Mike O'Brien on Guild Wars 2 Account Security
If youÂve been a part of the online gaming world for any substantial length of time, everything thatÂs in Mike OÂBrienÂs new Guild Wars 2 blog should pretty much go without saying. ArenaNetÂs boss took to the web this week to discuss account security in a new blog and how players can help safeguard their accounts from theft. Over the last few years, several developers have had their account databases breached, busted, burned and plundered for account details; this alone should clue most people that have been around and part of this unfortunate process into keeping a unique password for each of their gaming accounts. After all, if you use the same login details for all of your accounts, it only takes a breach of one for you to lose them all.
ÂSo unfortunately, if the lesson youÂve learned from security advice through the years is to pick a single complicated password, memorize it, and then use it everywhere, thatÂs exactly the wrong lesson for todayÂs security environment. To keep accounts on different sites secure in todayÂs environment, you need to use a unique password for each account.Â
OÂBrien also touched on what ArenaNet has available to help keep your account secure with two-factor authentication and email authentication, but even with those you could still be at risk if youÂre using the same password. ArenaNet has also been building a blacklist of passwords that hackers have been trying to crack on accounts that have yet to be created yet with details they obtained elsewhere, so if players using those credentials make an account, they wonÂt be able to use the compromised passwords. Now thatÂs forward thinking.
Since weÂve been observing hackers constantly scanning accounts that donÂt even exist yet, waiting for someone to create those accounts, we obviously want to make sure that if those new customers do join the game, they donÂt use the password that the hackers are waiting for. Thus weÂre building a blacklist of all the passwords that hackers are scanning for Â itÂs already at 20 million passwords and growing Â and weÂreÂ preventing new customers from choosing any of those passwords. (The blacklist contains passwords only, not account names.)
Check out OÂBrienÂs full blog to learn how you can better protect your Guild Wars 2 account.