|
Ankama Shield (Beta): Account Security
|
 October 03, 2011, 15:48:29 |
#1
Ankama Shield (Beta): Account Security
As we announced to you just after the intrusion of the Ankama database, we are begining the beta testing phase for our new security system that will protect your account and your personal data: the Ankama Shield. This secure method of access will prevent anyone with ill-will from raiding your account from a strange computer, because you control your level of access!
This past August, Ankama faced a major intrusion. Our support team has managed to answers more than 80 000 tickets, and is currently assessing the actual losses of the players in order to establish a fair compensation for our players and customers who were victims of this intrusion. At the same time, the DOFUS team, in co-operation with the Support and Web teams, have been working on a new protection service for all Ankama accounts to help prevent problems like this in the future. And we're pleased to offer you the chance to try this new service, starting today. Ankama Shield, Protection for You and Your Account: The Ankama Shield allows you to limit authorized access to your account to one or more computers. No authorization, no access! If someone does gain access to your account, without authorization from the Shield, the account will revert to restricted mode, which prevents any type of item trading, or use of other game feature that might degrade your account in game or on our websites. You can manage your own account access permission settings on our site by logging in to your account management section. For more details, please visit our tutorial. For more security in game and on the web, activate your Ankama Shield! |
|
|
October 03, 2011, 15:57:44 |
#2
Good to hear! Checking it out now. First thing I noticed though, the "tutorial" link on this page is a 404 -
Click here Edit: Can you provide more details about how this improves website security? It seems to only secure the Dofus client. Browser sessions/UA strings can be spoofed etc. This post has been edited by Appono - October 03, 2011, 16:03:06. |
|
|
October 03, 2011, 16:41:23 |
#4
Finaly my voice is heard =]
|
|
|
October 03, 2011, 16:55:45 |
#5
Nice
 |
|
|
October 03, 2011, 16:57:24 |
#6
Dose that means we can't get hacket anymore?? o.o
|
|
|
October 03, 2011, 17:00:48 |
#7
When a thief access your account he cannot take your items since he will be using a different IP which will activate the safe mode.
|
|
|
October 03, 2011, 17:01:20 |
#8
Nice! Does it work for wakfu too?
|
|
|
October 03, 2011, 17:28:00 |
#10
Im assuming Ip address won't be the determining factor for identifying computers. People with dynamic IP would be ruined. Its probably connected to the Network Card of your computer.. Im not a techie, can someone confirm this?
FANTASTIC IDEA! |
|
|
October 03, 2011, 17:33:37 |
#11
Tried it using my cousins laptop to access my activated account. Work perfectly, I cannot transact/trade when the restricted mode was activated
I'm not entirely sure but... will this feature encourage account sharing? This post has been edited by Gunnerwolfang - October 03, 2011, 17:38:04. |
|
|
October 03, 2011, 17:45:20 |
#12
I've always suspected that most of the people who get "hacked" shared their password with a friend, against Ankama policies. I suspect that this new system will make it safer for them to do so, because theoretically the friend would be able to fight with your char (having fun and giving you more exp for you while you are offline) but they wouldn't be able to steal items.
Of course I'm sure this is not what Ankama has in mind for this feature, but it seems almost like an "okay" account sharing mechanism. |
|
|
October 03, 2011, 18:00:40 |
#13
Gunnerwolfgang - Can you confirm that you can conduct fights from non registered computers?
|
|
|
October 03, 2011, 18:05:56 |
#14
Quote (Mishna @ 03 October 2011 17:45)  I've always suspected that most of the people who get "hacked" shared their password with a friend, against Ankama policies. I suspect that this new system will make it safer for them to do so, because theoretically the friend would be able to fight with your char (having fun and giving you more exp for you while you are offline) but they wouldn't be able to steal items.
