Jump to content
  • Sign Up

Passwords wiped?

Recommended Posts

I tried the "forgot my password" link for the forums, and that worked. However, I tried it for my game account, and it still doesn't work.

Curiously, my game account didn't prompt me for two-factor authentication, but the forums did.

Also, the Wiki doesn't seem to have a problem.

Link to comment
Share on other sites

This goes from bad to worse. I used the web interface to change my password, apparently successfully.

But, neither the new nor the old password works now. Plus, I can't change my password again.

So, I went back to the email they sent, and it didn't say my password changed. It said I should follow the link to "activate my … account". Activate? I was in the account just a few hours earlier.

And, why am I not getting requests for a code from my phone when I change passwords?

I think they've got a major security breach going on, and they don't know it.

Link to comment
Share on other sites


Go there and log in, click on security and it will show you all the IPs that have logged into your account, see if any of them are strange ( usually out of country ), if you can login there you can also change your account passwords from there,

Other than that you will need to contact support directly for help with this.

Link to comment
Share on other sites

I tried that for the PW change. I can log in, but I can't change my password. It won't accept either my old or my new password once I get to the change password interface.

I DID change it earlier today from that same page. When I did, I should have received both a 2FA code on my phone, and an email announcing that I changed it (and, if it wasn't me, blah, blah). But, I got neither.

Looking at the IP addresses, they're all from my metropolitan area. The one in use right now matches my Internet-facing gateway. The others are probably old.

Link to comment
Share on other sites

@"Randulf.7614" said:If there was a major security breach, the forums and social media would be overrun with posters calling out the issue. I would be communicating via a ticket to support immediately if you haven't already

Already done: #6910922.

I don't agree that they would be overrun by now. This tends to be a low-tide timeframe.

But, it wouldn't matter. This would be an initial probing of whatever tools the hacker is using. So, I would expect only a handful of accounts would be affected at this point.

The key points in my estimation of "major" security issue are that no email was sent and 2FA wasn't used. Those are automatic, so why didn't they go out. The only possible answers (there are dozens I can think of) all lie inside the company's infrastructure or man-in-the-middle attacks.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...