Thoughts: Un-Suspended from Hacking / Increasing Account Security / RMT Blacklisting

[Cirsce]

I've posted in a lot of "I got hacked" types of threads over the past week and I just wanted to update everyone and give my thoughts on a few topics.

For anyone who's seen me post, yes, my husband account was finally and joyfully un-suspended a few hours ago. Making it the 11th day after it was first compromised. Ten to eleven days seems to be the magic number of days for a few people around the forums.


Account Suspension

The Wait:

Yes, it sucks but there is literally no way around the wait that anyone can find.

Assume you're going to wait at least 10 days before the investigation is finished and you'll hopefully be un-suspended.

Contacting Customer Service:

You have a few choices here. Sending a ticket by email, live chat, and phone support. The sooner you start the steps here the better, especially your email ticket.

The one thing can I can say may have helped my husband is that he was very specific when talking to them about exactly when he thought his compromise happened and pinned it down to a 9 hour window. Make sure that you tell them when you logged off, when you discovered it was hacked / suspended, and how you knew it was an RMT compromise (the mog station showed I had a gibberish named character created on another server that isn't mine).

I'd assume more specifics you can give the easier you're making it on them. And easier means faster.

Email Ticket: First off you should always send an email. This is how your ticket number is created and if you get on the phone with them their first question will be "what is your ticket number".

Live Chat: The live chat wait is around 1-2 hours or more. While live chat support can't do anything other then tell you they'll escalate your escalation, I can assume it's still good to call in and show you're actively trying to get your account back.

Phone Support: The average wait time for phone support is also 1-2 hours or more. The same thing applies for phone support as live chat, they can't actually do anything other then to reassure that there is an on-going investigation.

(310) 846-0345


Increasing Account Security

Choosing your password:

• Pick a very long password. If 20+ is good 30+ is better.
• Use something that you'll remember, but doesn't make sense when you string it together.
  Don't use: cutefuzzykittens Use: purplesheepforestkettlepajamas .... see what we're doing here?
• Make use of uppercase, lowercase, numbers, and symbols.
• Don't use the same password on other sites. Or email.

The Token:

While some people have said their token somehow got removed. I'm assuming that one more hurdle to jump over will deter them from choosing you or just going with the guy using "password123" and no token.

Again, we've got options here: Iphone or Android smartphone, Authenticator, or the Android Emulator for your computer. No matter what you pick, write down your emergency password and/or email it to yourself. And make it an email that isn't associated with your SE account.

Iphone/Android: It's called SQEX TOKEN....so go download it, now.

Authenticator: Buy it from their website, you press the button on the device and it pops out a password good for about one minute. If you don't have a iphone or android type smartphone and you're NOT tech-savvy, I'd suggest this route.

Android Emulator: Most people use this for developing applications. However, it can be used to install the SQEX TOKEN on it. Meaning: score...no wait for your authenticator and no shelling out money for one.

Obvious warning here for the android emulator, you'll have to have access to the computer you put the emulator on to log into your account.


RMT Spamming

I am by no means an expert on dealing with RMT spamming in cities, but I want to share how I deal with it.

New Chat Window for Cities: Create a chat window that doesn't include shouting for cities or alter an existing one for use. Most people don't use shouting to talk now anyways, since it's so congested. And when you get further into the game it won't matter as much because you'll mainly be chatting on your linkshell and with your free company.

Blacklisting: If someone keeps whispering you, blacklist them. Or just blacklist everyone shouting if you feel it's worth your time. You can click on their name to "send them a message" and then just copy and paste it into your blacklist, makes it easier.

When your blacklist is filling up, start unblocking people near the top. You can do this because the people near the top are from 2 or more days ago. Meaning the account is already suspended and waiting investigation. While that's happening I'd assume the same name can't be created because it still exists. And if that account does get un-suspended after 10 days to 2+ weeks the chances of someone typing out that exact same name again are slim.

Also, most people think that only the RMT spammers with regular names are on hacked accounts, think again. They just create a new character. 95% of the RMT spammers you see are probably on hacked accounts.