If you account share, the only way for your mate to use your account would be by registering his computer to use the account, therefore he could do whatever he/she wished with it including taking and selling all your gear. That's the way I understand it anyway. Of course I'm sure this is not what Ankama has in mind for this feature, but it seems almost like an "okay" account sharing mechanism. |
|
|
October 03, 2011, 18:08:22 |
#15
I do have some questions about this that weren't answered in the tutorial. Because I have other family members with characters on the same account, and they access those characters from different machines, does this make it impossible to continue playing this way? We've asked to be able to separate those characters and pay an additional subscription fee, but that's not an option right now.
After activating Ankama Shield, and choosing to temporarily deactivate the security system "for as long as one wants to play," does that mean we simply have to choose this option every time the other individual wants to log in and play the character? What would theoretically happen if the other option to permanently authorize the computer is chosen? Is the question never asked again at that point? Does that make it impossible to access the account from another computer in the future? Can we choose to permanently authorize a second or third computer on the same account, or will we be stuck with the first one authorized? Also, what does this security system mean for future liability for Ankama? Does this liberate them completely from responsibility toward any additional database security breaches? In other words, if we choose not to use the Ankama Shield feature and there is another security breach like the last one, will Ankama take any steps to secure the unsecured accounts? Or will they disregard it and say "too bad, so sad?" What if there were another security breach, this time somehow affecting accounts with the Shield system in place? Will Ankama approach that situation as it arises, or does this security system allow them the freedom to preemptively never have to bother themselves with account/item recovery ever again? Thank you for your time  |
|
|
October 03, 2011, 18:10:07 |
#16
That Good About Ankana Sheild That Keep Your Kama And Your Items Save
|
|
|
October 03, 2011, 18:10:13 |
#17
Quote (CollateralSeNSe @ 03 October 2011 18:00) Gunnerwolfgang - Can you confirm that you can conduct fights from non registered computers? I manage to fight mobs, and do challenge fight. Can't do alignment since I am neutral
Anti-account sharing measure? When I tried to join my group against monsters I was restricted with a message "You cannot do that as the two players do not have sufficient rights." This post has been edited by Gunnerwolfang - October 03, 2011, 18:17:23. |
|
|
October 03, 2011, 18:14:30 |
#18
Well I don't see why not, I guess ill give it a try just hoping this does not make my Dofus experience any more complicated.
|
|
|
October 03, 2011, 18:15:35 |
#19
Quote (Nonnok @ 03 October 2011 18:08) I do have some questions about this that weren't answered in the tutorial. Because I have other family members with characters on the same account, and they access those characters from different machines, does this make it impossible to continue playing this way? We've asked to be able to separate those characters and pay an additional subscription fee, but that's not an option right now.
After activating Ankama Shield, and choosing to temporarily deactivate the security system "for as long as one wants to play," does that mean we simply have to choose this option every time the other individual wants to log in and play the character? What would theoretically happen if the other option to permanently authorize the computer is chosen? Is the question never asked again at that point? Does that make it impossible to access the account from another computer in the future? Can we choose to permanently authorize a second or third computer on the same account, or will we be stuck with the first one authorized? Also, what does this security system mean for future liability for Ankama? Does this liberate them completely from responsibility toward any additional database security breaches? In other words, if we choose not to use the Ankama Shield feature and there is another security breach like the last one, will Ankama take any steps to secure the unsecured accounts? Or will they disregard it and say "too bad, so sad?" What if there were another security breach, this time somehow affecting accounts with the Shield system in place? Will Ankama approach that situation as it arises, or does this security system allow them the freedom to preemptively never have to bother themselves with account/item recovery ever again? Thank you for your time I think you can authorize up to 5 different computers, so your family should be ok to log on. But you would need to go through the email process on each one and pass the codes to them to enter on their machines I think. |
