Forum Settings
       
This Forum is Read Only

Tired of Suspicious ActivityFollow

#1 Apr 29 2011 at 1:56 AM Rating: Decent
*
214 posts
Recently my account has been flagged for suspicious activity three times and all I've done is log in a few times to check out the new content of the recent patches... is this happening to anyone else? It's getting pretty frustrating changing my password each week.
____________________________

#2 Apr 29 2011 at 1:58 AM Rating: Decent
Scholar
Avatar
**
560 posts
I have a security token so it never happens to me, it might be a good investment for you too : )
____________________________


#3 Apr 29 2011 at 2:01 AM Rating: Decent
*
214 posts
I've considered it, but it would also be kind of annoying typing in the security code every time when logging in too.
____________________________

#4 Apr 29 2011 at 3:46 AM Rating: Good
Avatar
**
531 posts
ShockTopMagic wrote:
I've considered it, but it would also be kind of annoying typing in the security code every time when logging in too.


Initially I thought this too. However after having one and knowing it helps make my account safer, I am glad to have one and I would suggest you get one too. It's just another line of defense to protect your account basically. Also, once you keep putting in the 6 digit random numbers you start to get used to the routine and it won't bother you as much.
____________________________






#5 Apr 29 2011 at 4:29 AM Rating: Good
*
107 posts
ShockTopMagic wrote:
I've considered it, but it would also be kind of annoying typing in the security code every time when logging in too.



Better than jumping through hoops to prove you are the account holder, AND it takes < 3 seconds to enter it.

Trust me, you don't wanna go through an account claims procedure...EVER (yes personal experience has taught me this the hard way)
____________________________
If Square Ran ****...

<<<<Welcome to ****!>>>>
<Noob63> ...
<Devil666> LFG STN67/LAW25
<Hitler> lvlsubunubkthxbye
We seem to be experiencing **** Freezing Over. Emergency Maintenence is scheduled to start in 15 mins so tough luck to all you trying to enjoy Dynamis Heaven!
#6 Apr 29 2011 at 9:17 AM Rating: Good
Yes, I have a token also. The best way to go.
____________________________


http://theforsakenlink.com

5040 X 1050 with Matrox Triple Head 2 Go
480 in SLI
I-7 950 OC 3.68 Ghz, 12 GB DDR3 1600
1000w PSU
#7 Apr 29 2011 at 10:14 AM Rating: Decent
Scholar
35 posts
I find it too much of an effort to just insert the password all the times ! How can you insert both passwords and token code?! You must be crazy lol.
____________________________
Ffxiv name : Suzy Betlitt
#8 Apr 29 2011 at 11:17 AM Rating: Decent
***
1,313 posts
start a new notepad file.
Type your password into it (A good one that you can barely remember)
save it

Now when you want to play right click notepad icon, select that file, copy your pw, start FFXIV, paste your password.
____________________________
Eithne Draocht
My IG: archaicmachinery - Friend me!
#9 Apr 29 2011 at 1:03 PM Rating: Excellent
ShockTopMagic wrote:
Recently my account has been flagged for suspicious activity three times and all I've done is log in a few times to check out the new content of the recent patches... is this happening to anyone else? It's getting pretty frustrating changing my password each week.


I believe one of the flags for this is accessing one's account from multiple locations. I notice that you access Zam from a wide range of IP addresses. This is probably why you're runing into this problem.

Try contacting your ISP and telling them you want a static IP address if possible.

But what most others are saying is good advice too. Get yourself an authenticator, it's worth it by far.

Edited, Apr 29th 2011 12:03pm by Osarion
#10 Apr 29 2011 at 1:39 PM Rating: Decent
sk1887 wrote:
I find it too much of an effort to just insert the password all the times ! How can you insert both passwords and token code?! You must be crazy lol.


After you get a token, you make your password rediculously easy. Use the minimum characters... your name, a parents name, whatever you can easily remember.. **** your phone number (assuming you know it by heart, but from your post I doubt it... no worries I don't know my UK mobile number by heart and I've had it for 3+ years).

