Jump to content

Account security


Recommended Posts

There's no 2 step authentication for accounts on here, no. I would suggest making sure to secure the email associated with your account with some kind of authenticator though, since losing your email can basically mean losing your account as well. 

Link to comment
  • 2 weeks later...

Just wanna bump this

 

I see @Kizhaz very very secure....

 

I really think this should be done asap with the recent hacking activity's in game.

 

Getting an authenticator is something that really has to be done. Maybe having an code you have to typ to get into your PC would be a great idea, something similair as in Runescape. 

 

 

Link to comment
19 minutes ago, Mnemosyne said:

Just wanna bump this

 

I see @Kizhaz very very secure....

 

I really think this should be done asap with the recent hacking activity's in game.

 

Getting an authenticator is something that really has to be done. Maybe having an code you have to typ to get into your PC would be a great idea, something similair as in Runescape.

Historically, accounts which have been broken into here were due to password reuse with a compromised website (Pokemon Showdown leaked their database in 2015, Pokecommunity has leaked recently too, and I think the former is listed at haveibeenpwned). We're not aware of any data breaches on the forums or in-game.

 

What we plan on doing in the near-future is adding additional checks to prevent "suspicious" logins occurring so that old accounts can't be attacked with password lists. 2FA is also something we will be considering on an opt-in basis.

 

Edit: In addition to 2FA, we heavily recommend usage of password managers like LastPass which generate a random password and store it for you. Reusing passwords is bad.

Link to comment
8 minutes ago, Kyu said:

Historically, accounts which have been broken into here were due to password reuse with a compromised website (Pokemon Showdown leaked their database in 2015, Pokecommunity has leaked recently too, and I think the former is listed at haveibeenpwned). We're not aware of any data breaches on the forums or in-game.

 

What we plan on doing in the near-future is adding additional checks to prevent "suspicious" logins occurring so that old accounts can't be attacked with password lists. 2FA is also something we will be considering on an opt-in basis.

I also read that in October 2016 Pokemon uguu has suffered from a data breach which has 830k accounts with IP, passwords, e-mails and all.

 

I hope we can get some good verification added asap.

 

Thanks for the quick reply Kyu.

 

 

Edited by Mnemosyne
Link to comment
7 hours ago, GenderPaste said:

Pick a good password, dont tell anyone your email. You will be fine. Any password with more than 8 characters that is not qwerty12345 is essentially uncrackable.

no you are not fine. Any password with more than 8 characters is crackable, pretty fast actually through brute force entry. Now if you mean a password with all kinds of caracters, then yes, you are half right. Also no, you can be hacked without people knowing your email through multiple methods which I won't discuss. You are never secure, you just have a 'sense' of security. The more careful you are, the harder it is to hack you.

Link to comment
1 hour ago, redspawn said:

no you are not fine. Any password with more than 8 characters is crackable, pretty fast actually through brute force entry. Now if you mean a password with all kinds of caracters, then yes, you are half right. Also no, you can be hacked without people knowing your email through multiple methods which I won't discuss. You are never secure, you just have a 'sense' of security. The more careful you are, the harder it is to hack you.

if you only use small letters, no numbers, no special characters.

And no you cannot be hacked without knowing the other login credential, unless the database itself gets hacked and then everyone is hacked no matter what anyways.

 

Also 99% of account hacks happen through phishing and not brute force.

Link to comment
9 minutes ago, GenderPaste said:

Also 99% of account hacks happen through phishing and not brute force.

well, that's a given.

 

 

9 minutes ago, GenderPaste said:

And no you cannot be hacked without knowing the other login credential, unless the database itself gets hacked and then everyone is hacked no matter what anyways.

Exactly, but there's a lot of ways one can obtain them, and a longer password wont save you. RSA couldn't be cracked and few years back someone cracked the 768 bits version. Security is just a thought, as of right now, nothing is 100% secured, nor is anything ''bullet proof'', obviously you won't see anyone wasting lots of resources and time into a game like pokemmo.

Link to comment
  • 5 months later...
2 hours ago, Azbrak said:

Bonjour,

 

Y'a un moment que je n'est pas joué a Pokémmo et la quand je veux me connecter il me demande un code de validation mais quand je vais voir dans mes mail je n'est rienn vous pouvez m'aidé ?

 

Merci d'employer exclusivement de l'anglais sur le forum officiel de PokeMMO ou au moins une traduction afin que tout le monde puisse comprendre. / Please, employ only english on the official forum of PokeMMO or at least a translation so everyone can understand. ~

 

Translation:

 

"Hello,

 

It's been a while since I last played PokeMMO and when I try to connect, I get a demand of validation code, but when I get in my mail box, there is nothing, can you help me?"

 

-------------------------------

 

Pour tout problème de client, merci de poster un résumé du problème  (en Anglais de préférence) ici: 

For every client related issue, please post a sumary of the problem (in English preferably) right here:

 

https://forums.pokemmo.eu/index.php?/forum/9-support-knowledgebase/

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use and Privacy Policy.