Jushiro wrote:
Quote:
Somebody (hopefully you!) asked to reset the password on your Guild Wars account.
To change your password, click the link below.
<link here>
If you did not request to reset your password, you can ignore this email and no changes will be made to your account.
Need help or have questions about your Guild Wars account? Visit our support site: <link here>.
Thanks!
--The ArenaNet Team
I received this e-mail three times, and I did not request a password change.
So I've been following this the last couple days and these are the theories that have been floated around...
1) ArenaNet's servers have been hacked and all accounts have been compromised.
2) A GW2 forum or information site (that requires a login) has been hacked and they're checking Account/Password combinations on those websites to those of the ArenaNet service.
3) Hackers are using old account information from other game hacks, like those that had their Battle.net or Sony accounts compromised in the past.
Posted on the GW2 Reddit...Quote:
This is the current status of the most important issues we're tracking with Guild Wars 2 live service.
Account security - Hackers are systematically scanning email addresses and passwords harvested from other games, web sites, and trojans to see if they match Guild Wars 2 accounts. We're taking a number of steps to protect our players from this, listed below, but we need your help too. To protect your account, make sure you use a strong, unique password for Guild Wars 2 that you've never used anywhere else. If your password isn't strong and unique, change it right now. For the highest level of protection, also create a unique email address to use solely for Guild Wars 2.
Here are the things we're doing to protect your accounts.
* We have the "password reset" feature temporarily disabled. If you need to reset your password, contact our customer support team.
* We now have email authentication turned on for all players with verified email addresses. With this feature, even if someone guesses your password, when he tries to login from a location that you've never logged in from before, you'll have an opportunity to approve or disapprove of the login through an email check.
* We've noticed that hackers who discover a working email address and password combination don't always immediately exploit the compromised account. We sent email to everyone whose account has been suspiciously logged into asking them to immediately change their email address and password.
* We will also be sending email to all customers whose accounts have been unsuccessfully tested by hackers. We strongly recommend that these customers create a new, unique email address for their account.
* We left in-game mail disabled for another half-day, because it's difficult for hackers to loot accounts when both in-game mail and the trading post are disabled. Keeping mail disabled this morning to prevent account looting gave us time to get email authentication turned on for all players, and gave players time to secure their accounts. But we will be turning in-game mail back on soon, so we ask everyone to quickly secure their accounts.
Email authentication - We started ramping up email authentication after last night's server update, and it's now enabled for 100% of players with verified email addresses. Email authentication provides a high level of security for everyone, and can provide an even higher level of security when combined with two-factor email authentication. Here's how you can set that up. Create a new unique Google or Yahoo email address solely for your Guild Wars 2 account. Verify that email address with Guild Wars 2 to turn on email authentication. Then follow the instructions at Google or Yahoo to enable two-factor authentication for all logins to your email address.
It's sad that they didn't have the Email authentication available until last night. Anyways, if you guys haven't liked GW2 on Facebook yet it might be worth doing. The CMs post updates several times a day and they let the community know of these issues, what they're doing to fix it, etc.