Then you put in easy pass and type in the 6 digits your key provides. Only downside is unless you take the key with you everywhere you can't even access official forums from other places, but it's blocked at work so a non-issue for me.
____________________________
FFXI:Sylph - Perrin 75 Hume THF; Retired (At least from my use any way)
EVE Online:ScraperX; Retired
WAR:IronClaw- Peryn SW;SkullThrone- Grymloc BO; Retired


#11 Apr 29 2011 at 2:04 PM Rating: Excellent
sk1887 wrote:
I find it too much of an effort to just insert the password all the times ! How can you insert both passwords and token code?! You must be crazy lol.



Ummm, not crazy. A short little effort that saves a lot of work from verifying the account, having it stolen, etc., etc. If enetering passwords are too much of an effort, then ...... Darn, momma always told me if I've nothing nice to say.....

Smiley: smile
____________________________


http://theforsakenlink.com

5040 X 1050 with Matrox Triple Head 2 Go
480 in SLI
I-7 950 OC 3.68 Ghz, 12 GB DDR3 1600
1000w PSU
#12 Apr 29 2011 at 3:40 PM Rating: Excellent
*
109 posts
Transmigration wrote:
start a new notepad file.
Type your password into it (A good one that you can barely remember)
save it

Now when you want to play right click notepad icon, select that file, copy your pw, start FFXIV, paste your password.


Keep in mind many keyloggers also have the ability to pull things from your clipboard
____________________________

Kashius wrote:
Things WoW did not invent:
...
- Fun
#13 Apr 30 2011 at 10:46 AM Rating: Decent
Scholar
**
283 posts
I would be willing to bet its multiple locations you log in from and not someone hacking into your account. The fact is people get accounts hacked from keyloggers and fisher emails. If you are smart you can avoid all of this with out the use of a token. I have never had an account hacked and never use tokens. If you have a strong PW and know what you are doing online and how to keep your info safe I don't think you are getting hacked. It is more likely SE thinks more than one person is trying to use your account.

There have been people hacked in games like RIFT that had nothing to do with keyloggers and fisher emails but the people who was doing it attacked the game server side and no token would protect you from that. You really want to be free of all the crap people do to steal from you step away from Windows Download Linux Mint and learn to use wine. I play on a Linux box and love it. And you really don't need to be afraid of all the dirty tricks people pull online other than fisher emails. But if you don't know how to spot a fisher email I would say read up on them before you put any info online.
#14 Apr 30 2011 at 4:32 PM Rating: Excellent
Edited by bsphil
******
21,739 posts
tpgsoldier wrote:
I have a security token so it never happens to me, it might be a good investment for you too : )
Not if all you're doing is logging in to see what the new patch did and then logging back out. If he was a bit more serious about playing then I'd say it's worth it.

Although this doesn't sound like an account breach issue.
____________________________
His Excellency Aethien wrote:
Almalieque wrote:
If no one debated with me, then I wouldn't post here anymore.
Take the hint guys, please take the hint.
gbaji wrote:
I'm not getting my news from anywhere Joph.
#15 Apr 30 2011 at 6:43 PM Rating: Decent
Scholar
**
270 posts
Osarion, Goblin in Disguise wrote:
ShockTopMagic wrote:
Recently my account has been flagged for suspicious activity three times and all I've done is log in a few times to check out the new content of the recent patches... is this happening to anyone else? It's getting pretty frustrating changing my password each week.


I believe one of the flags for this is accessing one's account from multiple locations. I notice that you access Zam from a wide range of IP addresses. This is probably why you're runing into this problem.

Try contacting your ISP and telling them you want a static IP address if possible.

But what most others are saying is good advice too. Get yourself an authenticator, it's worth it by far.

Edited, Apr 29th 2011 12:03pm by Osarion





Quoting to make this a lil more obvious. This would be your answer :)
Happens to me too as I have two net connections and going between them gets me the suspicous warning.
____________________________
Refreshed ¦ Reborn
Shori Ohrensztein ¦ Ragnarok ¦ ACN
Reebie Baramnesra ¦ Midgardsomr ¦ MRD
#16 May 01 2011 at 7:44 AM Rating: Decent
Scholar
35 posts
PerrinofSylph, ****** Superhero wrote:
...

