Passwords.

[Lincoln.]

I'm sorry but players are not to be blamed here. No one advised them to change their passwords after the 2 weeks ago breach. Carbon himself was breached in the process, everyone trusted tge security of server thus no one thought of changing their passwords, this thing should have been thought by the developers not the playere themselves.

Well said.

[jovanca]

I'm sorry but players are not to be blamed here. No one advised them to change their passwords after the 2 weeks ago breach. Carbon himself was breached in the process, everyone trusted tge security of server thus no one thought of changing their passwords, this thing should have been thought by the developers not the playere themselves.

I am pretty sure people were advised to change their passwords.

[Kacper_Gorski]

I am pretty sure people were advised to change their passwords.

Its common sense to change your own password(s) tbh

[RuCa]

Alright.

First of all I am not blaming anyone for not changing the passwords. I just said what we think that caused the breach at this time, but while we are digging we could find other causes. It could be either a SQL injection or any similar attack.
I am follow the principle that you should be informed all the times of what is happening and I will keep doing it.

About the security, we can't make a anti cheat in 1 day. Either a anti cheat wouldn't stop this. The risk should be mitigated but it wasn't, our fault. We are now following it and we will only launch the server once again when we are sure we mitigated it. The risk will not go away and you are aware of it.

[Cyd Parker]

Alright.

First of all I am not blaming anyone for not changing the passwords. I just said what we think that caused the breach at this time, but while we are digging we could find other causes. It could be either a SQL injection or any similar attack.
I am follow the principle that you should be informed all the times of what is happening and I will keep doing it.

About the security, we can't make a anti cheat in 1 day. Either a anti cheat wouldn't stop this. The risk should be mitigated but it wasn't, our fault. We are now following it and we will only launch the server once again when we are sure we mitigated it. The risk will not go away and you are aware of it.

We understand man, Take your time we will appreciate if you will find the root. Just we are complaining about is, Gaming experience is been ruined.. Take your required time and launch the server back once you are fully sure that server won't be messed up again..
Thanks..

[Kacper_Gorski]

Alright.

First of all I am not blaming anyone for not changing the passwords. I just said what we think that caused the breach at this time, but while we are digging we could find other causes. It could be either a SQL injection or any similar attack.
I am follow the principle that you should be informed all the times of what is happening and I will keep doing it.

About the security, we can't make a anti cheat in 1 day. Either a anti cheat wouldn't stop this. The risk should be mitigated but it wasn't, our fault. We are now following it and we will only launch the server once again when we are sure we mitigated it. The risk will not go away and you are aware of it.

Take your time, we want the server safer than not ;P

[Norrage]

I'm sorry but players are not to be blamed here. No one advised them to change their passwords after the 2 weeks ago breach. Carbon himself was breached in the process, everyone trusted tge security of server thus no one thought of changing their passwords, this thing should have been thought by the developers not the playere themselves.

I suggest everyone to change their passwords.

Common sense really.

[Hidduh]

Isn't passwords encrypted in the DB? :0

They are, and no they're not encrypted with MD5 or SHA1.

I'm sorry but players are not to be blamed here. No one advised them to change their passwords after the 2 weeks ago breach. Carbon himself was breached in the process, everyone trusted tge security of server thus no one thought of changing their passwords, this thing should have been thought by the developers not the playere themselves.

It's called common sense. Why would someone continue to keep using the same password if they know someone else may know it? It's like continuing to use the same key to your safe holding all your valuables even though you know someone stole it right out of your pocket.

[Hidduh]

If people will,start asking if they are banned or no ill personally ban them when server comes back.

lmao

[Ziad]

Alright.

First of all I am not blaming anyone for not changing the passwords. I just said what we think that caused the breach at this time, but while we are digging we could find other causes. It could be either a SQL injection or any similar attack.
I am follow the principle that you should be informed all the times of what is happening and I will keep doing it.

About the security, we can't make a anti cheat in 1 day. Either a anti cheat wouldn't stop this. The risk should be mitigated but it wasn't, our fault. We are now following it and we will only launch the server once again when we are sure we mitigated it. The risk will not go away and you are aware of it.

Hey Fred i can help tho! contact me anytime!

They are, and no they're not encrypted with MD5 or SHA1.

It's called common sense. Why would someone continue to keep using the same password if they know someone else may know it? It's like continuing to use the same key to your safe holding all your valuables even though you know someone stole it right out of your pocket.

i though the same why not use SHA256 to hash the passwords :o

[Khm]

Common sense really.

They are, and no they're not encrypted with MD5 or SHA1.

It's called common sense. Why would someone continue to keep using the same password if they know someone else may know it? It's like continuing to use the same key to your safe holding all your valuables even though you know someone stole it right out of your pocket.

Not everyone has common sense and I'm pretty sure someone said that passwords were safe in some topic.
For now it's being worked in and as FredericK mentioned all players will be forced to change their passwords so it's just a matter of time now.

[Mr. Goobii]

Whirlepool? :-)

[Hidduh]

i though the same why not use SHA256 to hash the passwords :o

If you don't use at least SHA256 in 2017 you deserve to be shot in the head.

[Hammer_]

They shouldn't resign if they do Argo will be more dead.

[_Sticky_]

They shouldn't resign if they do Argo will be more dead.

Atleast the Argonathians will be saved.