As a council member of a fleet that has just suffered a user account compromise which lead to some thefts from our fleet banks, which whilst we're not too concerned about because it was all material things that we can get back,
what I am concerned about is the poor user in question who has therefore suffered that hack.
** THIS THREAD IS NOT TO TALK ABOUT THE EXPERIENCE BUT PREVENTATIVE ACTION, SHOULD CRYPTIC/PWE TAKE IT **
So, as a ticket is raised, I won't be drawn into ANY details,
My concern and therefore question is this;
with the launch of free-to-play and therefore the rise in the game's popularity, would it not be prudent for a relatively small investment in an RSA server? granting us the ability to have RSA token clients on our smart phones (iOS/Android) as other big titles do?
As a gold member, I would like to ensure that my account is as safe as possible, and if need be, I'd be happy to pay a little premium to have said insurance policy,
so, as this is a discussion, people play nice :-)
** Looks like my thread was moved to "PC & Technical Issues", which it has nothing to do with! **
At Cryptic Studios, your privacy and security is important. As part of our ongoing efforts to monitor and enhance security, we recently detected evidence of an unauthorized access to one of our user databases. The unauthorized access occurred in December 2010, and evidence of this has just been uncovered due to increased security analysis.
So it looks like people affected were probably like me. I hadn't changed my password since playing the beta. I just didn't think anyone would bother stealing it, it's just a game, there's almost no profit to be had. Well whatever. I'm glad they found the problem.
Now I expect the righteous rants to merge from "don't hand out your information" and "choose a good password" to "change your password more often".
But you should ask this question first... Why haven't these measures been implemented for on-line Bank and Financial transactions, when they have such higher stakes to lose...
(The answer is that the costs are not 'negligible'....)
In my previous job as a sys-admin (aka an IT department) we implemented RSA tokens ourselves for our 1000 user workforce, it's not that hard, nor expensive in the grand scheme of things, but that's all besides the point,
it can and is done for corporations all over the world