| Mail |
You might also like: WoW Insider, Joystiq, and more

Reader Comments (43)

Posted: May 4th 2010 9:23AM (Unverified) said

  • 2 hearts
  • Report
Aion 2.0 looks amazing, and i like the Upped XP. But I wish NC soft would fix their account security, because until then i will not play any NC soft game. Getting your account hacked through their system because someone can reset your security questions is retarded. Security questions are there for a reason and should never be changeable.

Posted: May 4th 2010 10:24AM Crabtree said

  • 1 heart
  • Report
How is it NCsoft's fault that you can't keep your username and password private?
Reply

Posted: May 4th 2010 10:57AM (Unverified) said

  • 2 hearts
  • Report
Because it wasn't hacked through anything on my computer. I didn't even have an active sub up within about 5 months of it being hacked. Also it wasn't hacked through my account name and PW, if you could read, it was hacked because someone reset my security questions through NC soft, allowing them to change my log in.

I use AVG, Comodo, Spybot, NoScript, and keyscrambler on my Desktop and haven't had a virus to date with this comp and i've had it for 3 years. I also have played EQ2, LotRO, WAR, CO, Global Agenda, DDO, And have an active steam account, all of which have never been hacked.

So yeah I am blaming their systems on this one.

If you still don't believe me look at this.
http://mmofallout.com/2010/01/02/your-ncsoft-master-account-a-ticking-time-bomb/
Reply

Posted: May 4th 2010 11:46AM Crsh said

  • 2 hearts
  • Report
Link to patch notes is dead, something about a bad search query.

Posted: May 4th 2010 10:03AM (Unverified) said

  • 2 hearts
  • Report
Couldn't agree more with you on the account security issues ncsoft has, It is a definate problem they have been failing to get on top of since release, Its ultimatlely what made me quit the game. Aion is a good game, but poor account security will end up making more and more people quit.

Posted: May 4th 2010 10:27AM Crabtree said

  • 1 heart
  • Report
What problem is that? Keeping information that only -YOU- should know private and secure? They can't prevent you from getting key-logged or phished.

I suggest reading The Art of Deception: Controlling the Human Element of Security.
(http://www.amazon.com/Art-Deception-Controlling-Element-Security/dp/076454280X/ref=sr_1_1?ie=UTF8&s=books&qid=1272983218&sr=8-1)
Reply

Posted: May 4th 2010 10:04AM (Unverified) said

  • 2 hearts
  • Report
Link is broken for me...

Posted: May 4th 2010 10:13AM Jef Reahard said

  • 2 hearts
  • Report
Just checked it, working for me. Here it is again:

http://powerwiki.na.aiononline.com/aion/Korean+PTS:+Initial+2.0+Patch+Notes

Posted: May 4th 2010 10:55AM (Unverified) said

  • 2 hearts
  • Report
Because it wasn't hacked through anything on my computer. I didn't even have an active sub up within about 5 months of it being hacked. Also it wasn't hacked through my account name and PW, if you could read, it was hacked because someone reset my security questions through NC soft, allowing them to change my log in.

I use AVG, Comodo, Spybot, NoScript, and keyscrambler on my Desktop and haven't had a virus to date with this comp and i've had it for 3 years. I also have played EQ2, LotRO, WAR, CO, Global Agenda, DDO, And have an active steam account, all of which have never been hacked.

So yeah I am blaming their systems on this one.

If you still don't believe me look at this.
http://mmofallout.com/2010/01/02/your-ncsoft-master-account-a-ticking-time-bomb/

Posted: May 4th 2010 10:57AM (Unverified) said

  • 2 hearts
  • Report
My bad, meant to reply above.
Reply

Posted: May 4th 2010 11:14AM archer75 said

  • 2 hearts
  • Report
Having an active sub is irrelevant. They can get your info previously when you did have a sub and just not get around to using the thousands of logins they do have.

You don't get hacked in those other games because their populations are quite a bit smaller so the games aren't a target.
AVG, while free, isn't a very good virus scanner. Nor is comodo. Neither has very good protection against zero day attacks. Firefox is always the first to fall at the pwn2own hacking challenge. I'd switch to chrome which was not hacked at the challenge because the contestants said it was too hard and didn't want to take the time. superantispyware is now higher ranked than spybot. The new Norton, yes norton, is the highest ranked virus scanner. And can protect against zero day flaws. Before you go on about it being bloated it was rewritten for 2009 so it's very lightweight.

Not saying your computer was hacked but it is most certainly possible even with the software you run. And you can get new keyloggers that your apps don't have the definitions to detect.
Reply

Posted: May 4th 2010 11:13AM Grok said

  • 2 hearts
  • Report
Inferring that it's a problem of sharing your account info over and over again despite the fact that it's been explained to you that it's a problem with NCSofts security makes you look like an idiot.

