Hakced...SE has horrible security

[Matthew_John]

So what do I do...totally broke now they sold my whole inventory cant even teleport....does SE do anything to help situations like this out?

[Ryuseki]

Yeah, they have horrible security, or you go to phishing websites and click bad links, and/or tried to buy gold.

[Kosmos992k]

Your account is hijacked because your password was weak enough to be guessed, or it was obtained through a keylogger, phishing site, or some third party forum/website where you used the same email and password combination to register. How is that weak security for SE? Choose a strong password that is not the same as any other, and activate a security token - which are FREE for smartphone/tablet users.

[Mapleine]

Even if it was his fault, I feel it's unfair to blame the user outright, you can get hacked through so many methods nowadays, down to flash exploits in banner ads on legit sites. If you are new to MMOs let me tell you right now that without an auth or another form of defense if the game becomes popular enough it's only a matter of time.

It's Squares game and their job to layer on the security and take care of the user. If they choose not to, they will be spending a hell of a lot of money putting up with recovery efforts or losing a lot of money on lapsed accounts. Other pubs have learned this the hard way.

First thing they should have done, especially as a Japanese company that will not be having the same intensive hands on approach as a Blizzard, et all, is to use an Email guard by default. Works wonders as an initial defense, better than an auth in most cases, and requires nothing additional of the user.

[Oriachim]

I think there should be alarm bells ringing with SE. User logs in say the UK... 10 mins later user logs in Poland. See what I mean? It's SEs fault just as much as the users.

[JamieLee]

Hate to burst your bubble... Chances of them getting your user id and password is pretty low from Se.. Chances of them getting your user id and password that works on your FF XIV account from another site that you used the same user id and password on about 100 percent...

[worldofneil]

First thing they should have done, especially as a Japanese company that will not be having the same intensive hands on approach as a Blizzard, et all, is to use an Email guard by default.

They did have that originally, people who logged in at new locations (and weren't using a security token) had to verify their account (via email/website).

People were screaming on the forums for it to be turned off... and I guess they did.

[Mapleine]

They did have that originally, people who logged in at new locations (and weren't using a security token) had to verify their account (via email/website).

People were screaming on the forums for it to be turned off... and I guess they did.

Can't please everyone, no one is gonna quit the game because of their (more than likely) account sharing being a little more annoying. They will quit when they're hacked, robbed and routed through an utterly anemic recovery system run by a localization branch, though.

[MutznNutz]

The issue with IP/Email guard is that people like me get stuffed far too frequently.

Most ISP's do not use Static IP's, instead using Dynamic IP's. This means (I am not 100% tech savvy on IP stuff so apologies if not spot on) each time you reboot PC and/or Router your assigned a new IP address, and as such the game assumes a new location, and refuses log in.
I had this twice before it was removed (Either Beta or EA, cannot recall) and it took nearly 3 hours for the 1st email to arrive, and nearly 5 hours on the 2nd occasion!!! All time I am locked out of the game.

far too many people are already jumping on the "U is teh Gilbuyer" ship. Not everyone who has been hacked buys gil.
The number of methods of exploiting your password (no matter HOW strong it is) are huge.
Flash trojans, 3rd party keyloggers, 3rd party websites hacked, phishing emails etc.

I have even seen one post on this site where someone WITH A SECURITY TOKEN was hacked (not quite sure how, or if true).

SE does need to look at ways to remove the lure of hacking an account (RMT purposes). But for now they have too much on their plate trying to deal with all the other serious issues on their plate (3102/90k/server load/etc.)

[Zeblade]

While some of the things people say here are true about getting hacked its EASY to get info. Most dont need a keylogger or a weak or strong password lol. Take people in this thread alone. They use names or say things that link them to so many other things on the net. Where you can find out their real name, address, email. The net remembers even if you dont. They post on forums and facebook blah blah blah... Its very easy to find you.

Don't be so easy to think because someone got hacked it was because they bought gold or a bad password.