Security Update Discussion

First Riot Post
Comment below rating threshold, click here to show it.

Saphire

Junior Member

08-21-2013

My boyfriend had actually received and email notifying him that riot got hacked and some of his account info may be compromised, but i received nothing in my emails to do with the hack does that mean my account information is safe or not?


Comment below rating threshold, click here to show it.

Cladoselache

Junior Member

08-21-2013

Quote:
Originally Posted by Saphire View Post
My boyfriend had actually received and email notifying him that riot got hacked and some of his account info may be compromised, but i received nothing in my emails to do with the hack does that mean my account information is safe or not?
That depends on when you first bought RP. They say that the info was stolen from back in July of 2011.


Comment below rating threshold, click here to show it.

AtroloTenri

This user has referred a friend to League of Legends, click for more information

Junior Member

08-21-2013

Holy ****, I'm getting the spinning wheel after confirming my new password on the mandatory password reset page. It's been well over 15 minutes of just the spinning wheel. COME ON NOW!

DO SOMETHING! It's driving me insane. I can't use my old password because the client simply takes me to the page. ARGH!!!! Gangplank is mad @.@


Comment below rating threshold, click here to show it.

Wixvhen

This user has referred a friend to League of Legends, click for more information

Junior Member

08-21-2013

Okay, apparently my old password of 999SPARTANS isn't good because it had 3 nines, but 2 and 4 nines was okay... This kinda pisses me off. I apologize, but it's absolutely absurd...

Note: Not my actual password, just using it as an example from a conversation I had with somebody earlier.


Comment below rating threshold, click here to show it.

Veruco

Associate Product Manager

08-21-2013
10 of 13 Riot Posts

Quote:
Originally Posted by Eludeasaurus View Post
why does the password changer take 17 Numbers/letters before it will say its ok? im not going to memorize this. =|
Passwords must be between 8 and 30 characters long, contain at least 1 number, contain no slashes or spaces, and must not be easily guessable. Now, "not easily guessable" is what seems to be tripping up a lot of people so I'll try to provide a bit more detail into what this means.

Account thieves are very good at guessing passwords because most people tend to use the same password for multiple websites and use a predictable word and letter combinations (i.e. password1 or sunshine5). This means your account information can be stolen on one website, but then potentially used on another. For this reason, the password strength meter detects if a password is 'instantly crackable' by checking if you are using a word from a list which hackers have used in the past to steal other accounts. If a word in your password appears in this list, then it drastically reduces the strength. Strong passwords are unique to the person using them, but hard for someone else (or a machine) to guess.

Example of a weak password:
sunshine1989

Example of a strong password:
correcthorsebatterystaple5


Comment below rating threshold, click here to show it.

Zerglinator

Senior Member

08-21-2013

Quote:
Originally Posted by Veruco View Post
Example of a strong passwords:
correcthorsebatterystaple5
Well not since XKCD used it


Comment below rating threshold, click here to show it.

falkenjeff

Senior Member

08-21-2013

Quote:
Originally Posted by Zerglinator View Post
Well not since XKCD used it
he needs to add a symbol and capital as well


Comment below rating threshold, click here to show it.

Frosthaven

Senior Member

08-21-2013

I guess my only real question on the matter is this:

How long do you expect it to take to shut access off to the game servers from the offending parties?


Comment below rating threshold, click here to show it.

IonDragonX

Senior Member

08-21-2013

Quote:
Originally Posted by Veruco View Post
Passwords must be between 8 and 30 characters long, contain at least 1 number, contain no slashes or spaces, and must not be easily guessable. Now, "not easily guessable" is what seems to be tripping up a lot of people so I'll try to provide a bit more detail into what this means.
Account thieves are very good at guessing passwords because most people tend to use the same password for multiple websites and use a predictable word and letter combinations (i.e. password1 or sunshine5). This means your account information can be stolen on one website, but then potentially used on another. For this reason, the password strength meter detects if a password is 'instantly crackable' by checking if you are using a word from a list which hackers have used in the past to steal other accounts. If a word in your password appears in this list, then it drastically reduces the strength. Strong passwords are unique to the person using them, but hard for someone else (or a machine) to guess.

Example of a weak password:
sunshine1989

Example of a strong password:
correcthorsebatterystaple5
How to make good passwords:

http://xkcd.com/936/

Name:  password_strength.jpg
Views: 792
Size:  179.3 KB


Comment below rating threshold, click here to show it.

Desaro

Junior Member

08-21-2013

Verco when is riot going to get around to letting us know why we can't get into our accounts after we changed passwords.