2. I got startrekonline.com and login to their account. Now I change their email address so that emails goto my email.
Won't work the way you think. I'm locked out of tribble right now because of that.
...
I merged my Cryptic account with my old PWE account without realizing the PWE account was associated with my old work e-mail address and since I don't work there any more I don't have that e-mail. So, I went to change my e-mail but it sends an authentication e-mail to my old address which has to be accepted to change the e-mail address associated with the account.
...
So, for me it sucks, because I will soon (when it hits holodeck) be locked out of the game, but it is good for preventing the thing you are referring to.
Well i thought i knew which email my account was linked to, i have checked my three main email accounts and have found no email for this guard, so now what?, i remember PWE stuffing a whole lote of people around with a forced password change on perfect world that locked a whole lot of their player base out of the game when the new password was sent to emails, some of which people could no longer access for whatever reason, this sure smacks of that. Thanks for the headache, my account was secure enough seems its now secure from me as well...
Editing note: found the email i was linked to on my account info here, very lucky i remembered the password.
Well i thought i knew which email my account was linked to, i have checked my three main email accounts and have found no email for this guard, so now what?, i remember PWE stuffing a whole lote of people around with a forced password change on perfect world that locked a whole lot of their player base out of the game when the new password was sent to emails, some of which people could no longer access for whatever reason, this sure smacks of that. Thanks for the headache, my account was secure enough seems its now secure from me as well...
Editing note: found the email i was linked to on my account info here, very lucky i remembered the password.
check the email your using for your account.
I just checked mien and noticed that its changed the last part from .com to .co.uk
I have a similar problem. As Perfect World doesn't use a confirmation email (Unless I am mistaken) I think i typed in the wrong email address, it ends in .com only instead of the correct com.sg. So when Cryptic released the Account Guard, I am now stuck as the email is wrong as I cannot receive the code.
I am sorry if this is the wrong thread to post in here, I am new here. So, can anyone give me any advice on how to proceed?
When i made my account (my 2nd) i used an email that is not even real. I can't get the account guard code because of this, and I can't even change my email. What should I do???
I have been busy and have not been able to play STO for a while. I come back and I get this account guard, which sent a one time code to an email address. Problem is, I don't remember the password to the email address when I started this account because I made up a quick one due to the fact that my real email was already registered and there was issues at the time with registering new accounts.
So, I come to this website, log onto my account with MY password, and .... PHEWWWW .. YES, I can change the email... GREAT!!!! I though.
Well, I changed the email to my new one, however.. they sent the conformation to the old email...... So, I am permenantly locked out of my account on a character I worked hard on. I did contact customer support, but they said 3-4 business days before they'll reply. Can someone in the STO support pass this up the chain and get my email changed quicker, please? I think this account gaurd is not needed.
Account "Guard" is useless and intrusive spyware. The only reason it would be able to distinguish one computer from another is if it is using a tried and true spyware tactic of snooping around your system for its various components and parts. That it is then phoning that information home marks it as spyware, pure and simple. I'm sure that they they mean well on the surface, but remember this: Those who give up their freedom and privacy for safety and security will have and deserve neither.
Similarly, the constant abuse of email is a joke and completely destroys any security that was on the acount: This information is sent plain-text over the entire Internet. Very few people run their own emails, so this means that this information is being sent in the clear over the Internet to a THIRD PARTY. Many use Gmail. Here's a question: Are you Google? Is Cryptic Google? No? Then you've just added another point of failure to your security, a third party who has full control over the process because Cryptic will accept anything from that account on faith. When that third party's security fails, so does your security here. What's more, Google accounts, too, use a similar "password recovery" mechanism. That means *THAT* account can be compromised externally, which in turn results in a compromise here.
Keep in mind, these are places that will surrender your account to anyone who calls them and happens to know some what are probably easily known to the public facts.
Anytime you outsource your security to a third party in such a manner, your security is absolutely worthless. You should never chain a thing's security to another thing's. An account should be a fortress, to stand or fall alone, not part of a chain where a failure anywhere is a failure everywhere.
Account "Guard" is useless and intrusive spyware. The only reason it would be able to distinguish one computer from another is if it is using a tried and true spyware tactic of snooping around your system for its various components and parts. That it is then phoning that information home marks it as spyware, pure and simple. I'm sure that they they mean well on the surface, but remember this: Those who give up their freedom and privacy for safety and security will have and deserve neither.
It can't tell what computer your on....It tells which IP address you are using. This is designed to stop people getting someones password and then using it.
I know this cause I changed IP address and sure enough I had to re-register. And if the game didn't include an email, it would make things way more technical and confusing and then cryptic would have to spend time and money on a new system rather than on content
We shall defend our island, whatever the cost may be, we shall fight on the beaches, we shall fight on the landing grounds, we shall fight in the fields and in the streets, we shall fight in the hills; we shall never surrender. Winston Churchill
It can't tell what computer your on....It tells which IP address you are using. This is designed to stop people getting someones password and then using it.
Considering I can log into the game and the forums from school (and never had to reverify my account), it is not based solely on IP address. The FAQ even says it's not based on your IP address. It goes by your computer.
It's not based on your IP. It's based on digging through your system attributes and files and other private data to generate a signature to upload home. It's spyware. It also does absolutely NOTHING to address the fact that it still shares the same point of failure that all previous mechanisms used still share: An external, third-party email service. In short, your account STILL has the same point of failure as before, and there's nothing you OR Cryptic can do about it. If there was no fallback method, then security would be limited only to a secret known only to you and Cryptic, and thus no third party could break the chain.
Email-based "recovery" is a blight on the face of Internet security.
Considering I can log into the game and the forums from school (and never had to reverify my account), it is not based solely on IP address. The FAQ even says it's not based on your IP address. It goes by your computer.
