My account was hacked and how it's been handled so far.

**Mychael** · 09-12-2013 12:16 PM

Originally Posted by ShinrinCole

Originally Posted by Tsuneo

It sounds like the game doesn't kick you even if a token is added to the account or if the account password is changed which in turn means if the person who compromised the account doesn't log out they don't have to go through the new security measures.

If that is true, then the hacker shouldn't be able to log back in after maintenance.

I can confirm this. Back when we all stayed logged in 24/7, I logged in from a random company laptop while I had nothing to do at work one day, and as a result my account was frozen and I had to reset my password. I did this, and still got 3102 errors. When I got home, my character was still sitting there, happy as ever.

The same situation occured when I activated my software token. My characters' connection was not disrupted. I made a thread about it a while back, but I think it was lost to general discussion.

**Silverwalk** · 09-12-2013 12:32 PM

Originally Posted by Mychael

I can confirm this. Back when we all stayed logged in 24/7, I logged in from a random company laptop while I had nothing to do at work one day, and as a result my account was frozen and I had to reset my password
....

That's what I've been wondering. How can they log in from another IP? Even if they manage to gain your password the account should be locked when they try until you change the password.

It used to be this way in 1.0 but has it changed? Or is this check disabled when you put the authenticator on your account?

**Mychael** · 09-12-2013 12:44 PM

Originally Posted by Silverwalk

That's what I've been wondering. How can they log in from another IP? Even if they manage to gain your password the account should be locked when they try until you change the password.

It used to be this way in 1.0 but has it changed? Or is this check disabled when you put the authenticator on your account?

I haven't been frozen since I applied the token. Even if that's not the case, IPs could theoretically be spoofed, and depending on the skill of the hacker, if they're capable of retrieving someone's login information, the IP shouldn't be too difficult. I'm not entirely sure what the requirements for a freeze are. It might be client-related rather than IP-related. I had no issues taking my personal computer to work and logging in before the token.

**Silverwalk** · 09-12-2013 01:07 PM

Originally Posted by Mychael

I haven't been frozen since I applied the token. Even if that's not the case, IPs could theoretically be spoofed, and depending on the skill of the hacker, if they're capable of retrieving someone's login information, the IP shouldn't be too difficult. I'm not entirely sure what the requirements for a freeze are. It might be client-related rather than IP-related. I had no issues taking my personal computer to work and logging in before the token.

Ugh that's disappointing to hear. When I was playing on 1.0 if my internet disconnected and I got a different IP address when it reconnected I got locked out when I tried to log in (on the same computer).

Since you were able to take your computer to work and log in without this happening it seems that 2.0 does not implement this check anymore.

Much

Thread: My account was hacked and how it's been handled so far.

Thread Tools

Search Thread

Display

Hybrid View