[Next Message in Time] |
[Previous Message in Time] |
[Next Message in Topic] |
[Previous Message in Topic]
Message ID: 5476
Date: Tue Aug 24 15:37:36 BST 1999
Author: Talies the Wanderer
Subject: Re: Everquest account security
>True. I regularly log on to a friends account to bail him out of whatever
>I would say if the events you related above are true, then your account
>has been compromised. From what I can see, your cd key is only used when
>you create your eq account so all someone would need would be your user
>id and password for your station account to access your account.
>The first thing I would do if I were you is get an up to date virusHrm - I think if there were a brute-force technique Verant would have
>checker that can find things like back oriface or the other windows hack
>utilities out there running on your computer. This is the only way I
>could see someone getting your password, unless someone has written a
>password cracking utility for everquest, which could probably be done by
>anyone with a clue about network programming and a sniffer. This would
>require that the person running the cracker program knew your station
>account name, but I'd be willing to bet most people's is the same as at
>least one of their character names. Unless Verant were smart enough to
>write some detection into the station login routine, it's probably wide
>open to brute force cracking attempts.
>A third possibility is that eq actually stores your password in someI can verify that this is not the case - as I said, I log into a friends
>file, dispite the fact that you aren't given a "save my password"
>option. If this were the case, then there's lots of web browser
>exploits, icq expoits, etc, out there that allow people to read files
>off your hard drive if you install to the default path when you install
>your games. This crap goes on all the time in Ultima Online. I'll be
>interested to see how Verant deals with your case, as OSI was rarely
>helpful when it happened to users there.