test content
What is the Arc Client?
Install Arc

Having Trouble Logging In?

Archived PostArchived Post Posts: 1,156,071 Arc User
edited September 2014 in Super News Network
If you are having trouble logging into your account, your account’s password may have been locked during our account server maintenance today. You can recover your password via the “forgot password” link on the official Star Trek Online or Champion Online websites:

www.startrekonline.com/user/password
www.champions-online.com/user/password

For full details on why accounts were locked today, please read the notification here.

Apologies for the inconvenience.

Customer Service
Cryptic Studios
Post edited by Archived Post on
«134

Comments

  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    Does this mean if we can't currently log in that we were effected or just that the emergency maintenance is still ongoing?
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    Wait a second... "unauthorized access" and subsequent decryption of that data was only recently noticed despite it happening over a YEAR ago?

    I'm very upset right now and there is much more I want to say but I can't do it here.

    EDIT1: Changed my original text because reading am hrd causing a slight misinterpretation...
    EDIT2: For those having issues getting the link to reset your password to work correctly, log out of the forums and/or Champions Online website then click the link to reset your password.
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    Falchoin wrote:
    Wait a second... "unauthorized access" and subsequent decryption of that data was noticed over a YEAR ago and we're just NOW hearing about it?

    I'm very upset right now and there is much more I want to say but I can't do it here.

    No, they only noticed now, but the breach occurred in 2010. Not AS bad, but IMO, noticing a security breach only after a year and a half is pretty damn appalling.
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    Well this would explain the emergency maintenance with no warning.
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    Nooooooo.

    Oh wait... 2010?

    I guess nobody wanted to mess with the Brou. :confused:
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    Time to increase funding to the security department. :|

    EDIT: Looks like the 'Forgot Password' link anywhere on the site just redirects to the main page. Brilliant.
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    Haha, reading comprehension fail on my part. Still... this is likely the final nail in the coffin for me and Cryptic. I realize there's no such thing as "hack-proof" but I'd like to think they could at least notice!
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    So that's why i haven't been able to play since 2010. I wonder who's been messing forums as me also.

    BAZINGA!!!!
    .
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    The link just takes me to the frontpage...

    EDIT: The STO link worked. I wonder why the CO link didn't?
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    You need to be logged out to use the link.
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    Too bad the password recover wont work at all.. its only send me back to the CO front page. :(

    EDIT:
    You need to be logged out to use the link.
    Ummm.. never mind :D
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    Oh good grief, im going to be a password basket case for the next week. :eek:

    and yea, the links are borked.
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    Interesting, but no surefire way to tell if this is why my account was fiddled with in January of last year.
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    As Cap Fab said, you cannot be logged into the forums or website to reset the password.
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    You need to be logged out to use the link.

    Welp, I feel stupid. :B

    Me go eat paint chips, yellow flavor DELICIOUS.
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    That's some real strategisin' there.
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    This would explain the series of hacked accounts over on STO then.
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    It's all fixed up.
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    So if "Invalid user name or password" means I was affected where my email? why do I have to find this info out on the forums first?

    Also if I have been affected how the heck did I manage to log into the forums to post this?
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    This game is going to heck in a handbasket. Horribly mismanage and every time that communication can't get any worse - they seem to underachieve just a little bit more.

    It's pretty pathetic when you blast your customer base with an email that you've been compromised and that their password has been reset. Yet, when they visit your site, their password, in fact hasn't been reset. You really need to explain/differentiate the Cryptic vs (im)Perfect Word password set up. I'm getting more and more disgusted with the mess that CO has become by the hour.
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    Neither password recovery link works for me.

    Log out first.

    If you've recently logged into the site before the password reset you're still seen as logged in. Damn cookies.
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    Y'know, it's generally not a good idea to say you found out about something that happened 2 years ago.
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    Log out first.

    If you've recently logged into the site before the password reset you're still seen as logged in. Damn cookies.

    I've logged out went to the reset page entered my email, not received a email so logged back in with my old password and posted this message.

    Yet can't log into the game.

    That strikes me as wrong.
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    Ok still no email any one tell me what address it comes from so I can run a search for it just encase Gmail has filed it somewhere random.

    Also how long should it take to arrive?
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    I see my account was affected; annoyingly I'd already changed my password, again, last month.
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    MESS wrote:
    So if "Invalid user name or password" means I was affected where my email?

