[<a href='5457.html'>Next Message in Time</a>] | 
[<a href='5455.html'>Previous Message in Time</a>] | 
[<a href='5457.html'>Next Message in Topic</a>] | 
[<a href='5454.html'>Previous Message in Topic</a>] <br/><br/>
<b>Message ID:</b> 5456 <br/>
<b>Date:</b> Mon Aug 23 23:59:08 BST 1999 <br/>
<b>Author:</b> jhenders@xxxxx.xxx <br/>
<b>Subject:</b> Re: Everquest account security <br/>
<br/><br/>
<div id="ygrps-yiv-825624729">On Mon, Aug 23/99, Melaniel &lt;<a rel="nofollow" target="_blank" href="mailto:email@...">email@...</a>&gt; wrote:<br/>
<blockquote><span title="ireply"> &gt; <br/>
&gt; I would welcome any other reasonable suggestions that could explain<br/>
&gt; what has happened.  People lose equpiment and money to bugs quite a<br/>
&gt; bit, however having both characters standing at the counter in the<br/>
&gt; Freeport bank cannot be explained by a bug.  I am simply at a loss to<br/>
&gt; explain it in any other way than an unauthorised account use.<br/>
&gt; <br/>
&gt; Anyway, throwing it open to the rather more well-informed crowd ......<br/>
&gt; <br/>
<br/>
 </span></blockquote>I would say if the events you related above are true, then your account<br/>
has been compromised. From what I can see, your cd key is only used when<br/>
you create your eq account so all someone would need would be your user<br/>
id and password for your station account to access your account. <br/>
<br/>
The first thing I would do if I were you is get an up to date virus<br/>
checker that can find things like back oriface or the other windows hack<br/>
utilities out there running on your computer. This is the only way I<br/>
could see someone getting your password, unless someone has written a<br/>
password cracking utility for everquest, which could probably be done by<br/>
anyone with a clue about network programming and a sniffer. This would<br/>
require that the person running the cracker program knew your station<br/>
account name, but I&#39;d be willing to bet most people&#39;s is the same as at<br/>
least one of their character names. Unless Verant were smart enough to<br/>
write some detection into the station login routine, it&#39;s probably wide<br/>
open to brute force cracking attempts.<br/>
<br/>
A third possibility is that eq actually stores your password in some<br/>
file, dispite the fact that you aren&#39;t given a &quot;save my password&quot;<br/>
option. If this were the case, then there&#39;s lots of web browser<br/>
exploits, icq expoits, etc, out there that allow people to read files<br/>
off your hard drive if you install to the default path when you install<br/>
your games. This crap goes on all the time in Ultima Online. I&#39;ll be<br/>
interested to see how Verant deals with your case, as OSI was rarely<br/>
helpful when it happened to users there.<br/>
<br/>
-- <br/>
  Artificial Intelligence stands no chance against Natural Stupidity.<br/>
            GAT d- -p+(--) c++++ l++ u++ t- m--- W--- !v<br/>
                 b+++ e* s-/+ n-(?) h++ f+g+ w+++ y*</div>