Runes of Magic US / AU

This has been in place since January.

They're unlikely to change it now.

I think if every one is that concerned about key loggers, you need to stop playing the game.

A key logger isn't going to care if you type in the password at the start of the game, or 40 minutes later when you make a cash shop purchase.

As far as I'm concerned - the addition of this "feature", while it hasn't improved the security, also hasn't reduced it.

A key logger isn't going to stop logging the instant you get into the game. Especially if it was a key logger designed specifically for RoM.


Players here are worried about their secondary passwords... if you have a general purpose key logger, what about your email accounts? online banking? your account info for other games? aren't you worried about them?

If I was worried I had a key logger, i would be doing a low level reformat of my computer to make sure it was gone.

If you don't have a key logger, then what is the big deal. yes it is frustraiting trying to remember it - i go through it all the time. But on the other hand, at least i know what my secondary is when i want it for cash shop items from typing it in so much.

As for making it easier to reset, I don't want it easier.

if some one manages to get into your yusho account then all they would have to do is reset your secondary and you are really messed up.


For the record, I agree with every one that in its current state, requiring the secondary login to log in is pointless. i would rather see them put the secondary password requirement on sending mail/trading then for logging in.


Benhur

1). Make a txt file on your desktop that contains your typed out primary password.

2). Open it: highlight the password and use Ctrl + C to copy it, then close the txt file.

3). Open RoM.

4). Set the courser in the password field using the mouse, NOT the Tab Key.

(Tab Key is a common 'trigger key' to start a key-loggers recording)

5). Use Ctrl + V to enter the password.

6). Enjoy knowing that no key-logger will ever get it's grubby paws on your primary password.

Once you get used to this, it causes virtually no delay in logging in / logging back in.

Also; if RoM allowed Alt Key characters in passwords, that would greatly help fight both key-loggers (which are generally confused by a key being held down while multiple additional keys are pressed) and password generators (which; even on a very fast comp, still take a long time to come up with a positive match, just going through the normal 0-9 + aA-zZ).

[EDIT]
I have not typed a primary password into a field in over 7 years, and never been hacked. And account theft is rampant on WoW!

i think one way to help elimanate the problem is to not let them try 5 times to get in your accounts if you know you password then why wouldint you do it in 2 tryes enless you are hacking and haveing a bot a chance to try many times to get in the secondary just doesint matter if your first password is safe and why wouldint you put up a key bord thing when you first log in insted of just the secondary one? ps i hate hackers lol

Quoted from "MASTERZOLD;410381"

i think one way to help elimanate the problem is to not let them try 5 times to get in your accounts if you know you password then why wouldint you do it in 2 tryes enless you are hacking and haveing a bot a chance to try many times to get in the secondary just doesint matter if your first password is safe and why wouldint you put up a key bord thing when you first log in insted of just the secondary one? ps i hate hackers lol

You don't have a 'key bord' thing on the 1st password screen? I see one at the 1st password screen and at the 2nd password screen. But as I stated, I use copy / paste, so it's of no use to me...

good point on the entering secondary pw later after loging in... so it hasn't reduced security... but it still is a pain in the butt.

still.... my guild wants to do an instance run but i don't feel like logging in.... it took too long to login BEFORE the secondary pw and now it just isn't worth the effort to login.









REMOVE THE STUPID SECOND PASS WORD!!!!!!!!!!!!!!!!!!!
i know i am not the only one that has stopped playing since the crap... and now that it has taken so long many of the people i know quit have completely stopped checking in and will probably never play again.
you guys screwed my guild with this crap.

Quoted from "Toorimakun;413442"

good point on the entering secondary pw later after loging in... so it hasn't reduced security... but it still is a pain in the butt.

still.... my guild wants to do an instance run but i don't feel like logging in.... it took too long to login BEFORE the secondary pw and now it just isn't worth the effort to login.









REMOVE THE STUPID SECOND PASS WORD!!!!!!!!!!!!!!!!!!!
i know i am not the only one that has stopped playing since the crap... and now that it has taken so long many of the people i know quit have completely stopped checking in and will probably never play again.
you guys screwed my guild with this crap.

Seriously? Your guild quit because they are too lazy to type their secondary password? I guess they aren't contributing to the game anyway. o.O

Don't get rid of the secondary password entry cause hackers can get into your account with your toon's and steal your stuff. So to all players i suggest make your secondary password different from your main password. An BTW remember it to

Quoted from "Edmard;381277"

I'm willing to bet at least 90% of players are still typing in the secondary password anyways instead of using the on screen keyboard.

I know I am.

Are there different secondary passwords for each server? I tried to log into a character that I made a long time ago on a pvp server, and was prompted to enter my secondary password. I put in the secondary pass that I've been using for my main server and it didn't work. Do I have to just reset the secondary password for that pvp server before I can log in and play again? I can't select a different server until I've at least managed to access the pvp one.

Ya, I'm locked out on one of my old accounts on another server because I couldn't remember the 2nd pw. lol.