    All affected accounts have been password reset. Only the legitimate owner of the email account used to register a Cryptic account will be able to reset the password. Emails to all affected users are being sent out over the coming hours, and if you do not receive one within 48 hours, your account was not affected. Cryptic treats your privacy and account security seriously, and is taking proactive steps to ensure that all accounts are secure.
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    MESS wrote:
    Ok still no email any one tell me what address it comes from so I can run a search for it just encase Gmail has filed it somewhere random.

    Also how long should it take to arrive?

    Check the spam box. I got my email immediately.

    The notification comes from Cryptic Studios and the subject is "Important Cryptic Studios Account Notification".

    The password reset comes from Champions Online with the subject "Password reset request for [forumname] at Champions Online Official Site"
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    StormShade wrote:
    All affected accounts have been password reset. Only the legitimate owner of the email account used to register a Cryptic account will be able to reset the password. Emails to all affected users are being sent out over the coming hours, and if you do not receive one within 48 hours, your account was not affected. Cryptic treats your privacy and account security seriously, and is taking proactive steps to ensure that all accounts are secure.

    So if you migrated to PW for login purposes, were you affected?
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    Well password changed and password on my gaming only email address changed although that would only net them info on the games I have played in the past. I'm not really worried about the card details because it was 2 years ago and no strange transactions have taken place.

    What I am annoyed about is it took Cryptic 2 years to notice I mean at that time 2years ago there was the Sony hacking scandal and most big companies went paranoid and checked there security obviously Cryptic didn't think they needed to check their's !!! :mad:
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    First, I'd like to say that I appreciate Cryptic letting us know that our accounts have been compromised as soon as they discovered it. That at least enables us to move to protect ourselves as quickly as possible. However, I still have some questions:

    1. Was this data hacked on an Atari server or on a Cryptic server (was there any difference at that point in time)? Do I need to worry about my old Atari account or was that deleted/transferred when Cryptic was sold to PW?

    2. Is there any evidence to suggest that the hackers left anything like a trojan that might have enabled them to mine data from your servers after the 2010 breach?

    3. What will Cryptic do to ensure that this particular type of breach can't happen again?

    4. What will Cryptic do to ensure that breaches in the future don't go unnoticed for over a year?

    I would like to continue playing Cryptic games and I understand that there's always a risk inherent in having personal information stored on commercial servers (which is why I won't be naive and demand that no breach of any kind ever happen again), yet I do demand that Cryptic remedy this situation by at least providing satisfactory answers to my questions above. I don't believe that it is an unreasonable demand to expect more effective security after a breach like this is discovered. If I find that Cryptic has not done enough to safeguard my information, I will close my account and do whatever I need to do to protect my personal information (i.e. have my data erased from your servers, falsify it before I close my account, whatever).
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    First, I'd like to say that I appreciate Cryptic letting us know that our accounts have been compromised as soon as they discovered it. That at least enables us to move to protect ourselves as quickly as possible. However, I still have some questions:

    1. Was this data hacked on an Atari server or on a Cryptic server (was there any difference at that point in time)? Do I need to worry about my old Atari account or was that deleted/transferred when Cryptic was sold to PW?

    2. Is there any evidence to suggest that the hackers left anything like a trojan that might have enabled them to mine data from your servers after the 2010 breach?

    3. What will Cryptic do to ensure that this particular type of breach can't happen again?

    4. What will Cryptic do to ensure that breaches in the future don't go unnoticed for over a year?

    I would like to continue playing Cryptic games and I understand that there's always a risk inherent in having personal information stored on commercial servers (which is why I won't be naive and demand that no breach of any kind ever happen again), yet I do demand that Cryptic remedy this situation by at least providing satisfactory answers to my questions above. I don't believe that it is an unreasonable demand to expect more effective security after a breach like this is discovered. If I find that Cryptic has not done enough to safeguard my information, I will close my account and do whatever I need to do to protect my personal information (i.e. have my data erased from your servers, falsify it before I close my account, whatever).

    You're not going to get answers to those questions, so close away...
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    You're not going to get answers to those questions, so close away...

    I don't expect them right away as I imagine they probably don't have all of them yet, but I do expect them eventually and I believe that they will answer these questions - if not directly, then by a mass e-mail or a news posting or some such thing.
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    If you're not seeing your e-mail, check you spam filters, that's where I found mine. :D
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    StormShade wrote:
    All affected accounts have been password reset. Only the legitimate owner of the email account used to register a Cryptic account will be able to reset the password. Emails to all affected users are being sent out over the coming hours, and if you do not receive one within 48 hours, your account was not affected. Cryptic treats your privacy and account security seriously, and is taking proactive steps to ensure that all accounts are secure.

