ArenaNet president Mike O'Brien tells us how we can make our Guild Wars 2 account as secure as our email.
With the release of Guild Wars 2 just last week, ArenaNet was quick to alert users of email phishing attempts to obtain account information from its playerbase. While the studio has so far warned players against responding to these messages, Polygon spoke to Mike O'Brien, president of ArenaNet, about how the team can help you make your account as secure as your email.
"You might think that hackers routinely try to attack passwords through a brute-force search, such as trying every word in the dictionary, but they really don't," says O'Brien. "Our systems wouldn't let them try that many passwords anyway."
Hacking attempts are based from lists of email addresses and password combinations previously capture from other games, websites, and spyware. Rather than accessing an account via a complex series of trial-and-error attempts, hackers will instead come with a specific email address they wish to sabotage using a single password, or slight variants of that password, before moving on, he explains.
The most important thing...
"That's why we keep reiterating to our customers that the most important thing they should do is to use a unique password, and ideally a unique email address too, that they've never used anywhere else."
In the case of a hacker discovering a player's password, ArenaNet offers a second layer of security in which the game checks to see whether the log-in is coming from its normal location. If not, the user is sent an email letting them know where the log-in is coming from and asks them to allow or deny it.
"Since this system is in place protecting your Guild Wars 2 account all the time, you can make your Guild Wars 2 account at least as secure as your email account. You can use an email provider that supports two-factor authentication, such as Google or Yahoo, and enable two-factor authentication for your email account. Then, to log-in to your Guild Wars 2 account from a new location, a hacker would have to get through the two-factor authentication on your email account."
Hackers are currently out in full force
The popularity of Guild Wars 2 means that hackers are "currently out in full force." However, O'Brien states the team has reason to believe it may attract fewer hackers than the original Guild Wars over time.
"Not only do we have better technology this time around to protect our customers, we're also addressing the problem of account hacking at its root.
"The root cause of account hacking in most massively multiplayer games and other online role-playing games is the profit incentive that real-money trading companies have to hack them. Real-money trading companies have an insatiable appetite for stolen accounts. They loot all the gold and valuables off each account, then use them for spamming ads and botting, until the accounts are discovered and banned by a GM. Then they sell all the gold on their web sites. The more money they make selling gold, the more effort they can apply to hacking additional accounts."
The trouble with money
Guild Wars 2 instead puts economic power directly in the hands of players, allowing them to buy gold for cash within the game, and trade with other players using an in-game currency that cannot be converted back to real-world money.
"As long as players purchase their gold this way, there isn't a flow of cash to the real-money trading companies, and thus there isn't a profit incentive to hack accounts."
According to O'Brien, nothing in this industry is black-or-white. However, the team does what it can to minimize hacking through the design of the game, back-end infrastructure, email authentication, and a team of GMs ready to help those who have been hacked.
"We know we have a big responsibility to keep our players safe," he says, "and we take it seriously."