River75, Assassin Reject wrote:
...

Hey I do remember my password lol. It's more than 10 characters, so I just find it to be an hassle to enter it and I would love a save password function, just like I happen to have with the email clients :)
About the token security, I thought you had to insert both password and token code. As I read a post here, it seems like just the token code is required. Either way I will stop complaining.

To OP. Maybe you use a mobile ISP? I happen to see different IP on my mobile connections, mostly from European countries. I think it will be hard to keep the same IP in this case.
____________________________
Ffxiv name : Suzy Betlitt
#17 May 01 2011 at 8:28 AM Rating: Decent
No you have to type in your password in addition to the security code. It would be nice if owners of the security token had a save password feature, but I'm not holding my breath.
____________________________
FFXI:Sylph - Perrin 75 Hume THF; Retired (At least from my use any way)
EVE Online:ScraperX; Retired
WAR:IronClaw- Peryn SW;SkullThrone- Grymloc BO; Retired


#18 May 01 2011 at 3:47 PM Rating: Good
PerrinofSylph, ****** Superhero wrote:
No you have to type in your password in addition to the security code. It would be nice if owners of the security token had a save password feature, but I'm not holding my breath.


agree
____________________________


http://theforsakenlink.com

5040 X 1050 with Matrox Triple Head 2 Go
480 in SLI
I-7 950 OC 3.68 Ghz, 12 GB DDR3 1600
1000w PSU
#19 May 03 2011 at 11:36 AM Rating: Decent
Scholar
**
327 posts
Osarion, Goblin in Disguise wrote:
ShockTopMagic wrote:
Recently my account has been flagged for suspicious activity three times and all I've done is log in a few times to check out the new content of the recent patches... is this happening to anyone else? It's getting pretty frustrating changing my password each week.


I believe one of the flags for this is accessing one's account from multiple locations. I notice that you access Zam from a wide range of IP addresses. This is probably why you're runing into this problem.

Try contacting your ISP and telling them you want a static IP address if possible.

But what most others are saying is good advice too. Get yourself an authenticator, it's worth it by far.

Edited, Apr 29th 2011 12:03pm by Osarion


Confirming that this is the case, from personal experience too:

Everytime i log into the game from anywhere other then my home location for the first time my account is instantly flagged and I have to go through the process of changing my password and all of that good stuff. The good news is once I've been to a location once and gone through that shenanigans I don't have to do it again the next time I visit(yet anyways :P)
____________________________
FFXI: [Asura] "Midou" (PLD) || FFXIV: [Bodhum] "Midou Lii" (???) || EVEOnline: "Thion Li"


#20 May 22 2011 at 8:27 PM Rating: Good
Avatar
***
2,878 posts
Im someone who travels CONSTANTLY and this happens in just about every hotel I am at. IT REALLY blows.
____________________________
OniElvaan the Eccentric wrote: I hate my cat so ******* much right now, not because she decided to have her kittens at 5am in my bed, that happens. No I hate her because she decided to have her kittens at 5am in my bed on my chest...

#21 May 23 2011 at 4:20 AM Rating: Good
**
967 posts
Would rather have my account locked each time, than have it emptied by RMT. 5 minutes of my time versus the last few weeks of pure grind? Yes I will take the 5 minute inconvenience thanks.

I too have a Security Token, and tend to not play MMo's that don't offer them anymore. Just not worth the time to get compromised.
____________________________
My FFXIV Blog

#22 May 23 2011 at 6:08 AM Rating: Good
Bakkasan wrote:
Im someone who travels CONSTANTLY and this happens in just about every hotel I am at. IT REALLY blows.