|
|
October 03, 2011, 18:15:52 |
#20
Here are some pertinent links for those with more questions:
How does this service protect me? If the service is activated and your account is unfortunately stolen, the thief will not be able to access the sensitive data of your account and its actions will be very limited in-game, since their computer is not recognized as a computer that is authorized to access your account. This means that the thief will not be able to alter your character or its inventory; the thief will not be able to join nor be joined by other players in fights. They also will not be able to use the chat interface, buy or sell items, or even interact with your paddocks or your house. They will not be able to use, or even access your Ogrines, and will not be able to access the Kama Exchange trade service. Access to other functionalities will be blocked. Obviously, it will be impossible for the thief to add their computer to your list of trusted computers as this requires a security code that is sent to your email address, which he will not be able to replace with his own, because access to the Account Management system will not be available to them on a non-authorized computer. How do I add a new computer? You can authorize a new computer to access your account in-game. When you log on from a new computer, this one will not be recognized as a trusted computer and a pop-up message will appear. You can either register this new computer for a single game session (advised for one-off and unsafe connections like cyber cafes, media centers, during travel, etc), or you can permanently unblock it (only advised for private computers). In order for this to be possible, we will send you a security code to your email address that is linked to your account. Make sure you have access to this email address. If you have unlocked a computer for the current session and a disconnection/reconnection takes place, you will have to repeat the entire process of access authorization. This is to make sure that your account stays safe. What is the purpose of authorizing an account for a single session? Authorizing a computer for a single game session is an option that you will be able to choose if you are connecting to your account from a certain computer sporadically - for example from a cybercafé, a library, a friend's computer, etc. Full access to your character and in-game functions will be granted only for that game session. If you get disconnected, access to your account from that computer will revert to a restricted mode. For additional security, in the event of a disconnection/reconnection, you will have to redo the entire process of access authorization for that computer at the start of your new game session. The process is exactly the same as the one for the activation of the protection service, adding a new computer to the list of trusted computers, browsers, etc: you will be sent a security code to the email address linked to your account. Therefore, you need to make sure you have access to this email address. There are other questions answered in our support Ankama Shield FAQ. |
|
|
October 03, 2011, 18:25:21 |
#21
Nice improvement, can't wait to try it out.
|
|
|
October 03, 2011, 18:32:42 |
#22
That answers my questions. Thanks loads!
|
|
|
October 03, 2011, 19:09:48 |
#23
FULL OF BUGS, I'M UNABLE TO ACCESS MY ACCOUNT MANAGEMENT NOW, DO NOT USE THIS PIECE OF CRAP, IT CAN'T EVEN SUBSCRIBE NOW, 3 YEARS FOR NOTHING!
|
|
|
October 03, 2011, 19:11:46 |
#24
This just makes your account security only as good as your email security. If you are keylogged then the hacker is likely to have access to your email and therefore can just add any computer they like.
I think it would be better if we were able to lock down authorizing new computers unless we have both email AND secret question/answer. |
|
|
October 03, 2011, 19:29:22 |
#25
I have a problem, every time i log onto the game and try to add my computer by unlocking restricted mode, it keeps asking me to choose a digital ceritficate, the list however is empty. Any one know whats going on?
|
|
|
October 03, 2011, 19:46:36 |
#26
Sorry for double post, but it now seems i cannot access my account management page. This is quite annoying...
|
|
|
October 03, 2011, 19:53:11 |
#27
|
|
|
October 03, 2011, 19:58:23 |
#28
Ankama Shield is a great idea, but I hope Ankama does not abuse this feature. If you don't know what I mean, it involves gathering more information about your computer... and what you do on it.
