Mike O’Brien has some advice for security-conscious Guild Wars 2 players: Change your password.
ArenaNet‘s head honcho has that and more to say in a long post about account security, but the primary message is that the best way to keep your account secure is to not use your GW2 password anywhere else.
The basic truth is this: hackers steal game accounts because they already know the account name and password. They know them because they stole them (via security breaches or spyware) from another game or site where the person used the same account name and password.
So unfortunately, if the lesson you’ve learned from security advice through the years is to pick a single complicated password, memorize it, and then use it everywhere, that’s exactly the wrong lesson for today’s security environment. To keep accounts on different sites secure in today’s environment, you need to use a unique password for each account.
Oh, and don’t buy gold online (except via the Trading Post) because it encourages the hackers to hack. You know who you are, so knock it off, bookah.
O’Brien also updated people on the measures ArenaNet is taking or will soon take to increase security, including two-factor authentication using Google Authenticator and a 20-million-strong password blacklist that has dramatically cut the rate of account hacking.
And no, conspiracy theorists, there was no massive password database breach. At least, that’s what the big evil corporation wants you to think…