Seriously, get off your high horse and read the link he has provided. NCSoft's security problems are a real concern.

Posted: May 4th 2010 11:28AM (Unverified) said

  • 2 hearts
  • Report
If only they took the chance to google "aion account hacked" or something along those lines they would see that too.

Honestly the game itself is amazing, and I used to like guildwars too back when it hit, i played it for over a year.

But, i still cant allow myself to buy a game from a company that uses horrible account security, And although you guys keep saying it must be my fault my account was hacked, i assure you it wasn't, one of the many reasons is the fact that the information used to reset my account info was never once entered into this computer, all of things like my unique account ID, which was sent to me in an email that i never opened until i had to get my account back. Explain that one. Unless you know of some program that opens my Gmail, picks that email, opens it, then somehow still have it show up as unread.

I would love to play aion again, but when i don't trust NC soft I won't use their service.
Reply

Posted: May 4th 2010 11:57AM Crabtree said

  • 2 hearts
  • Report
I took a look at your link, and while some *seemingly* valid points are made, it is all speculation, and honestly probably just another attempt at passing the blame instead of taking responsibility for the security of personal account information.

As players on the outside, we may never know exactly what the deal is at NCsoft. Similarly, I will never know why or how your account was hacked/compromised. So I'm just offering my opinion anyways. You don't have to agree with it.

NCsoft, and any other gaming company for that matter, CANNOT secure personal information for account holders. Accounts are targeted and attacked via compromised e-mail addresses all the time (and yes, a compromised e-mail can be read and then marked as unread), so I don't know why you rule that out as a possibility. If there was a major breach in NCsoft's system, wouldn't EVERY account have been compromised?

As a veteran MMO player who has never been "hacked" nor *compromised*, I will be hard pressed to acknowledge that an account can be "hacked" in any AAA MMO game. Nobody is hacking the Gibson. The entities involved in compromising game accounts do not employ technologically sophisticated tactics (at least not compared to the types of security measures that any account based system utilizes readily). They simply exploit the human flaw in security, and that is the bottom line as far as I'm concerned.
Reply

Posted: May 4th 2010 12:08PM Crabtree said

  • 2 hearts
  • Report
More pointedly, blaming NCsoft for your compromised account is like blaming the Police department for someone breaking into your house.
Reply

Posted: May 4th 2010 1:28PM archer75 said

  • 2 hearts
  • Report
FYI, there has been reports of gmail accounts hacked on several occasions. Not saying that's what happened, but just so you know.

And just because NCsoft may have some account issues doesn't necessarily mean that is the way you were hacked. Fact of the matter is you don't know for sure.
Reply

Posted: May 4th 2010 3:23PM Rialle said

  • 2.5 hearts
  • Report
I have never played Aion, and only know a few people who do/did, so I cannot evaluate if the security information posted in these comments are actually accurate.

It is likely that the majority of compromised Aion accounts probably caused by keyloggers or or people being loose with their credentials. However, there is also a prevalent belief among some people that NCSoft's account management site itself has, or at least had, it's own security issues. These issues as reported could potentially lead to an account compromise even if a user has done all due diligence to protect the account and their own machine.

The data posted in the links on this article, if true, illustrate that NCSoft is not using best practices when protecting accounts on their end. If it is possible to trick the site into giving access to an account (even if at random) without the credentials, or it is possible to brute force a password because NCSoft won't lock an IP after subsequent logon attempts, then some of the responsibility for compromised accounts could possibly rest on NCSoft's shoulders.

It also appears that NCSoft does not have a two-factor authentication option available like Blizzard and Square-Enix do. Correct me if I'm wrong on this.
Reply

Posted: May 4th 2010 12:12PM (Unverified) said

  • 2 hearts
  • Report
Justin.. this is a common problem with aion's security issues, I like you had my account hacked and cleaned out months after I closed the account, Its plain and simple, aions account secuirty is crap, you dont have to be a victim of a keylogging program, or phishing webiste to get your account hijacked in aion. Whats even more upsetting is that Ncsoft most of the time will not give you your items back or kinah that was taken from the account, they just assume you RMT and try to prove it through showing you ingame transactions that were made from your account while it was hacked :D All that said I stand by what I said earlier, Aion is a good game, just has poor account security.

Posted: May 4th 2010 12:16PM Crabtree said

  • 2 hearts
  • Report
You throw out the term "account security" like it means more than it does, or like you know more than you actually do. What could NCsoft do to improve their account security? How does it differ from WoW's or CO's security?
Reply

Featured Stories

WoW Archivist: A Glyphmas story

Posted on Dec 21st 2014 12:00PM

One Shots: Top 10 best player screenshots of 2014

Posted on Dec 21st 2014 10:00AM

Engadget

Engadget

Joystiq

Joystiq

WoW Insider

WoW

TUAW

TUAW