. Not changed my password in a while, and I'm going to remedy that as soon as I hit Submit Reply here.


    +Rep to ya, TurbineCS... since you've still got it turned on.
    53461

  7. #7
    2014 DDO Players Council Flavilandile's Avatar
    Join Date
    Aug 2010
    Location
    France
    Posts
    3,646

    Default

    All good points, but you forgot one important one regarding passwords :

    Don't use a bland password, don't use a name, a noun, a location, a date as your password.

    Use at least 1 ( one ) numerical character in your password
    Use at least 8 ( eight ) characters in your password
    Use at least 1 ( one ) capital character in your password
    use at least 1 ( one ) non numerical, non alphabetic character in your password
    Try to find a mnemotechnical way to remember your password

    For example my password could be ( don't worry it's not, it's someting else ) something like that ( with the mnemotechnical phrase ) :

    ZeP4s5w0rd2Flav
    ( The password to Flavilandile )

    Now you can call me paranoïd... it's true... I used to play Paranoïa.... The Computer is your Friend. *grins*
    On G-Land : Flavilandile, Blacklock, Yaelle, Millishande, Larilandile, Gildalinde, Tenalafel, and many other...

  8. #8
    Hero Phoenix-daBard's Avatar
    Join Date
    Dec 2009
    Location
    Beaverton, Oregon
    Posts
    1,257

    Default

    I would like to add some things to the above advice:

    1. NEVER use a word in the dictionary. Even if you 1337 it, it is still in a dictionary and is the easiest kind of password to crack.
    2. Always include numbers and at least one math symbol as it makes the password that much harder to crack. (Don't just put a 1 at the end. That is just dumb.)
    3. Longer is better. Using a phrase that means something to you means that you can remember it better and the length makes it harder it is to crack.

    edit: Cross posted Flavilandile's excellent advice.

    A former password that I used elsewhere was: K1a5z-kl0on
    Last edited by Phoenix-daBard; 01-18-2011 at 01:05 PM.

  9. #9
    Customer Service TurbineCS's Avatar
    Join Date
    Jan 2011
    Posts
    3

    Default

    Quote Originally Posted by bigolbear View Post
    So... When you gona put a seperate password check on credit card purchases of ddo points. That would be a good measure towards our security that is totaly in your hands.
    We take the ability to purchase points with payments methods very seriously, and your store purchases have additional layers of anti-fraud security to prevent abuse.
    Turbine Customer Service

    Please direct all support questions to our Knowledgebase and Service Portal, at http://support.turbine.com.

  10. #10
    Community Member Celestialbeast's Avatar
    Join Date
    Nov 2009
    Location
    Eh. Who really Cares?
    Posts
    311

    Default

    Does this mean Mr. Wizards issues with the store are going to finally be addressed?

    Link --> http://forums.ddo.com/showthread.php?t=274134
    Quote Originally Posted by stainer View Post
    I maxed my drama enhancements, drama skills and took SF: Drama. I have a 89 drama unbuffed. I can hold a mods agro on a roll of 1.
    Argo- Proud Member of Storm's End. Teshy, Teshie, Teshee, Tysho, Teshlyn
    Khyber- Wandering Member of ~Nomadic~. Kyex

  11. #11

    Default

    Quote Originally Posted by TurbineCS View Post
    We take the ability to purchase points with payments methods very seriously, and your store purchases have additional layers of anti-fraud security to prevent abuse.
    Its not fraud, it the teenager buying 5000 point bundles on his dads credit card that is attached to the account to pay the monthly VIP fees
    Fallen former minion of the Gelatinous Cube
    Proud Member of Ascent
    Arko Highstar
    Arckos Highstar

  12. #12
    The Front Side Gratch's Avatar
    Join Date
    Jan 2006
    Location
    Sunnyvale, Cactus Area
    Posts
    2,875

    Default

    I've never seen this TurbineCS person.

    Is this a phishing attempt to get me to change my password while they have the account IP redirecting some connections??? 3 posts all in this thread eh?

    But really Tolero/Cordovan/etc.... if you're gonna tell us about security... do it with a well known identity or at least an introduction from a trusted source. That's security basics.


    Ed: Neg repped for this? Srsly? I mean... I realize there's no possible way myDdo or dev account access could ever be hacked...I mean never. But wouldn't someone post exactly this with a new name if say this forum technology did get hacked? Though they'd probably add a misdirecting URL along with it.
    Last edited by Gratch; 01-25-2011 at 06:24 PM.
    Quote Originally Posted by Cordovan View Post
    DO NOT DO THIS. We are investigating.

  13. #13
    Founder Freeman's Avatar
    Join Date
    Feb 2006
    Location
    Falls Church, VA
    Posts
    5,337

    Default

    I read a good tip for making long passwords easy to remember. Just put it in email format, such as "goodpassword@youwillneverguess.xxx. We are already trained to remember that format, and you can easily customize it for different sites. Here, use [password]@[favorite character].com or something along those lines.
    Freeman - Human Bard - Thelanis Fulfilling my duty to the ladies of Stormreach
    Yuvben(Halfling Rogue), Acana(Drow Sorcerer), Walket(Human Cleric), Mahoukami (WF Wizard), Knicapper(Horc Fighter), Pyetr(Human Bard), Mazinger (WF Barb), and Belcar(Halfling Ranger).

