Silkroad Online Forums

A community forum for the free online game Silkroad Online. Discuss Silkroad Online, read up on guides, and build your character and skills.

Faq Search Members Chat  Register Profile Login

All times are UTC




Post new topic Reply to topic  [ 13 posts ] 
Author Message
 Post subject: Hacking preventions; JoyMax employees: please read this too
PostPosted: Thu Jan 04, 2007 9:45 pm 
Frequent Member
User avatar
Offline

Joined: Apr 2006
Posts: 1137
Location:
Troy
Ok, from my recent experiences I thought I'd add a few hacking prevention tips on top of the ones JoyMax is giving out:
1. Don't use your normal email address, name and surname when creating an account. Using that information a hacker can gain the first 4 letters of your accountname, which may be enough to guess the full account name.
2. Don't use a secret question the answer to which could be found out with some simple investigation. I was foolish enough to use my mother's maiden name; trust me: if they know your name, they can find out your mother's maiden name as well.
3. Use long passwords with alphanumerical characters; there are plenty of brute force password cracking programs out there, and the longer your password, the harder it is to crack it this way.
4. Tip to JoyMax: After answering the secret question, a random password should be sent to the email address of the account. You do NOT let people enter a new password without first logging into the account! In stead, a user should use the generated password in his email to log into his account, and THEN he can change his password.

I've noticed that a lot of good, honest, non-botting, non-cheating, non-gold/silk buying people have been hacked lately. This should be a sign. JoyMax, when an owner of an account comes to you with a claim that his/her account was hacked: investigate and return the account to the rightful owner asap. These are your loyal paying customers, who have worked hard to get where they are. They should not lose everything this easily, especially if it can simply be corrected by returning an account to the rightful owner. They should also not be ignored. I have so far written 6 emails and 3 bug reports, and have yet to receive even a single answer from JoyMax. :cry:

Truly, I love this game; I love playing it, and I love spending time with my friends there, but this whole adventure so far has left me very disillusioned. I really thought JoyMax would care more for their loyal paying customers. Please JoyMax, show me that this trust was not in vain. I've spent over 600 hours and $150 on silk purchases on this account so far, and it really hurts to lose it all like this. It also hasn't left much motivation for starting over and spending money on silk once again; knowing that in 6-12 months someone might just come, and do this to me again. :banghead:

_________________
[88] Vivace
Pure INT Bard/Cleric, Bard 88, Cleric 88

[83] Pinokkio
Pure INT Force Nuker, Force 83, Cold 83, Lightning 83, Fire 60

[81] Sybian
Pure INT KD Nuker, Bicheon 81, Cold 81, Lightning 81, Fire 60


Top
 Profile  
 
 Post subject:
PostPosted: Thu Jan 04, 2007 10:13 pm 
Senior Member
User avatar
Offline

Joined: Aug 2006
Posts: 4451
Location: reno
good tips sorry to hear about your char.
:(

_________________
Image
a work in progress...http://soundcloud.com/crowetic/trials


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 05, 2007 4:51 pm 
Active Member
User avatar
Offline

Joined: Aug 2006
Posts: 679
Location: South West London
What I really wish is if joymax let you change your username, or maybe your secret answer, preferably the username. IF you were able to change your username maybe like once a month or something, that would help drastically the hacking in this game, I doubt alot of people would be hacked and I like that password thing that you have to type in to change your password to what ever you want.

_________________
Yarkan locations Updated 12th Feb


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 05, 2007 5:08 pm 
Elite Member
User avatar
Offline

Joined: Nov 2006
Posts: 5136
Location: Final Fantasy Versus 13.
Good idea's..it would even make us sweat and worry less,if retarded joymax actually learned to fix theire mistakes.

They are like a flat tire,no matter how much air you pump into it,if you don't fix the hole,it will always go flat..

_________________
Bmw 6 Series owner. Bleach fan. Music Fan.
Image Reise for Mod.
~ Those who make peaceful revolution impossible will make violent revolution inevitable..


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 05, 2007 5:13 pm 
Veteran Member
User avatar
Offline

Joined: Feb 2006
Posts: 3503
Location: here
you should be able to change security/id. i just wish they showed some sign of them caring about what happens to us when we get hacked. assholes npced my monkey :cry:

_________________
Image
[Stealth] / [Ninjitsu] / [Relentless] / Image [Scoundrels]
Troy / Pacific / Venus / Fembria / Salvation / Theta / Origin Online - Genesis


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 05, 2007 5:24 pm 
Regular Member
User avatar
Offline

Joined: Sep 2006
Posts: 323
Location:
Alps
I have to say, point 3 is a very good idea and should be taken into consideration by LagMax. But in the end what is going to happen? nothing.

LagMax has botters, CCF'ers and Gold Buyers all buying their silk and to be entirley honest, $150 to them is a piece of gum on their shoe. Sorry to say it how it is but thats the pure truth, and i doubt anything will ever change.