Best of luck. I hope this works. I'm trying it now and will inevitably fall into all the pit holes everyone else is who tries it. |
|
|
October 03, 2011, 20:07:49 |
#29
I've had this idea for a long time XD
|
|
|
October 03, 2011, 20:16:31 |
#30
Does it go off the mac address or ip if its mac we should be ok but you can still
put a false mac address in a fake packet. What happens if dofus gets hacked again and they get all our computer info too ? |
|
|
October 03, 2011, 20:26:19 |
#31
This is an awesome idea. I hope it proves its worth.
|
|
|
October 03, 2011, 20:28:26 |
#32
I love it. At first when you get to choose whether you want the continue with the restriction activated or deactivate it I though "Well that's not good, the hacker can just chose the unrestricted access and take everything." Of course, after that, I saw that you need to enter a code which is sent to your e-mail. And that's good.
Good job! |
|
|
October 03, 2011, 20:30:31 |
#33
Great guys, good job. Someone who was hacked more than 5 times, like me, apreciates that more than anyone alse.
|
|
|
October 03, 2011, 20:45:30 |
#34
I tested with one of my alt account on other laptop and it cant access it on my secured account.
So if I give that laptop acces to that account. Can't I trade or drop my items on that laptop? o.O (Read something like that) |
|
|
October 03, 2011, 20:46:19 |
#35
Lets just hope Ankama shield isnt as shitty as Feca's shields in any of the last 30 patches.
|
|
|
October 03, 2011, 20:53:14 |
#36
Be a good idea once you hhave all activated it to make a new email address
and change it just in case someone got your old email address!!! Also where it says enter telephone number still isnt fixed for 11 digit uk telephone number be good if that got fixed. Last point if we do get hacked again,will they now beleive we have been hacked if the computer is in uk then someone in america uses it for five minuites then i log on an hour later to find my stuff gone that i havent teleported to america and back for a five minuite dofus session seeing as it tells me now on the security page were and when my computer was accessed from? |
|
|
October 03, 2011, 21:19:25 |
#37
can the mobs be re-fix they so must up >.< and they harder to kill
|
|
|
October 03, 2011, 21:23:36 |
#38
Quote: "Nice Improvment, can't wait to try it out.
*A little time passes, and then the post below appears* Quote (Higure @ 03 October 2011 19:09) FULL OF BUGS, I'M UNABLE TO ACCESS MY ACCOUNT MANAGEMENT NOW, DO NOT USE THIS PIECE OF CRAP, IT CAN'T EVEN SUBSCRIBE NOW, 3 YEARS FOR NOTHING!
LOL. Too funny.
Benjamight |
|
|
October 03, 2011, 21:26:55 |
#39
Quote (Benja-might @ 03 October 2011 21:23) Quote: "Nice Improvment, can't wait to try it out.
Benjamight I really like you...Your humour is one of the best humours ever seen in my life =) Keep up ^^...I always look for posts of you in order to laugh a bit *A little time passes, and then the post below appears* Quote (Higure @ 03 October 2011 19:09) FULL OF BUGS, I'M UNABLE TO ACCESS MY ACCOUNT MANAGEMENT NOW, DO NOT USE THIS PIECE OF CRAP, IT CAN'T EVEN SUBSCRIBE NOW, 3 YEARS FOR NOTHING!
LOL. Too funny.