    So seems I was affected as I found the Email it had been stuck in the spam folder as to quote google
    Be careful with this message. Lots of other people have marked similar messages as phishing scams, so this might contain unsafe content. Learn more

    Perhaps in the future such messages should come from a more regularly used address and certinly should show up as being from "Cryptic Studios noreply@crypticstudios.com via bounce.email.perfectworld.com" i mean that just looks suspicious.

    Also more info on the launcher and main page would help

    Check the spam box. I got my email immediately.

    The notification comes from Cryptic Studios and the subject is "Important Cryptic Studios Account Notification".

    The password reset comes from Champions Online with the subject "Password reset request for [forumname] at Champions Online Official Site"

    Thanks cap tracked the messages down thanks to the info you gave.

    It would seem dealing with account issues while all you want is a quick game and then bed leads to lack of patience.
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    MESS wrote:
    So seems I was affected as I found the Email it had been stuck in the spam folder as to quote google



    Perhaps in the future such messages should come from a more regularly used address and certinly should show up as being from "Cryptic Studios noreply@crypticstudios.com via bounce.email.perfectworld.com" i mean that just looks suspicious.

    Also more info on the launcher and main page would help




    Thanks cap tracked the messages down thanks to the info you gave.

    It would seem dealing with account issues while all you want is a quick game and then bed leads to lack of patience.

    My first reaction was that it was some kind of phishing attempt. Then I checked the forums and found out it was true.
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    Found mine in the SPAM folder, too.

    I just hope Cryptic/PWE didn't enact some strict rule about typing in the wrong password too many times in a row, as I just logged a character off and tried to log back ON with my old pw. And, I've a feeling I'll probably do it again, a few more times, until I'm used to the new pw.

    The mind, it really goes when you get old.
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    Dangit, I tried your password reset page and it just sends me back to your front page. I tried your live chat and it sends me back to your front page. You got some broken links there bub or some uncaring IT people.

    That's lousy customer service and a lousy way to treat people that have sunk hundreds of dollars into this game.

    Nor have I recieved any email to help me facilitate the account unlocking.

    Just unlock our accounts with the original passwords. This was a completely idiotic move.
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    kirinke wrote:
    Dangit, I tried your password reset page and it just sends me back to your front page. I tried your live chat and it sends me back to your front page. You got some broken links there bub or some uncaring IT people.

    That's lousy customer service and a lousy way to treat people that have sunk hundreds of dollars into this game.

    SAME PROBLEM... WTF !!! i was just playing less than an hour ago! Now my PW is denied and EVERY attempt to resolve this sends me in frustrating circles! This comes just days after paying for three more months!!! Been paying since the beginning and this is what I get for service ???
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    Fix your site.
    Fix the links.
    Fix our passwords.
    Improve your customer service from none to something resembling it. Cuz finding out by not being able to get into the game without any kind of message on the login screen? SUCKS!
    Do you not give a flying rip about us your paying customers? Cuz this solution of yours ain't.
    This bites.

    And I just got my top character into Vib bay! I wanna kill Dogz dangit!
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    SlyDragon wrote:
    SAME PROBLEM... WTF !!! i was just playing less than an hour ago! Now my PW is denied and EVERY attempt to resolve this sends me in frustrating circles! This comes just days after paying for three more months!!! Been paying since the beginning and this is what I get for service ???
    kirinke wrote:
    Fix your site.
    Fix the links.
    Fix our passwords.
    Improve your customer service from none to something resembling it. Cuz finding out by not being able to get into the game without any kind of message on the login screen? SUCKS!
    Do you not give a flying rip about us your paying customers? Cuz this solution of yours ain't.
    This bites.

    And I just got my top character into Vib bay! I wanna kill Dogz dangit!

    How about you read the thread before you go on a mindless rant.

    LOG OUT FIRST.
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    All you have to do to get the password reset to work is log out of the forums first.
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    Skyefire wrote:
    All you have to do to get the password reset to work is log out of the forums first.

    Yeah... Somebody was kind enough to let me know about that. :rolleyes:

    All that froth makes me feel silly from above. Still, it would have been nice if they had notified us about it on the launch screen, with said solution, so we wouldn't have this problem and the vitrole associated with it. :mad:

    And when you don't have a clue as to why your password (That worked the day before) no longer works, you do tend to get irittable, especially when you are looking forward to a bit of mindless mayhem and such from the game, to which, I really enjoy.

    Sorry for the rant.

    Next time, give us a heads up on the launch screen. It'd save problems later.
    Also, the site staff needs to look at the links originally provided us, the ones I clicked on, just rerouted me to the front page. Absolutely no help there.
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    I am definitely irate.

