Anatta Posted November 14, 2013 Posted November 14, 2013 (edited) Hey there, I wanted to pre-order this game really really bad for a while now but I simply can't get myself to do so with the state the website is in. What I'm talking about is the absolute lack of secure connection for registration and logging in via HTTPS/SSL. This means everytime I'm logging in and when registering, my password and e-mail is send plain text through the web. This is screaming for account theft and is even worse when money is bound to the account. I already tried to get contact to the people who are responsible via E-Mail multiple times but never got an answer so I hope I'll be lucky in here. I know there were already the same concerns for RoF by some people and they were dismissed by saying there never was a problem with it, but I don't think it's the right move to wait until something bad happens. I get the feeling that the topic is being avoided. So my questions were why there is no https site for this (it shouldn't be a big deal to set it up) and if they plan to do this so I can do a save order in the future. Also I hope the game itself does secure connections. Else it would be even worse. I am thankful for every bit of information. Would be really sad if this would prevent me from playing the game (I'm sure it's great). Edited November 14, 2013 by Anatta
FuriousMeow Posted November 14, 2013 Posted November 14, 2013 (edited) I hope you aren't using the same password for this account as you are on the email account you would use to register, that's a security issue that no SSL can fix. No personal information is retained, unless you fill in your full name, on the website. I have to manually enter CC information everytime, but I go through Paypal and that redirects to their SSL site for payment. Additionally, if you use a credit card you are again redirected to a SSL based site. No games utilize SSL for communications, that would add entirely too much overhead. So you could have your account password changed here and someone could malisciously post as you, but beyond that - no damage. Just email support and request a new password. In four years I can count how many times my account in RoF has been compromised - zero. All monetary based communications are secured. Edited November 14, 2013 by FuriousMeow 2
Anatta Posted November 14, 2013 Author Posted November 14, 2013 (edited) Thanks for answering. Yes, all you say is right and of course I use different passwords everywhere. I am aware that paypal uses SSL and that is not the problem I see. The payment part is absolutely fine. The problem is that as far as I can tell, the game is bound to my account, meaning if my account is compromised, the game and everything I may buy is potentially gone. And this account theft part is stupendously easy accomplished via a MITM attack. Edit: And about your RoF account being fine: As I said, that also was the argument used when I read the same concerns in the RoF-forums and I absolutely believe that nothing happened yet. Yet. That was my point. Edited November 14, 2013 by Anatta
Marrond Posted November 14, 2013 Posted November 14, 2013 (edited) The problem is that as far as I can tell, the game is bound to my account, meaning if my account is compromised, the game and everything I may buy is potentially gone. It is not. If anything like that would ever happen (which is highly unlikely unless you're target of attacks but then game account should be the least of your concerns) all you have to do is to email support with request to reset password to your account - all they need is number of banking transaction of your payment and eventualy ID scan. And that applies to literaly every game out there. Once you've purchased something with credit card or paypal in game (or the game itself from the developer) it's child easy to retrieve access, regardless if your account was stolen or you decided to sell it on ebay and then scam the buyer. (except that selling game accounts is allways forbidden in the EULA, but that's not important in this example) Edited November 14, 2013 by Marrond 2
1CGS LukeFF Posted November 14, 2013 1CGS Posted November 14, 2013 As I said, that also was the argument used when I read the same concerns in the RoF-forums and I absolutely believe that nothing happened yet. Yet. That was my point. Your fears are unfounded.
Anatta Posted November 14, 2013 Author Posted November 14, 2013 Well I think you guys actually convinced me and now I feel a little stupid because this made me mad for weeks now and I just didn't see that retrieval should be trivial (I hope) and basically nothing can be stolen... . Sometimes you just need that little push to notice. So thank you. Just wish my e-mails would have been answered. Would have made it much simpler. Thanks 1
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now