Benjamight But sometimes you are realllyyyy serious (IOPS FTw) Now serious ANKAMA SHIELD is in beta mode...that means that is in a test mode.It is not officially realeased...Want to test it? test it! You dont want to test it? dont test it..Also maybe akama servers crush down and password and login appear on google main page (xD) and stole your account...I am just saying  |
|
|
October 03, 2011, 21:52:11 |
#40
I just want my stuff back.. T_T
|
|
|
October 03, 2011, 22:10:04 |
#41
I'd love to activate it but when i log in it just says unauthorized certification... really pissing me off that ankama hasn't fixed that problem with my account since i cant even change my danm password from some random numbers and letters... they wont even answer my tickets anymore
|
|
|
October 03, 2011, 22:31:26 |
#42
JUST WANT TO STRESS TO EVERYBODY ONCE THIS WORKS
ACTIVATE IT AND GET A NEW SECURE EMAIL AND PUT IT ON ACCOUNT MANAGEMENT BECAUSE THE HACKERS 'FRIENDS' WHOEVER MAY ALREADY HAVE YOUR OLD EMAIL SO THEY CAN JUST ADD THIER COMPUTER TO THE LIST OF AUTHORISED COMPUTERS AND THEN THIS IS POINTLESS!!! |
|
|
October 03, 2011, 22:34:42 |
#43
Quote (canchoose @ 03 October 2011 22:31) JUST WANT TO STRESS TO EVERYBODY ONCE THIS WORKS
ACTIVATE IT AND GET A NEW SECURE EMAIL AND PUT IT ON ACCOUNT MANAGEMENT BECAUSE THE HACKERS 'FRIENDS' WHOEVER MAY ALREADY HAVE YOUR OLD EMAIL SO THEY CAN JUST ADD THIER COMPUTER TO THE LIST OF AUTHORISED COMPUTERS AND THEN THIS IS POINTLESS!!! If you changed your password like you were supposed to, that's a non issue. |
|
|
October 03, 2011, 22:38:53 |
#44
if it doesn't let people from other computer trade ill be glad to lend my account to my friends since they cant take anything away
 |
|
|
October 03, 2011, 22:39:40 |
#45
not really as you may have changed your password for dofus
but my password got reset and hacked after the database theft so for them to change my password means they have my email account also. when you request new password via website it send temp one to email. dont change it if ya dont want but if thy can hack a game company its pretty easy for them to have your email which is on the stolen database. any new requests get sent to your unsecure email. Dont take my advice stick with your old info then bitch when it goes pair shaped if it doesn't let people from other computer trade ill be glad to lend my account to my friends since they cant take anything away do you email friends? are there hacking programs free to download via internet. is email safe.nope.I wouldnt advise it myself. But i didnt share details and i got screwed. Also told tough when my stuff went. How much spam does everyones email have when you only just made the email? Loads of spam viruses,how did they get your account name to send it too? |
|
|
October 03, 2011, 23:07:25 |
#46
What about those people who lost their accounts do to the lost of the email accounts? What will be done for them?
|
|
|
October 03, 2011, 23:11:17 |
#47
This doesnt work i activated just logged on it says im unauthorised
i need to add my computer i did not been hacked yet but cant access my support to see who accessed my account last and why im unauthorised come on its not rocket science its computer programming IF mac address == authorised address THEN LET play (for security ELSE block mac address ,helps not to just allow data values BTW) WTF lets put it in computer speak IF i loose my stuff again THEN put as many hours into programming as i have this game GOTO destroy game==unhappy face 
looks like the dude was right!This is as much use as feca shield update This post has been edited by canchoose - October 04, 2011, 00:49:13. |
|
|
October 04, 2011, 02:58:41 |
#48
I have a feeling that when this is activated, if you restart your modem, then your locked out of the game, have to send in your ID and someday ankama will get around to unlocking your account...
|
|
|
October 04, 2011, 04:17:09 |
#49
have to send in your ID and someday ankama will get around to unlocking your account...
pretty much a FACT, noob programming and common sense, should have been implemented day 1.check account and mac then validate thus no need for support or countermeasures. But they still get it wrong,give me a job there french C++ is no different than english c++ even though its flash based ,all programming is the same just different syntax And 80,000 tickets big woop,check log for time date validate transaction give stuff back 3 days tops,its not spain with a break at dinner every day This post has been edited by canchoose - October 04, 2011, 04:24:56. |
|
|
October 04, 2011, 04:31:38 |
#50
Quote (ca-cat-cat-xxxxxxx @ 03 October 2011 22:38) if it doesn't let people from other computer trade ill be glad to lend my account to my friends since they cant take anything away ankama would also be glad to preemptively ban your account before you get around to sharing it and violating the game rules 
@canchoose, "rtfm" is the phrase you're looking for.
@pandora, MAC address =/= IP address. |
|
