Please upgrade your browser for the best possible experience.

Chrome Firefox Internet Explorer
×

Major Security Threat - Authenticator useless

STAR WARS: The Old Republic > English > General Discussion
Major Security Threat - Authenticator useless
Reply

Page 1 of 14 1 2 3 11 > Last »

exovangam's Avatar


exovangam
01.29.2012 , 03:44 AM | #1
Over the last few days i have been dealing with a compromised account, i traced the source of this back to a key logger on my computer. so after formatting my computer i called tech support and reset my account just to have it compromised again the next day. in the end i had to format all 4 of my drives and reset my routers security measures to stop this.

The part about this that eluded me was that i have an authenticator on my account (physical not mobile) and couldn't understand how my info was being changed hours after i had logged off. for those of you that don't know the authenticator provides an 8 digit numerical code that is constantly changing which you supposedly have to enter to change any account info / log in or even post on the forums.

Well i learned through my ordeal that since your Origin and SWTOR accounts are linked that if your Origin / EA account is compromised and the password or Email is changed it completely bypasses your security authenticator and changes your SWTOR info.

This is completely unacceptable the whole point of a security authenticator is to be a last line of defense in case of being compromised and Bioware / EA have designed a workaround to bypass it which is really easy to do if someone manages to get your info.

Please Bioware unlink the accounts so others can avoid this scenario.

Runtinator's Avatar


Runtinator
01.29.2012 , 04:12 AM | #2
Thats why you use Virus Protection.
(had pretend CE key thing here)

JessianKaaneo's Avatar


JessianKaaneo
01.29.2012 , 04:16 AM | #3
Quote: Originally Posted by Runtinator View Post
Thats why you use Virus Protection.
stop popping onto websites that DOWNLOAD these keyloggers!
Laduran Kaaneo | Jedi Knight | E
Alliance of Europa Mature Guild - GMT (20-30 h/pw hoping), Social, Hardcore, TS, Hydian Way Server,

Runtinator's Avatar


Runtinator
01.29.2012 , 04:18 AM | #4
Quote: Originally Posted by JessianKaaneo View Post
stop popping onto websites that DOWNLOAD these keyloggers!
I know right?

I played Wow for 7 years (was in vanilla closed beta) and never used an authenticator.

I have never been hacked, or had a keylogger.....

I honestly have no idea how people let it happen
(had pretend CE key thing here)

Baghiel's Avatar


Baghiel
01.29.2012 , 04:18 AM | #5
Anti Virus cannot stop everything. They can only catch thigns that have been IDENTIFIED. If it is a brand new logger, then it won't be in the AV's database....
Inside everyone there is light, and there is darkness. It is the duality of human nature, inherent in us all. What will it take to bring your darkness to the fore?

thefinalsolution's Avatar


thefinalsolution
01.29.2012 , 04:20 AM | #6
Quote: Originally Posted by exovangam View Post
Over the last few days i have been dealing with a compromised account, i traced the source of this back to a key logger on my computer. so after formatting my computer i called tech support and reset my account just to have it compromised again the next day. in the end i had to format all 4 of my drives and reset my routers security measures to stop this.
blaming bioware for your shoddy computer security skills isnt a very nice thing to do. i have been playing mmos since before they had graphics(who else lost years of their lives MUD-ing?), and have never used an authenticator since they have been availaible...number of times my account has been hacked: 0. quit clicking on banner adds please.
"You can run, but you'll only die tired." -Boba Fett

Runtinator's Avatar


Runtinator
01.29.2012 , 04:21 AM | #7
Quote: Originally Posted by Baghiel View Post
Anti Virus cannot stop everything. They can only catch thigns that have been IDENTIFIED. If it is a brand new logger, then it won't be in the AV's database....
Worked for me for over 7 years..
(had pretend CE key thing here)

Pastorfrog's Avatar


Pastorfrog
01.29.2012 , 04:22 AM | #8
OP makes a really valid point, though. If there's a backdoor around the authenticators, that's a -major- issue.

lunabaguna's Avatar


lunabaguna
01.29.2012 , 04:23 AM | #9
Everyone is missing the point that the authenticator should never be bypassed. For gods sake they require it when I log into post in the forum, how can they not require it when changing this stuff?
Wow was copying Mario Brothers in every respect.
-A world (or many worlds)
-the color red in game
-you have to buy it

Mikkeos's Avatar


Mikkeos
01.29.2012 , 04:25 AM | #10
Whatever happens with keyloggers on the system should have absolutely no impact.

With the authenticator active, there should be no way for the attacker to remove it short of calling the support - or using the authenticator to log into the account management pages and use it again to remove it from the account.

Not to mention that we do not have the option to go into the account management pages to remove it on our own. ...
Q: So, is there anything at all in the game that mitigates falling damage?
A: elevators
Page 1 of 14 1 2 3 11 > Last »

Reply
STAR WARS: The Old Republic > English > General Discussion
Terms Archive | Privacy Policy | Terms of Service | FAQ | EUALA | Rules of Conduct | Online Safety | Contact Us
LucasArts, the LucasArts logo, STAR WARS and related properties are trademarks in the United States and/or in other countries of Lucasfilm Ltd. and/or its affiliates. © 2011-2012 Lucasfilm Entertainment Company Ltd. or Lucasfilm Ltd. All rights reserved. BioWare and the BioWare logo are trademarks of EA International (Studio and Publishing) Ltd. EA and the EA logo are trademarks of Electronic Arts Inc. All other trademarks are the property of their respective owners.