Please clear your blacklist!

[Sylve]

I was typing out a reply about how people get hacked but I'm not going to bother. I'm currently lodestoning people with normal names and if there account seems somewhat decent then I'll unblacklist it.
Getting hacked is pretty pathetic in this time and age, I mean security on stuff is so high the only thing I can think of is a) Virus from downloading bots or buying gold or b) Very, very weak password.

It's nice to see you apologizing though, I do wish you'll take more precaution in the future.

To be fair, 'hacking' these days is done via bots that run every combination of letters and numbers currently usable by computers, doesn't matter how 'strong' your password is, its only a matter of time before a bot comes up with the right string to let it in.

[Sovereign]

To be fair, 'hacking' these days is done via bots that run every combination of letters and numbers currently usable by computers, doesn't matter how 'strong' your password is, its only a matter of time before a bot comes up with the right string to let it in.

Which is why security tokens and account lockouts (say after 5 wrong guesses) are a good idea.

[Rydin]

To be fair, 'hacking' these days is done via bots that run every combination of letters and numbers currently usable by computers, doesn't matter how 'strong' your password is, its only a matter of time before a bot comes up with the right string to let it in.

I don't think they're brute force hacking peoples accounts... thats so inefficient...

[Sylve]

Which is why security tokens and account lockouts (say after 5 wrong guesses) are a good idea.

But they're not perfect. Which is all I'm saying. You can be the safest guy in the world with strong AV, tokens and stupid long passwords changed daily, but you'll still get done in by a determined hacker. Just a matter of time.
I still think using Email addresses for Usernames was a bad bad idea. Usernames or logins were literally an extra password a potential hackbot needed to get right.
@Rydin,
No, maybe they're not brute forcing *all* the accounts, but i would wager many accounts are lost to it.

[moody]

Lots of us were banned for RMT spam because our accounts were hacked, eventually we will be back online. My request is that you frequently clear your blacklist, especially if the name is a normal name and not just a jumble of characters.
There is no point keeping these names on your blacklist because they all get banned quick so you shouldn't see that name ever spam again.

The problem is that the name generator also generates realistic names. While I feel sorry for you that your account was compromised, I'm more than willing to take the chance that I've blacklisted 6 real players if it blocks 30+ gil sellers.

You (and many others) seem to forget phishing and how rife that is.

You can't blame people for being gullible and falling for a phishing scam, then following the dodgy links and entering crucial information. These people are clearly legit players, if a little on the dim witted side - they don't all deserve to be written off as "RMT/Botting scum - you deserve my /blist!"

Yes, I can blame them. It's easy. [x] didn't bother looking at links before entering information no company should need to ask for. That would be their fault. I'm totally blaming them.

But they're not perfect. Which is all I'm saying. You can be the safest guy in the world with strong AV, tokens and stupid long passwords changed daily, but you'll still get done in by a determined hacker. Just a matter of time.
I still think using Email addresses for Usernames was a bad bad idea. Usernames or logins were literally an extra password a potential hackbot needed to get right.
@Rydin,
No, maybe they're not brute forcing *all* the accounts, but i would wager many accounts are lost to it.

The reason brute force attacks are not reliably effective is that you can put a time sensitive authentication code on the account. If you're performing a brute force attack against an account with an even reasonably secure non-dictionary password the authenticator code should change before a Brute Force can reasonably work out that combination.

[Kitya]

I think you need to read this comic: http://xkcd.com/936/

This is hilariously true. I love the horse

[Deedsie]

What I can't stand is getting spam shouted by somebody that's already SUPPOSED to be on my blacklist, and I have to remove it and put it back on again.

[KelenaeV]

I have over 100 blacklisted people, ALL of them RMT, and I add more every day.

I prefer to see a message from SE saying "we've banned" or "we've recovered X amount of RMT accounts" before I clear my list. I'm sorry, but please wait a little longer!

http://na.finalfantasyxiv.com/lodest...33498e43afd6f4

Period: Aug. 24, 2013 to Sep. 5, 2013
-Accounts receiving disciplinary action for RMT advertisement: 518 Accounts -Action Details: Permanent ban from FINAL FANTASY XIV

http://na.finalfantasyxiv.com/lodest...095a614312461a

Sep. 5, 2013 to Sep. 10, 2013 (PDT)
- Accounts receiving disciplinary action for RMT advertisement: 828 accounts
- Action Details: Permanent ban from FINAL FANTASY XIV

Your just missing them.

[Pandemonium]

In all my years I have never fallen for a phish. Oh Square Enix is going to give me the best gear in the game all I have to do is give them my password and username? Seems legit.
They already have it & it's encrypted in their database nor do they need my account information to access my account.

Common sense just isn't common enough.

In all your years you've never fallen for a phish? WELL DONE SIR! *Slow Clap for you*

Oh wait, neither have I though! *Slow clap for me too*

Phishing isn't all about "Dear member, please reply with your account details and password so we can give you free relics..."

It is more about:

"Dear SE Member,
There have been attempts to hack your account, please log into here and change your password to a more secure one..."

I've been a website designer for awhile, which is probably why I don't fall for such pathetic hacking attempts.

Not everyone is a clued up as you, or has that privilege.

So don't be such a condescending arse-head just because you are smarter than some of the more gullible people out there. Yes, they may have fallen for a phish, quite innocently, which still means they don't deserve you and others writing them off as RMT/Cheaters/Pay2Winners etc.

Yes, I can blame them. It's easy. [x] didn't bother looking at links before entering information no company should need to ask for. That would be their fault. I'm totally blaming them.

You are a really horrible person.

[Risae]

Not gonna happen.