This just really sucks that legit people are getting hacked for no reason (By the sounds of things) :cry:

_________________
Gone to WoW!
Image


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 05, 2007 5:34 pm 
Advanced Member
User avatar
Offline

Joined: Sep 2006
Posts: 2446
Location:
Off Topic
Swifty wrote:
LagMax has botters, CCF'ers and Gold Buyers all buying their silk


CCFers dont buy silk, thats why they CCF, so they dont have too ¬_¬

Anywho, i tried to get hold of joymax a month or 2 ago about this type of thing... still no reply...

_________________
ImageImage


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 05, 2007 5:37 pm 
Regular Member
User avatar
Offline

Joined: Sep 2006
Posts: 323
Location:
Alps
Innovacious wrote:
Swifty wrote:
LagMax has botters, CCF'ers and Gold Buyers all buying their silk


CCFers dont buy silk, thats why they CCF, so they dont have too ¬_¬

Anywho, i tried to get hold of joymax a month or 2 ago about this type of thing... still no reply...


*xD* Thats a good way to look stupid lol

Thanks for pointing that out, I guess i just got caught up in the moment, but you catch my drift?

_________________
Gone to WoW!
Image


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 05, 2007 5:38 pm 
Banned User
Offline

Joined: Feb 2006
Posts: 4561
Location: aeratadfer
Has anyone got a hold of Joymax for anything?

I remember someone once posting a phone number to call Joymax. Was that real? Did it work? If so can someone post it again?

_________________
<<banned from SRF for rules violations. -SG>>


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 05, 2007 9:16 pm 
Ex-Staff
User avatar
Offline

Joined: Sep 2006
Posts: 5245
Location:
Off Topic
How about if you get anything wrong 5 times, you cannot try again for24 hours. Ie Secret answer, password, name, email. That way it will take a VERY long time for hackers to bruteforce accounts, and reduce the strain on the JM servers.

_________________
Ooh, I got a sexy ex-staff title!


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 05, 2007 11:38 pm 
Banned User
Offline

Joined: Aug 2006
Posts: 746
Location:
Venus
It's sad how unsecure everyone's SRO account really is, it would not be hard at all for JM to reprogram a few things and make this game a lot more secure from account hackers.

Some of my thoughts:

1.) Use the secret question only as a means to change the password if your email account has been shutdown/stolen. Instead, when you click "Forgot Password?", it should send an e-mail to you with a new randomly generated password like most websites do.

2.) Allow people to change their password from within their account settings. This way you can login, then change your password. If they wanted to make it even more secure, an email confirmation would be required for each account info changed.

3.) After 3 failed login attempts on the website or game, you are barred from logging into that account for 12 hours from the same IP address (this is mainly focused at hackers). This way if someone is trying to hack your account, they get 3 tries at it per 12 hours (unless they reset their IP), and you won't suffer from their attempts.

4.) A stolen account report page. Joymax could use a simple form to allow people to report their stolen accounts. You would submit all of your account information (First/Last name you signed up with, e-mail, password, secret question/answer), Joymax would then have an automated e-mail send you case ID#. Upon investigation, if the account has had major suspicious activity (i.e. someone logs on and puts all gold and items to another account, goes murderer), they will restore lost data to the account and possibly punish the account that the items were transferred to.


It's not difficult to brainstorm ideas to make this game more secure. Not to mention, most of the ideas wouldn't require a lot of extra programming. However, in the end I doubt Joymax will listen to our complaints and will most likely keep thier current system. It sucks but what can you do :(

_________________
<<banned from SRF for proof of botting. -SG>>


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 05, 2007 11:54 pm 
Regular Member
User avatar
Offline

Joined: Sep 2006
Posts: 323
Location:
Alps
The sad thing is

1) My computer hates http://www.silkroadonline.net and most of the link don't show or just don't work (I actually had to go to a mates house to make my acc. in the first place :? )

2) Even on another computer when i send for the e-mail to change my pass, i never get it :?

3) the whole system is flawed like everything else :roll:

What a life.

_________________
Gone to WoW!
Image


Top
 Profile  
 
 Post subject: Re: Hacking preventions; JoyMax employees: please read this
PostPosted: Sat Jan 06, 2007 1:05 am 
Advanced Member
User avatar
Offline

Joined: Apr 2006
Posts: 2429
Location: here
phulshof wrote:
I've noticed that a lot of good, honest, non-botting, non-cheating, non-gold/silk buying people have been hacked lately.
ya non silk buying thats probably the main reason

phulshof wrote:
This should be a sign. JoyMax, when an owner of an account comes to you with a claim that his/her account was hacked: investigate and return the account to the rightful owner asap. These are your loyal paying customers, who have worked hard to get where they are. They should not lose everything this easily.

cuz joymax will give a shit

phulshof wrote:
I have so far written 6 emails and 3 bug reports, and have yet to receive even a single answer from JoyMax. :cry:

dont wait for it your reply after 2yrs later will be.
please don't use 3rd party programmes because they steal ur account.

phulshof wrote:
I really thought JoyMax would care more for their loyal paying customers.

well sorry your wrong

im sorry bout ur loss but its all gone now start a new game.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 13 posts ] 

All times are UTC


Who is online

Users browsing this forum: No registered users and 22 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group