The Elder Scrolls Online

Password warnings

Leave a Reply
Calagari
Calagari
2 weeks ago I received several notifications from ESO that there were attempts to log into my account that didn't come from my ip.
I changed my password to a more complicated one and have not received anymore notifications.
I think we should all change up our passwords frequently. I know I am.
  • TaSheen
    TaSheen
    ✭✭✭✭✭
    ✭✭✭✭✭
    Yeah. I haven't had any notifications, but I routinely change ALL my passwords every couple of months. 150+ passwords.... takes time....
    ______________________________________________________

    "But even in books, the heroes make mistakes, and there isn't always a happy ending." Mercedes Lackey, Into the West

    PC NA, PC EU (non steam)- four accounts, many alts....
  • Amottica
    Amottica
    ✭✭✭✭✭
    ✭✭✭✭✭
    There are several things.

    1. Do not use the same password for the email and the game. The same thing goes for banking. Re-using passwords is essentialy giving everything away. They get one and they have it all.

    2. Complex passwords are a must; changing them occasionally, as the OP suggests, is best. Complex is not 123443211234

    3. When a news story or anything indicates passwords have been stolen, making some changes is a good idea.

    I knew a guy who blamed ESO for his account being hacked. He said he knew he had a good password since it had served him well since the early days of WoW. My guess is he used that password for everything.

  • Calagari
    Calagari
    I lost a good friend/player a few years back. He played on a Mac and his game account (not ESO) got hacked. Said he tried to work with support to get it back, in the end he never got the help he wanted or needed and quit the game.
    Funny how the loss of one player can affect how you play from then on. To me that game was never the same after he left. Eventually I gave up the game as well.
    Since then I have tried to be aware of password changing.
  • Amottica
    Amottica
    ✭✭✭✭✭
    ✭✭✭✭✭
    Calagari wrote: »
    I lost a good friend/player a few years back. He played on a Mac and his game account (not ESO) got hacked. Said he tried to work with support to get it back, in the end he never got the help he wanted or needed and quit the game.
    Funny how the loss of one player can affect how you play from then on. To me that game was never the same after he left. Eventually I gave up the game as well.
    Since then I have tried to be aware of password changing.

    Why is there a concern about changing passwords?

    I am sorry your friend lost their account and moved on, but based on what is stated, it was due to being hacked. Not due to them changing their password. If they had used a complex password and changed it from time to time and did not reuse the password for other things like email, it would have been less likely they would have been hacked.

    Again, best practice is to use complex passwords, not short ones. Do not reuse passwords, especially among accounts and the email associated with them. Doing so makes it a lot easier for people to take our stuff away. Please do not make it easier for them.


  • Tandor
    Tandor
    ✭✭✭✭✭
    ✭✭✭✭✭
    A friend and I both had our accounts to a game hacked some years ago, coincidentally in each case it was immediately after changing our passwords routinely. We both suspected a breach at the game's end, related to the act of changing the passwords and probably involving the traffic between our computers and the account database being compromised.

    If an account hasn't been hacked before today, why is a new password going to be any more secure than the old one tomorrow (assuming both are equally unique and complex)?

    Failing to change an already unique and complex password routinely is not a major cause of account hacking in my view, the biggest causes are more likely to be sharing a password (quite common in gaming among friends and guildmates as well as housemates) or interacting with criminal websites through e.g. gold buying. There's also, of course, the hacking of the application database itself.

    We're advised on the one hand not to use the same password for multiple applications, while on the other hand to entrust all our password requirements in one password manager where a single breach will compromise all our passwords. Has there ever been any reliable research done into the actual, as opposed to perceived, superior security afforded by password managers?
    Edited by Tandor on 12 November 2024 21:37
  • AzuraFan
    AzuraFan
    ✭✭✭✭✭
    ✭✭
    I took a cybersecurity course recently and the teacher/expert said that making people change their passwords regularly (like businesses do) is a terrible idea. As the poster above me said, if you're using complex unique passwords for every service/site, changing the password isn't going to do anything. It can make people write them down in insecure places because they don't want to have to remember a new password every 6 months or whatever arbitrary time period is chosen.
    Edited by AzuraFan on 12 November 2024 21:26
  • Tandor
    Tandor
    ✭✭✭✭✭
    ✭✭✭✭✭
    AzuraFan wrote: »
    I took a cybersecurity course recently and the teacher/expert said that making people change their passwords regularly (like businesses do) is a terrible idea. As the poster above me said, if you're using complex unique passwords for every service/site, changing the password isn't going to do anything. It can make people write them down in insecure places because they don't want to have to remember a new password every 6 months or whatever arbitrary time period is chosen.

    Interesting, thanks!
    Edited by Tandor on 12 November 2024 21:37
Sign In or Register to comment.