- - - - - -

I hope this was semi-helpful to someone out there.

I've been biding my time until my husband and I could play again, so I wanted to make this post before most my free time with him goes to catching up to our friends on FFXIV. Instead of reading the forums like I have been doing the past week and a half.

Here's to hoping everyone who's been compromised will soon be back in game with us.

[Arriverderci]

Get the Physical Token mostly. There is just no way people can bypass that one.
Pretty sure they can somehow phone-jack it.

[KisaiTenshi]

Get the Physical Token mostly. There is just no way people can bypass that one.
Pretty sure they can somehow phone-jack it.

They could attempt to remove it from the account if they have access to your already-logged into mogstation, if your computer is compromised. That's about the only way. The iOS app is likely safe if the device isn't jailbroken. Android's only safe if you're running it from a non-jailbroken device. I wouldn't run the Android emulator, as much as this sounds like a good idea, it's on your PC and can be compromised easily.

The physical hardware authenticator can't be hacked, but the batteries can die in it.

I haven't been hacked, ever, I've played MMO's without authenticators, relying on short, but different passwords for all games and emails involved. This is the first game that I've played that I felt having an authenticator was a good idea. I've never played WoW but I hear that game is even worse about needing authenticators.

The Freemium games I've played, the bots take the easy route and just keep creating new accounts. So this is the largest difference between a subscription game and a freemium game. The ability to abuse the game by creating new accounts and characters is extremely limited. SE could probably make this even more difficult for spammers/hackers by putting character-level one-time passwords that are asked only when the IP address changes, and not permit new characters from being made until one of the existing characters have been validated.

[RyuujinZERO]

Choosing your password:

• Pick a very long password. If 20+ is good 30+ is better.
• Use something that you'll remember, but doesn't make sense when you string it together.
  Don't use: cutefuzzykittens Use: purplesheepforestkettlepajamas .... see what we're doing here?
• Make use of uppercase, lowercase, numbers, and symbols.
• Don't use the same password on other sites. Or email.

Given the increasingly ridiculous demands companies make of your passwords (Must include a symbol, upper case, lower case number and at least 16 characters), and the dangers inherent in using the same password for everything, a password safe program such as KeePass are incredibly useful. Programs like that work by generating a random, very high security password and then storing it locally on your machine from where you can retrieve it via the clipboard to paste into the relevant password slot. So you only need memorable passwords for stuff like your e-mail (In order to allow password resets if you lose access to your password safe), the rest can have unique, computer generated passwords

[ShuCho]

There were some accounts that were hacked during the security breach SE had with their network. Some of those accounts did have security tokens on them

[KisaiTenshi]

There were some accounts that were hacked during the security breach SE had with their network. Some of those accounts did have security tokens on them

SE was last hacked in 2011, if you're still using the same password since then, that is stupid.

http://na.finalfantasyxiv.com/lodest...41eaefc2aeef7b

"Currently, we have confirmed that a third party is using account names and passwords, thought to be obtained from security breaches of other companys' online services, in attempts to gain unauthorized access to Square Enix accounts.

If you are using the same account name or password as your Square Enix account on other online services, there is a much greater chance that a security breach at any of the other online services could potentially lead to your Square Enix account being compromised."

More bluntly, if you use the same username and password somewhere else, that is why you were hacked. Please stop being stupid. Use the authenticator.

[Raist]

I received my token in early 2009 (preordered it for XI when they first started selling them). I logged into that game almost daily on through 2012 with that thing (barring a few short breaks here and there, and of course the earthquake downtime). I left the game coming into Xmas 2012, then came back for about 4 months or so in 2013 to explore SoA, then finally left it behind, anticipating XIV. I also used it for XIV 1.0 Beta, and have been using it since Beta4 almost daily there as well (barring the downtimes). And when I say I logged in daily, that wasn't always just once a day---sometimes it would be multiple times a day for either the game and/or account management.

The point is.... it's still running after 4+ years of steady usage. Yes, the batteries may die... eventually. Just haven't seen it yet with mine yet.

Was definitely worth the $9.99 on the credit card (now $10.99).