  14. #14
    Hero
    Knight of Movember
    2014 DDO Players Council
    Hafeal's Avatar
    Join Date
    Sep 2006
    Location
    at a keyboard
    Posts
    5,577

    Default

    Quote Originally Posted by TurbineCS View Post
    We take the ability to purchase points with payments methods very seriously, and your store purchases have additional layers of anti-fraud security to prevent abuse.
    Except perhaps, from Turbine itself, who has yet to deliver a regular statement of TP activity of both using and acquiring said points ...
    Gamma Tester, Dungeons & Dragons Online
    Beta Tester, DDO: Eberron Unlimited
    Alpha Tester, DDO: Stormreach

  15. #15
    Community Member delicious.crab's Avatar
    Join Date
    Jun 2010
    Location
    BEHIND YOU!
    Posts
    96

    Default

    I've always been a fan of the initial letter mnemonic.
    We the People of the United States of America = wtpotusoa
    when in the course of human events it becomes necessary = witcoheibn
    add punctuation where it occurs.
    song lyrics work pretty well too.

    fairly random, yet easy enough to remember.

  16. #16
    Community Member English_Warrior's Avatar
    Join Date
    Dec 2009
    Posts
    632

    Default

    Quote Originally Posted by Phoenix-daBard View Post
    I would like to add some things to the above advice:

    1. NEVER use a word in the dictionary. Even if you 1337 it, it is still in a dictionary and is the easiest kind of password to crack.
    2. Always include numbers and at least one math symbol as it makes the password that much harder to crack. (Don't just put a 1 at the end. That is just dumb.)
    3. Longer is better. Using a phrase that means something to you means that you can remember it better and the length makes it harder it is to crack.

    edit: Cross posted Flavilandile's excellent advice.

    A former password that I used elsewhere was: K1a5z-kl0on
    The whole weak/strong password thing is a total red herring. The only person who will break into your PC accounts because you have a weak password is your 15 year old nephew messing around on your PC while your back is turned.
    In 99% of cases the bad guys get into your accounts because they already HAVE your password, it doesn't matter how obscure the password is if you get keylogged / give your info to the wrong person / get scammed / get phished / somebody hacks a website with your info on.

    Just keep your password unique to each account and change them often.
    Sarlona
    Main Toons = Alphasixsix - Blackbell - Ironsack - Deltasix - Ironflute
    Euro Refugee...both in game and out.

  17. #17
    Hero
    Join Date
    Sep 2009
    Location
    Danmark
    Posts
    109

    Default

    Just a note, the "My Account" link on ddo.com, MyDDO and The Compendium refers to the standard http site, while the forum one refers to the https site. Think that the ones not referring to the https site should be made to do so.

    Just now that we're talking security.

  18. #18
    Scholar Of Adventure & Hero Missing_Minds's Avatar
    Join Date
    Jun 2006
    Location
    work....
    Posts
    30,184

    Default

    Quote Originally Posted by Flavilandile View Post
    Now you can call me paranoïd... it's true... I used to play Paranoïa.... The Computer is your Friend. *grins*
    You commie mutant traitor! (I had to. )

    Also, when you make changes to your account, review ALL account data. Make sure your email IS the correct one. My wife's got changed once and she did NOT change it.

  19. #19
    Community Member KraahgDaAxe's Avatar
    Join Date
    Feb 2009
    Posts
    346

    Default

    Quote Originally Posted by English_Warrior View Post
    The whole weak/strong password thing is a total red herring. The only person who will break into your PC accounts because you have a weak password is your 15 year old nephew messing around on your PC while your back is turned.
    In 99% of cases the bad guys get into your accounts because they already HAVE your password, it doesn't matter how obscure the password is if you get keylogged / give your info to the wrong person / get scammed / get phished / somebody hacks a website with your info on.

    Just keep your password unique to each account and change them often.
    Actually most security experts now state that changing passwords frequently isn't as beneficial as you are lead to believe. It's more of a "It's changing therefore it must be secure" feeling for the users. In all reality, strong passwords that change less frequently are better then weak passwords you change weekly. Alot of companies are moving to passphrases instead of passwords because of this.

    Kraahg
    Stillz Azgoth:
    11 Dwarf Light Monk - 7th Life
    1st-Ranger-tri-class-gimp;2nd-Fighter;3rd-Pallie/Monk;4th-Pallie/Monk;5th-Dwarf-Light-Monk;6th-Fighter/Dark-Monk-yuck

  20. #20
    Founder & Hero Vordax's Avatar
    Join Date
    Feb 2006
    Posts
    2,222

    Default SecurID

    Any thought of adding a SecurID type authentication option?

    http://en.wikipedia.org/wiki/File:Se..._token_new.JPG

    Vordax

    (one of your competitors offers it, would be nice to have)

    Politics is supposed to be the second oldest profession. I have come to realize that it bears a very close resemblance to the first. - Ronald Reagan

Page 1 of 4 1234 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

This form's session has expired. You need to reload the page.

Reload