Get the authenticator, the only way to travel.
____________________________


http://theforsakenlink.com

5040 X 1050 with Matrox Triple Head 2 Go
480 in SLI
I-7 950 OC 3.68 Ghz, 12 GB DDR3 1600
1000w PSU
#23 May 23 2011 at 7:29 AM Rating: Decent
***
2,214 posts
I'm sorry you are having this problem, I can related. While I use the keyfob, my wife did not (she will be if she ever gets her account back), but her email got hacked, then she lost access to her FFXIV account. So, SE now, in order to protect her account will not let her back in. They keep saying they will send a form she can notarize and send back to regain access, but we have actually given up, and are now trying to get her email account back, since that seems easier to deal with.
#24 May 23 2011 at 7:41 AM Rating: Decent
**
967 posts
You should always bare in mind though that your account being compromised is not the fault of SE, it is your own fault, there is no one else to blame, so anything they do following your compromise is a bonus, and not something they have to assist with.

Bottom line: Account Security > Looking at tentacle ****
____________________________
My FFXIV Blog

#25 May 23 2011 at 7:43 AM Rating: Decent
Scholar
Avatar
***
1,339 posts
I find it incredibly, pathetically sad that people find typing in a password and/or a code (all of which is MAYBE 10 seconds tops) to be too much work.

There's laziness, and then there's laziness.
#26 May 23 2011 at 10:42 AM Rating: Decent
Scholar
**
295 posts
I also use the authenticator. I enter my password which takes about 2 seconds, and then I enter in the code which takes another 2 seconds. It takes longer to zone into the world then it takes to log in. Then, in addition, I never have to worry about my account becoming "compromised", which means I never waste my time dealing with things like that. It also makes my account much more secure, so I never worry about being hacked. Unless they can figure out the algorithm to my account's rotating security code. :P
#27 May 23 2011 at 10:50 AM Rating: Decent
**
967 posts
Nathanael wrote:
I also use the authenticator. I enter my password which takes about 2 seconds, and then I enter in the code which takes another 2 seconds. It takes longer to zone into the world then it takes to log in. Then, in addition, I never have to worry about my account becoming "compromised", which means I never waste my time dealing with things like that. It also makes my account much more secure, so I never worry about being hacked. Unless they can figure out the algorithm to my account's rotating security code. :P


Actually to play devils advocate, the way they hack your authenticated account is a little more simple. All "hacks" (no one is getting hacked, you are nearly always getting keylogged) rely on keyboard entry or clipboard copy/paste. Now these "hacks" are done with scripts, there is no little chinese man sitting there entering details, it is almost entirely automated. The keylogger takes your Username and Password, and pops it into the next free console in the tree, logs in and a script runs which empties your account, clearing all gear, and gil, trading it/sending it away, and then logging out, deleting the character, and moving on.

Now, to hack an authenticator is uncommon, but happens, and here is how:

1) You access your game client, and have login screen in front of you.
2) You type your username and password in, while the keylogger is running in the background
3) The keylogger is linked up with a computer at the other end, entering your details live
4) You enter your authenticator code, and this is entered live too
5) The foreign PC logs in before you, using your auth code, and the script runs, nuking your entire character of gil and gear, which only takes seconds, while you sit and attempt to login again

This is called a man in the middle attack, and is the current only known way authenticators get hacked, so don't think because you have one you have immunity, you merely have a much higher chance of a safe account. The best way you can be, is to have a live virus checker running all the time, and secure your PC firewall, and have an authenticator.

Requesting a "The More You Know" rainbow please :D
____________________________
My FFXIV Blog

#28 May 23 2011 at 11:00 AM Rating: Default
**
557 posts
If it's a keylogger, it's not a man-in-the-middle attack. MITM attacks are used to circumvent SSL, AFAIK.
____________________________


#29 May 23 2011 at 2:34 PM Rating: Decent
*
140 posts
Get your Security Token Key dude.
____________________________
Shaman/Asura (Retired)
75-SAM 40-WAR
37-DRG 31-BLU
30-PLD 18-NIN
37-DNC 15-THF
37-RNG 20-BST
10-WHT



#30 May 23 2011 at 4:38 PM Rating: Decent
**
967 posts
miss post

Edited, May 23rd 2011 6:38pm by clarkeyboy
____________________________
My FFXIV Blog

#31 May 24 2011 at 10:32 AM Rating: Decent
Scholar
**
295 posts
wth are you talking about Clarkeyboy? My post was about my authenticated account (aka security token secured). Why did you quote me to talk about what I was already talking about as if I wasn't already doing it?
#32 May 26 2011 at 8:07 AM Rating: Default
**
967 posts
Nathanael wrote:
wth are you talking about Clarkeyboy? My post was about my authenticated account (aka security token secured). Why did you quote me to talk about what I was already talking about as if I wasn't already doing it?