Maybe it is something to do with temp internet files then...but I do know that it isn't the same as spyware
We shall defend our island, whatever the cost may be, we shall fight on the beaches, we shall fight on the landing grounds, we shall fight in the fields and in the streets, we shall fight in the hills; we shall never surrender. Winston Churchill
Maybe it is something to do with temp internet files then...but I do know that it isn't the same as spyware
The forum, like most forums, likely uses a cookie. I have no guesses on the game itself.
But you're right. It's not spyware. It's not even close to spyware.
Regarding all the "but it goes to your email" silliness, that's actually more secure than security questions and the like. Answers to security questions can typically be easily guessed or even found just be looking around online. If you're that worried that a third-party email provider might somehow compromise your security don't use that provider. Building your own service takes time, patience, and money, but that's the only way you're going to get around any security issues the third-party providers have.
Precisely. Besides if your really worried about security create a new email address and use it for nothing else
We shall defend our island, whatever the cost may be, we shall fight on the beaches, we shall fight on the landing grounds, we shall fight in the fields and in the streets, we shall fight in the hills; we shall never surrender. Winston Churchill
This seems to be preventing my Android to use the new STO Gateway that's in BETA testing. Everytime I try to check it from my phone I get the Account Guard thing sending me e-mails when it's supposed to be a 1 time thing.
Vice Admiral Survic Stone, FED TAC, King - Knights of the Round Table (Join Today!)
Vice Admiral Krothos, FED TAC, Ensign - Devil's Rejects
Lieutenant General Pek'ToS, KDF TAC, Veteran - House of Martok
This feature should be either taken off or make it so the owner of the account can activate it. For the past month I havent been able to play this game cause every code ive been send becomes invalid. I have also sent tickets and the only response I get is how to deactivate it which is useless if you can't get to where you deactivate it without a working code. This feature is unneeded in my opinion.
I didnt know were to say this but here seems appropriate:
I just joined but someone used my email, luckily I changed the password, but I dont like the username can anyone help me?
Comments
Won't work the way you think. I'm locked out of tribble right now because of that.
...
I merged my Cryptic account with my old PWE account without realizing the PWE account was associated with my old work e-mail address and since I don't work there any more I don't have that e-mail. So, I went to change my e-mail but it sends an authentication e-mail to my old address which has to be accepted to change the e-mail address associated with the account.
...
So, for me it sucks, because I will soon (when it hits holodeck) be locked out of the game, but it is good for preventing the thing you are referring to.
Editing note: found the email i was linked to on my account info here, very lucky i remembered the password.
check the email your using for your account.
I just checked mien and noticed that its changed the last part from .com to .co.uk
I am sorry if this is the wrong thread to post in here, I am new here. So, can anyone give me any advice on how to proceed?
So, I come to this website, log onto my account with MY password, and .... PHEWWWW .. YES, I can change the email... GREAT!!!! I though.
Well, I changed the email to my new one, however.. they sent the conformation to the old email...... So, I am permenantly locked out of my account on a character I worked hard on. I did contact customer support, but they said 3-4 business days before they'll reply. Can someone in the STO support pass this up the chain and get my email changed quicker, please? I think this account gaurd is not needed.
Similarly, the constant abuse of email is a joke and completely destroys any security that was on the acount: This information is sent plain-text over the entire Internet. Very few people run their own emails, so this means that this information is being sent in the clear over the Internet to a THIRD PARTY. Many use Gmail. Here's a question: Are you Google? Is Cryptic Google? No? Then you've just added another point of failure to your security, a third party who has full control over the process because Cryptic will accept anything from that account on faith. When that third party's security fails, so does your security here. What's more, Google accounts, too, use a similar "password recovery" mechanism. That means *THAT* account can be compromised externally, which in turn results in a compromise here.
Keep in mind, these are places that will surrender your account to anyone who calls them and happens to know some what are probably easily known to the public facts.
Anytime you outsource your security to a third party in such a manner, your security is absolutely worthless. You should never chain a thing's security to another thing's. An account should be a fortress, to stand or fall alone, not part of a chain where a failure anywhere is a failure everywhere.
It can't tell what computer your on....It tells which IP address you are using. This is designed to stop people getting someones password and then using it.
I know this cause I changed IP address and sure enough I had to re-register. And if the game didn't include an email, it would make things way more technical and confusing and then cryptic would have to spend time and money on a new system rather than on content
Winston Churchill
1st Lt, M.A.C.O. Foxtrot Squadron
Considering I can log into the game and the forums from school (and never had to reverify my account), it is not based solely on IP address. The FAQ even says it's not based on your IP address. It goes by your computer.
Email-based "recovery" is a blight on the face of Internet security.
Maybe it is something to do with temp internet files then...but I do know that it isn't the same as spyware
Winston Churchill
1st Lt, M.A.C.O. Foxtrot Squadron
The forum, like most forums, likely uses a cookie. I have no guesses on the game itself.
But you're right. It's not spyware. It's not even close to spyware.
Regarding all the "but it goes to your email" silliness, that's actually more secure than security questions and the like. Answers to security questions can typically be easily guessed or even found just be looking around online. If you're that worried that a third-party email provider might somehow compromise your security don't use that provider. Building your own service takes time, patience, and money, but that's the only way you're going to get around any security issues the third-party providers have.
Winston Churchill
1st Lt, M.A.C.O. Foxtrot Squadron
Vice Admiral Krothos, FED TAC, Ensign - Devil's Rejects
Lieutenant General Pek'ToS, KDF TAC, Veteran - House of Martok
The Rest & Details: My STO Page!
I just joined but someone used my email, luckily I changed the password, but I dont like the username can anyone help me?