Discussion: New Security Update on NCsoft Master Accounts

while I appreciate NCSoft's attempt at more security, Unfortunately, the who preset question is not secure.

The majority of web sites, beside Real World places with security questions, use the same questions. Mother's Maiden Name and Pet being probably the most common. This actually creates a situation where knowing these answers, which takes a little research but can be figured out, a security risk. With those same answers, a decent cyber-crimnal could use social techniques to get passwords reset for things such as your bank account, credit cards, and plenty more.

Please for people to come up with their own question and answer. Makes it a bit more secure.

Now about those SecureID cards with the numbers that change every x seconds. Its a private encryption algorythm which when typed in within the alloted time frame, allows a computer to prove that the person logging into it has rights to.

I actually only ever put in gibberish into those fields precisely because I think those security questions are never actually ever secure.

Now I'm afraid I'll end up locking myself out of my NCSoft account forever. If I disappear at the end of the month, you'll know why!

Whatever questions there are, do NOT use real answers. Real answers can be easy to find especially if someone knows you. People most likely to steal your account, what do you know, also people who know you.

Write them down if you have to, but many famous people (including Prez Obama) had accounts stolen because they used real answers to challenge questions.

I run coh NA and EU from 3 different computers. Can you talk more about the authorization? Will this apply to EU accounts too?

Edit. I don't think this is a big deal. I get one-time auth that allows me to add the computer.

I don't like the sound of this.

1) I agree that forums and game accounts should have different passwords but it was NCSoft who decided that our forum logins should be the same as our NC login. That was a dumb plan at the start.

2) To purchase the boosters I use a proxy because otherwise I can't see the booster packs on the NCStore. It decides I'm in the UK and won't show me the USA links which are INVARIABLY up and working much much sooner than the EU store. How am I supposed to purchase items with this system.

More information required.

Just went through this on one computer. Gawd... I totally forgot that I had answered Security Qs when I first set up my NCSoft account nearly 5 yrs ago.

Thankfully, they were Qs I could easily remember. As to what they are, one could be easy to crack, the other isn't as easy to know unless you knew me and my habits rather well.

So I should be good when accessing it from at least one computer. Still have to try one other Computer to see if I have to go through security hoops on it.

Thank you for the time...

@Travlr (Main) / @Tymers Realm (Test)

If you get the questions wrong five times you are locked out of your master account.

I hope you all have good memories. There should have been an option to put in new information rather than hope people can remember what was said years ago. I for one NEVER give real info (mothers maiden name etc) that is bad security.

*Reads the thread title*

OOHHH!!! They are fixing the silly regional security!


*Then reads Avatea's announcement*


OH....They are adding more silly security and not fixing the already broken silly security


*Goes and cries in a corner pondering the next add-on I might want to buy and the 3 day quests I have to go on to buy them*

This is the WORST idea they have ever come up with. I was trying to log in and got stonewalled, I don't remember the answer to the password hint question, so I emailed for the answer and again was stonewalled. I had to change my password for NCsupport, since I couldn't get in, then when I tried the tab
"I know my NCsoft master account password but I do not know the answers to my Password Hint Questions"
I got a wonderful page full of....

I join here Kismet Angel and Myskatz. I have reported this to support and i hope they bring me positive news. I want to continue playing the game that i have loved for the last years. Even a casual player, this is on my top list of things i had enjoy in my whole life. I don't want April 8 to be my last day....

Avatea, I know you are just the messenger, but now that I'm getting questions from 6 years ago, I have this response for you to take back to NCsoft:

Quote:

Originally Posted by Avatea We are increasing our security measures again by setting up additional security questions for all accounts. This enhanced system is part of our ongoing effort to ensure a safe and secure gaming environment for you.

I'm sorry, that is a load of manure.

Quote:

Originally Posted by Avatea New Security Feature Added We will be turning on a new security feature that verifies that you are logging in to your NCsoft® Master Account with a computer authorized by you. To help prevent unauthorized access to your NCsoft Master Account, you will need to confirm your identity when you attempt to log in to a different computer. This new security feature is part of our ongoing effort to ensure a safe and secure gaming environment for you.

This does absolutely NOTHING for my security, except make it worse. Why? It is going to be worse as I'll now have to put either something that is (a) easy for others to guess or (b) have a secured record of my answers somewhere.

Quote:

Originally Posted by Avatea How Does This Work? You correctly answer some additional security questions. Verifying this information authorizes a one-time login. Once your identity is confirmed, you can add a computer to an approved list. You are trying to log in for a computer that has not been approved by this account. For security purposes, please answer these security questions to verify this computer's use.

This would be either based on my IP Address (which could change beyond my control) or based on a cookie which could expire in a session or around 14 days. So if I'm not constantly logging into my master account (something I shouldn't have to do), the player will always have to re-verify their accounts.

This is got to be the single stupidest thing I've EVER experienced from this game.

Quote:

Originally Posted by Avatea Password Hint Questions Your answers must exactly match those on your account, including the capitalization. These questions must be answered correctly to proceed past the authorization stage and reach your NCsoft Master Account.

Ooh, something I put into a throwaway field 6 years ago... Yeah, I'm going to remember that. Also there isn't an option to get a different set of questions.

Quote:

Originally Posted by Avatea If you don't remember what information you entered when you registered your account, please contact Support (North America or Europe).

I'm betting support will wish the idiot(s) responsible for this change would be smacked more than I do.

------------------
Edit:
Oh this keeps getting better:

Quote:

Serial Codes/Access Keys Provide all serial codes/access keys that have been added to your NCsoft master account. If you aren't sure where to find these, click here. If you are unable to provide all of your serial codes/access keys, please explain when submitting your information.

What a <censored> joke. If you make a purchase with the NCsoft store, YOU DON'T GET THE FULL CODE. Some one really should have job discipline action taken on them for this.

Triumph: White Succubus: 50 Ill/Emp/PF Snow Globe: 50 Ice/FF/Ice Strobe: 50 PB Shi Otomi: 50 Ninja/Ninjistu/GW Stalker My other characters

Ditto on the "Heck if I remember my security question from 5+ years ago".


That was 5 years, 3 computers, and 1 house ago.


And I'm not sure I can even ask Support, cause all I think I'm getting is the EU version, there's no option for non-EU CoH on the list....

This "Security Update" is a pointless irritation.

Looks like it's time to email bomb Support. Based on their reputation, I expect this to be sorted out in no time at all!

Also, why should I care if my account gets hacked? Is some beneficent hacker going to buy me the Mutant Pack?

Well, I'm locked out of my NCSoft account.
That's cool, because I was on there last night looking for security questions to change

By the way, copied from support's page, since this is probably billing

As a former eu player now playing us side which support am I meant to contact? And am i expect to provide every serial code across the board? Actually given that it was 5 years and 2 houses ago I don't even have my Eu serial codes.

This is inane.

Edit : And yes. I'm locked out, because apparently I don't know my girlfriends name. Way to go NcSoft web team. Just when I thought you couldn't get more useless.

Idiotic. You can't decide 5 years after the event that certain personal questions which had no meaning are suddenly critical to access your account.