If you have been reading the forums it’s hard to miss the many discussions on compromised or “hacked” accounts. We have been investigating the causes and individuals behind these attacks and, as mentioned previously, are taking steps to protect you against them.
One step we are taking is implementing the “Coin Lock” feature tomorrow (3/17/11). This feature is automatically enabled should your account be logged in from a significantly different location or computer and prevents unauthorized individuals from selling your items and money.
Should you log in from a location that enables Coin Lock on your account you will be able to easily disable it via a code that is automatically sent to your email. Simply copy the code, locate the “Coin Lock” icon above your Hot Bars and enter it when requested. For more details on coin lock please see the full announcement: Update on Hacked Accounts. We’re also happy to say that, starting tomorrow (3/17/11), reporting mail spam will ignore the user and individuals on your ignore list will no longer be able to send you mail, thanks for your feedback on this issue.
While only a small fraction of our players have had their accounts compromised they are our highest priority and we know the frustration and confusion it can cause when it happens to you. As we have seen in other games, those responsible for these attacks will always be driven to do so as long as selling game currency, items, and characters remains profitable.
These individuals and groups have been accumulating account and email information spanning across the industry for as long as there has been one and their efforts continue to become more coordinated. As such it is very important that the password you use to access RIFT is unique and, most importantly, not shared with the email account associated with your game account.
Here are some quick tips to using a secure password:
- Make sure your password is unique and not used with other games, RIFT related websites, or your email.
- Use a combination of upper and lowercase letters, numbers, and symbols.
- Increasing the length and variety of your password can increase security. Shoot for at least 6+ characters.
These attacks are client side and can be indicative of invasive programs being installed without your knowledge. Never click a link that advertises selling (or free) RIFT Platinum or other game currencies and furthermore never click a link that you do not trust. Should you receive an email from Trion or RIFT, the address should only go to riftgame.com, trionworlds.com, or trionworlds.custhelp.com (our support center). To be safe we recommend copying and pasting the link from the email to your browser. Another indicator of a fraudulent email is poor grammar and misspellings. We do our best to write properly.
Should you discover your account has been compromised change your password immediately and contact Customer Support. While we are constantly expanding our CS team and working to respond to appeals as quickly as possible there may still be a significant wait and we are grateful for your patience and understanding while we assist others in queue before you.
We’re constantly working to improve account security and are looking into providing free authenticators you can use on your iPhone and Android phones as well as via text message in the future.
Thank you for your continued vigilance. We are committed to account security and want everyone to enjoy the game and will continue act swiftly against those who seek to disrupt your experience.
Please use this thread to discuss your questions or concerns and help us by passing the information on to your friends and fellow players across the game.