You mentioned for them to "hack" an authenticator, they need to work out your algorithm for your authenticator, which was what I was explaining to be a far more complicated option than simply man in the middling you.
____________________________
My FFXIV Blog

#33 Aug 30 2011 at 2:17 AM Rating: Default
5 posts
Not sure if this helps any but after reading several of these posts it seems that your ip changing is the most likely culprit. I recently had an issue where my isp was doing some sort of maintenance while we were playing and knocked us out of game. As we logged back in; my wife, roommate and I all got that message saying we had allegedly been compromised and had to change our passwords. 2 of us bought the collectors editions when they came out so Im sure we have our little key device somewhere...though in the event we can't find it, about how difficult is it to go about replacing one?

Hope this helps and thanks in advance.

As a PS: I agree with most of the posters in here that I would rather them have me change my password or use the little key device rather than have some random hack roaming around with my account or my lady's. Good job SE. ^_^b
Necro Warning: This post occurred more than thirty days after the prior, and may be a necropost.
#34 Aug 30 2011 at 12:17 PM Rating: Decent
Scholar
**
377 posts
You can buy more in the Square Enix account page, at the left sidebar, click one-time password and it says enter one or order one.
#35 Aug 30 2011 at 2:29 PM Rating: Decent
5 posts
******** thanks. I suppose we've had it free for the last yearish...im sure I can handle the 15 or 20 bucks or whatever it is. :D
#36 Feb 10 2012 at 1:07 PM Rating: Default
1 post
I completely agree, tokens are a pain. I dont understand why they dont let us do what some other gaming sites do with sms verification. Its so much easier to telesign into an account than have to carry a token around. Even Yahoo and most of the social networks do this...
Necro Warning: This post occurred more than thirty days after the prior, and may be a necropost.
#37 Feb 12 2012 at 5:57 AM Rating: Good
***
3,825 posts
AliceJ101 wrote:
I completely agree, tokens are a pain. I dont understand why they dont let us do what some other gaming sites do with sms verification. Its so much easier to telesign into an account than have to carry a token around. Even Yahoo and most of the social networks do this...


Having an SMS verification system is easy if your product is only in a few countries... This game is more or less international and I don't think the costs are worth the benefit to SE. I'd rather that all MMOs came free with a key OR even better that you could buy a single name brand key (most seem to be made by the same company anyway) for all MMOs.
____________________________
FFXI:Sylph - Perrin 75 Hume THF; Retired (At least from my use any way)
EVE Online:ScraperX; Retired
WAR:IronClaw- Peryn SW;SkullThrone- Grymloc BO; Retired


#38 Feb 12 2012 at 8:08 AM Rating: Decent
Scholar
Avatar
***
1,339 posts
ShockTopMagic wrote:
I've considered it, but it would also be kind of annoying typing in the security code every time when logging in too.


This is an MMO and MMOs are time investments. The authenticator is a worthy protection of that time investment even if you never would have gotten hacked or flagged for suspicious behaviour at all.

As it is, I would find dealing with having to hassle with changing passwords constantly infinitely more annoying than simply putting in a 6 digit code that takes all of 2 seconds (3 if you can't hit the button and type on the numpad decently).

I refuse to play an MMO anymore without one of these available, even if I have to use my Android to accomplish it. It simply isn't worth the potential hassle down the line and they're dirt cheap (though SE's are, ironically, the most expensive of the bunch).

Edited, Feb 12th 2012 9:09am by Viertel
This forum is read only
This Forum is Read Only!
Recent Visitors: 21 All times are in CST
Anonymous Guests (21)