Account Guard now in Testing
View Single Post
Join Date: Dec 2007
06-07-2012, 04:30 PM
So, by "cannot access the account" without the code do you mean through the game client or through the client AND the website?
Because I see this happening:
1. I log into someone's account and get told to verify the computer. Now I know I have the right password.
2. I got startrekonline.com and login to their account. Now I change their email address so that emails goto my email.
3. I try logging in again, the code gets sent to MY email now. I authorize my computer, login, and wipe their fleet bank and personal bank out sending it all to some dummy account.
4. Rinse and Repeat.
We've heard that Cryptic will reimburse individual accounts as best they can but we also know by that same token that you have no desire to reimburse a FLEET for lost and/or stolen items. So if someone jacks my fleet leader's account and does the above they can then send all my fleet's items and money away and you won't do anything about it.
Now add in how much time and effort people will be investing in Starbases and the amount of resources being gathered for that and there's a whole new issue.
Sure the above procedure might assist in identifying the bad guys and all but then what? We MIGHT get everything back and we might not? The bad guy will get a ban? They email the stuff to a free account and disseminate it from there and there's no way you can ban/punish everyone that's touched that loot...
I'm just hoping this applies to both the My Account page and the Client otherwise it's only gonna stop the laziest of hackers.