Originally Posted by
BuD4Ne
extensive inspections by the security team so far revealed "nothing".
There is nothing wrong with the account security.
my plausible explanation to recent hack events is two improvements done
1- Reset security password via email feature has been fixed at some point in recent months. This was bugged for a long time, and didnt work. When people had their emails compromised in the past, only lost their unsealed items to hackers.. now they lose it all if they dont have OTP.. my advice to everyone is to use a dedicated email for the account itself. Preferably gmail and have the sms login option activated. so everytime you login to that email, it sends you a one time code.
2- OTP used to be only allowed to install on a single device. Users wanted to be able to install more than single copy of it, so it was made.. yet some users thought its a good idea to use OTP to share accounts rather than protect it.. giving someone an activation code to install OTP along with your id and pw is the same thing as giving them your account.. hence.. a number of hacks happened from this field..
3- As OTP usage became more common in past 3 months, people also developed the habit of giving their mates, buddies, an OTP code via phone, vent or ts, for them to log in, assuming now they got OTP and nothing can happen.. telling someone the code twice can get your account hacked.. simple as that.
The person can login to portal instead of the game, use the code to reset your seal password, then say "ahh it didnt work, can you tell the code again" this time log on the game and empty your account.. well.. as some users kept doing this, there you go, a number hacks happened in this field.
4-a lot of clans have the bad habit of sharing accounts, some clan leaders have access to multiple accounts at once.. also lets not forget the fact that a lot of clans also have the habit of establishing genie parties and giving teamviewer access to their buddies, all of these also contribute to hacks.. the more people share the more risk they expose their accounts to.
5-repeating hack posts in the forum, quickly inspired some foxy users to hack their own selves, and join in the Yelling club on forums, or some users who have been hacked, also did the same thing hoping if they make enough noise maybe they can get items restored. All of these are especially visible on the Turkish side of the forum. If you inspect the hack posts there, you will see that there are nearly no users that follow the forum regularly. 90% of users either came to the forum after a hack, or some are keep creating new accounts and again joining the yelling club, to make it look like its a bigger issue. Why do we have almost no forum regulars hacked? a website breach, or security compromise on the site, would cause hacks on people from all groups.. so maybe forum regulars are more vigilant and aware to protect their accounts, and take necessary steps to use improved services like OTP?
please anyone don't dare to tell me how expensive OTP service is or sms should be free or claim OTP is all about money...
if any player here has decent gear where they fear of being hacked, here is a simple math
if you are geared up, obviously you use undy scrolls.. a single undy scroll costs 300 NPoints
300 points can get you 60 sms verification costs, that is enough to protect your account for months or years.. i have OTP on 3 accounts, and i havent used more than 30 points so far in past 4 months.
If you are not geared up, have casual stuff on your account, you are not really a hacker target to begin with.. petty hacks always happened and will always happen. no digital data is 100% safe.. your operating system has a million ways of getting hacked to begin with !!
it cannot be completely free, or it will defeat the purpose of stopping botters to use it.. people who yelled hard when OTP was implemented in Asgard about how it has to be free etc.. yes now i think the first few sms are free.. (NTT listened to players right?)
now.. would you see any farmers or children botting in every moradon spot in Asgard if OTP was kept the way it was .. and even a single SMS required 5 Npoints?
yes OTP activation can sometimes be difficult, and sometimes a pain to get it working. Usually once its installed properly, it causes no dramas afterwards..
if i have an account where i spent months or even years to level up, or gear up, i or anyone "should" have the patience to get OTP up and running, spend hours for it if necessary !!
even using OTP doesn't mean that we will never get hacked.. but it will greatly diminish the chances of it. I am regularly reading posts from people getting hacked while having OTP , but nearly all of these are operating system hacks where remote assistance or remote desktop features were used via trojans... and some others are because of sharing or telling OTP codes.