On another note... there really should be gesture-based pw-ing in the game. It's a game w/ a gui & we use mice to do everything, why not use something like a box that you virtually draw in for the 2ndary pw? ( hell, for your primary.. )

Actually, you are WRONG, failure on the secondary password is an hour lockout, as was stated. Failure on primary password is 15 minutes. Trust me, I bought this game to check it out, and all I have gotten to do is create an account because I can never get logged in and just keep getting locked out for one reason or another.

What a joke this is - what a waste of money even buying this game was...



@alexpattas - its a 15 minute lockout, not an hour. but then again people might be putting the wrong password into the wrong box

Quoted from "sk8rdanman;415755"

Are there different secondary passwords for each server?

At least on the EU servers, the secondary password is tied to the server. If you keep getting taken to secondary password entry then you need to deselect 'record server'. You can do this by,

Quoted

There is a work around so you don't have to create a new account just to uncheck the record password option :


WinXP:
Windows Explorer =>Extras -> Folder and Search Options -> Tab "View" -> Check "Show hidden files. folders and drives"

Win7 + Vista
Windows Explorer =>Organize -> Folder and Search Options -> Tab "View" -> Check "Show hidden files. folders and drives"

- Than, search the file "Gamesettings.ini" in the Runes of Magic folder / Documents and Settings / Username

- Open the GameSettings.ini with the windows text editor
- Change LastSecletedRealm=1 to LastSecletedRealm=0 (that is no typo, it is really written that way!)
- Save and Close

This info is correct for the EU servers, I don't see why it would be different here but it could be of course.

Quoted from "Dustad;425341"

Actually, you are WRONG, failure on the secondary password is an hour lockout, as was stated. Failure on primary password is 15 minutes. Trust me, I bought this game to check it out, and all I have gotten to do is create an account because I can never get logged in and just keep getting locked out for one reason or another.

Make sure that the game client is pointed at the US servers. Start the client, then click on the Region/Language button in the lower right corner. Select USA and English from the drop downs, then click Apply.

Passwords are case-sensitive.

If you have logged into Account Management and changed your game account password, remember that it can take up to an hour for the new password to activate.

Quoted from "KatalanOrk;425342"

At least on the EU servers, the secondary password is tied to the server. If you keep getting taken to secondary password entry then you need to deselect 'record server'.

This info is correct for the EU servers, I don't see why it would be different here but it could be of course.

On the US servers, secondary passwords are server-specific. You can use the same secondary password on multiple servers, if you so desire.

i don't think you can use the same pw as your primary... but i wouldn't know i use a different pw for every thing.
forum
game
secondary
all different... and for a reason... but with me having to put in both my game pw at the same time that completely messes up the security that the second pw gave.

since people seem to still be having problems im guessing that this hasn't been fixed or they made it worse...... *sigh*.

Quoted from "Toorimakun;439075"

i don't think you can use the same pw as your primary... but i wouldn't know i use a different pw for every thing.
forum
game
secondary
all different... and for a reason... but with me having to put in both my game pw at the same time that completely messes up the security that the second pw gave.

since people seem to still be having problems im guessing that this hasn't been fixed or they made it worse...... *sigh*.

While it's not particularly wise, you can use the same password for your forum, game, and secondary password, so long as they conform to the current requirements--must contain at lease one capital letter and one number. (I don't recall what the min-max character limits are, sorry.)

I personally don't see that secondary passwords are "broken" and need fixing. Just make sure that you 1. write them down and 2. type them in correctly.

Is there anyway to reset the secondary password? I've forgotten the one i set. If i can't reset it i'll have to make a whole new account.

Quoted from "eiltis;494874"

Is there anyway to reset the secondary password? I've forgotten the one i set. If i can't reset it i'll have to make a whole new account.

Please send a ticket to Support about this. You can use the link in my sig below. You will have to create an account with Support for this. Ask them to reset your secondary password for your account, and be sure to include the following information in your ticket:

Game account name
Server played on
Main Character name

Please be patient, as it may take Support several days to send you a response via email. Make sure that you monitor the Inbox and Junk/Spam folder for the email address that you give to Support when you create your Support account.

I agree with this suggestion, it's very tedious to reset that secondary password.

How long does it take to send a LostPassword for the support system usually? I forgot that password (Since the forum, in-game account and support passwords are all different, and take forever to change via frogster account system.)

I'd also like to see the Frogster account system merged with the support system, one less password then.

That's four different accounts / passwords:

- Support
- Frogster Account
- Forum
- Secondary

And, it was like this before all the passwords were hacked. So why are you still doing it if it makes no difference?

Quoted from "Kalvan;494975"

Please send a ticket to Support about this. You can use the link in my sig below. You will have to create an account with Support for this. Ask them to reset your secondary password for your account, and be sure to include the following information in your ticket:

Game account name
Server played on
Main Character name

Please be patient, as it may take Support several days to send you a response via email. Make sure that you monitor the Inbox and Junk/Spam folder for the email address that you give to Support when you create your Support account.

Bah. Several days...moving on.