    I am unable to correct this problem on my end.
    I am unable to do the steps required to reset my log in info.

    When I follow the not very clear directions in order to get an email sent to me in order for me to reset my account/password I get this message:

    "The email address you provided is not linked to a Perfect World account. If you feel this message is in error, please contact us at customerservice@perfectworld.com."

    First off, I do not have nor do I want a perfect world account. I have and only want a Cryptic account.
    No where can i find a means to remedy this problem.


    From this page:
    https://support.perfectworld.com/app/answers/detail/a_id/3966/related/1

    When I click either of these two links:
    https://champions-online.com/user/password
    http://www.champions-online.com/user/accountname

    I just get sent to the front page of Champions Online. Totally frustrating.

    Sadly this forum is the only line of communication I seem have with getting any official help from the Support team. So please, if you area Dev, Moderator, or Support person, please help me to remedy this problem.

    Thank you.

    EDIT:
    In a spurt of random inspiration I tried the Star Trek Online link and that one successfully sent me the password/account reset email.

    I am glad I could resolve this problem, but this was a totally unacceptable means in which I managed to fix it. I don't play Star Trek Online and only because of a poster in this thread who mentioned using that instead of Champions link did it occur to me to even try it since it was a long shot in my mind because they are two different games, but from the same company, Cryptic.
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    Like they said above, log out of the forums.
    When you log in, type in your username in the proper field (make sure you click on the right account holder cryptic or perfect world) then click on forgot password.

    You should be able to reset it that way. I had the exact same problem, but a nice poster provided me with the right way of doing it. Once you reset your password, you should be able to get into the game with the new password you chose.
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    And think to delog from the official site, purge your cookies, before try again.

    And @ cryptic : 2010 ? Nice. No comment.

    I hope that when we erase our credit card numbers of our forum account, theses informations are erased of your database too. Just for the next time, we don't know.
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    How about you read the thread before you go on a mindless rant.

    LOG OUT FIRST.

    Sorry about the RANT, although mindless was a bit harse. Time was alrdy wasted and time is precious. I read quite a bit b4 posting... just not every page. I must admit being weary of logging out of anything for fear of being locked out of doing anything afterwards, lol!
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    Brou wrote:
    Y'know, it's generally not a good idea to say you found out about something that happened 2 years ago.

    If they only just now found out about it then it's okay, legally. I'd be more concerned about credit card info being compromised. A lot of that has gone around lately.

    I got the email that notified me. It's been a while since I logged in anyway.. but I'm glad to have known.

    I don't know how many times Cryptic has fumbled the ball since the "Once per month or two" from back when I was a regular, but for once I can't really fault them for being honest -- which has always been their primary failing.
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    StormShade wrote:
    All affected accounts have been password reset. Only the legitimate owner of the email account used to register a Cryptic account will be able to reset the password. Emails to all affected users are being sent out over the coming hours, and if you do not receive one within 48 hours, your account was not affected. Cryptic treats your privacy and account security seriously, and is taking proactive steps to ensure that all accounts are secure.

    Dictionary.com:
    pro·ac·tive   [proh-ak-tiv]
    adjective
    serving to prepare for, intervene in, or control an expected occurrence or situation, especially a negative or difficult one; anticipatory: proactive measures against crime.

    This isn't proactive. What you're doing is reactive. If Cryptic were PROACTIVE this wouldn't have happened.
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    I think, what most people are annoyed about is that

    A: Cryptic/Perfect world did not immediately notify us of this security breach. Then to add insult to injury, they locked our accounts without first notifying us through more opaque means, a general announcement on the Launch screen/front page would have done wonders (along with proper/real instructions). Then:

    B: The links you provided us simply rerouted us back to the main page. You didn't tell us we had to log out first before trying to log back in and then hit the forget password option. There were no real instructions and a vague disclaimer is no one's friend.

    C: No general apology someplace highly visable.

    Any of these things would have helped migate the anger and frustration levels but did this happen?
    No.

    End result: Poor customer service, no response from Cryptic/Perfect world and the general feeling that Cryptic and Perfect world considers us to be less that dog droppings. Not exactly a good business practice.
  • Archived PostArchived Post Posts: 1,156,071 Arc User
    edited April 2012
    Forget about the standard canned apologies. How about compensation?

    People have had their personal information compromised and in the possession of stranger(s) who are in a position to do whatever they want with it, and for more than a year without the affected people knowing: A whole year and more during which they could have promptly acted.

    Yeah some sort of compensation as PR damage control should be in order. I'm not hopeful though.
Sign In or Register to comment.