I don't visit sites, I don't use mods or hacks or any of that garbage. See the problem is when someone changes your password Trion does not send any email verification until AFTER it's changed. Any game with even a fair security would send an email and ask if you requested a change and then warn you to change it because of the attempt, not here, they just change it.
So please explain to me how someone using a password cracker would be MY fault?
A company getting their username/password database is usually how they get password and 100% of the time it can't be the users fault.Originally Posted by greatdividers
In any case, OP is already committed and already told Trion to choke on their copy paste, I wouldn't bother helping him.
I'm not looking for anyones help here, I'm done with this company, all I am doing is trying to warn the few who may listen that there is no security
Trion has a two-factor authenticator you can put on your account. It's used by Rift. I don't know if they have a physical key fob version, but there is an app (at least on iOS) called "RIFT Auth." There used to be a field for it in the Defiance launcher, but they never enabled it for some reason and eventually just removed it from the Defiance launcher altogether. It wouldn't stop someone with your user/pass from getting into the game, but it will prevent someone from logging into your account on the website without it, though.
Why don't you post the message showing the password change just so those you are trying to warn can see some legitimate proof.
Hey Time -
If you want to send me a message with the particulars of your CS case, we can look it up for you and I can see if there's anything I can do.
elizabeth "dahanese" tobey
director of global communications
Twitter: @dahanese | @TrionWorlds | @RIFTgame | @TroveGame | @DefianceGame | @ArcheAgeGame | @EndofNations
Facebook: RIFT | Trove | Defiance | ArcheAge | End of Nations |Trion Worlds
btw it's kind of obvious what your name is a variation of
you mean this?
Greetings from Trion Worlds:
The password for your Trion Worlds account has been changed successfully. Please remember to use your new password whenever you log in to your Trion Worlds account or game.
If you did not request this change, please contact us through our Support Center immediately by clicking the link below or pasting it into your browser: https://support.trionworlds.com
Sincerely,
Trion Worlds Account Services
Just to note I got this at 8:02am that day I opened it when I woke up at 9am it then took me 6 hours to talk to someone in Live support, the GM on live was nice enough I do give them credit for that but in the end this was the final responce I got:
Hello!
Thank you for contacting us regarding Defiance.
I see that you've regained control of your account and taken measures to help safeguard it against further intrusions. I'm happy to let you know that I've removed the suspension from your account and you should now be able to access your account normally. If purchases were made and refunded on the payment method tied to your account, we would definitely recommend contacting your card provider to go through the fraudulent charge process with them.
Unfortunately at this time, we do not have character backups for Defiance, and we were unable to restore your character to the exact way it was before the intrusion on your account. Due to this restriction in our tools, we have gone ahead and awarded your character with several items based on your EGO rating, restored your Scrip to the amount it was previously, as well as Lockbox compensation which will award you with possible epic or legendary items. We hope that this compensation will allow you to continue to progress through Defiance without any further issues. Thank you for your patience in regards to this matter.
If you have any additional questions or concerns then please don't hesitate to let us know. Thank you for your continued support of Trion Worlds and for playing Defiance. Your reference number for this question is ******-******
Sincerely,
GM Oberlon
Trion Worlds Inc.
hey remember diablo 3? when they had the massive amount of people getting into accounts and looting them?
everyone tried to blame blizzard for horrible security, case insensitive passwords, and such.
that went on for a week. the only people who did not get hacked were people with authenticators.
eventually videos started hitting youtube from the alleged hackers.
they used an exploit script to hack PHBB ( one of the most popular forum programs ) and download the user password file for diablo forums. they would then take that username and hashed password list, go to a website that shows you an un-hashed value that matches the hash, and then logged into their D3 account and emptied it.
then they said that was the hard way to do it. the easy way to do it was to run their computer through a stateful packet inspection firewall and use it to subsitute a known value hash ( one they would use ) and have it substitute the known hash with the users hash without ever having to break the original hash.
whats the TL;DR?
they found an exploit in extremely popular forum software to download user login databases, and then used that to log into peoples account because people would use the same password for those forums as their game account.
but wouldnt that mean that the security flaw was in the forum software? not really, people do not always fully upgrade their forum software to the new versions. especially if its a major version upgrade as it would usually mean they have to buy a new license. and licenses can be expensive.
and the hack they used was not solely due to the forum software, it only affected that forum software if the server also had java installed, as it was primarily a java exploit, not the forum software.
i am pretty sure you fell victim to the same thing. i would bet money on it.
I'd LOL if he simply logged into a different server :P
Your Challenger won't drive? You're probably in the passenger seat.
Can't sell/delete an item? Check all of your loadouts, it's likely still equipped.
Auction house? Why? It'll just render bits purchased lock boxes pointless, and weapons are mostly equal anyway.
Gear/enemy progression? No thanks, it'll only render 90% of the content trivial when you reach the highest zone.
Honestly, I do not need to see the proof he got hacked. It was only a matter of time before posts like these started popping up.
1. No coin lock (ie log account in form different ip it keeps you from being able to sell/trade/salvage etc) like Rift has.
2. Authenticator option is not available, it was removed.
Any MMO should have the bare minimum of the #1 option.
As for those who think it is his own fault guess what, it is not. I know because in the 14 years I have played online games I have had an account hacked once. This was in Star Trek Online which also had this severe lack of security about 2 years ago. I quit playing after it took them a month to "fix" the account, which included losing the month I played waiting for their rollback fix.
When you friend someone in game, it gives you the user name of the player. Match that with an email address like Hotmail, Gmail, etc, and walla you have their account name. Then it is a simple matter of cracking the password. Getting access is that easy.
Honestly I think the only thing saving us from wide spread hacking is the fact the hacker/farmers do not have a chat system worth a damn to spam advertisements for their sales.
PS If ya had looked into those layoffs a few weeks back, one of the people was the game security job. Obviously we know why he was laid off.
Posting Permissions
