1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

UO Account Security: Tips, Information, and Discussions

Discussion in 'UO Tech' started by Orvago, Aug 16, 2008.

  1. Orvago

    Orvago Stratics' Finest Staff Alumnus

    Ways to protect your UO Account
    1. Use a Strong Password.
      * 8 to 16 characters long consisting of Uppercase, Lowercase, and Numbers.
      * (Example: feq62PLe826k - the maximum number a password is checked for when signing into the game is 16 characters)
      * Use a password checker to make sure you have a 'strong password'. Microsoft's checker is probably the safest. That can be found Here.
    2. Change your Passwords regularly.
      * I suggest changing your passwords once a Month.
    3. Tips for keeping your password secure:
      * Never tell your password to anyone (this includes significant others, roommates, parrots, etc.).
      * Never write your password down.
      * Never send your password by email.
      * Periodically test your current password and change it to a new one.
    4. Use a private E-Mail Address.
      * Do not use this email address at ANY other web sites.
      * Do not give it out to Anyone.
      * Use it ONLY for Ultima Online.
    5. Protect your E-Mail Account too.
      * Use a Strong Password too!
    6. Protect your Account Name.
      * Do not give your Account Name to Anyone except to EA Officials!
    7. Use Caution Entering your Password at Web Sites!
      * Do not enter your Account Name at any site other that UO.com's site.
      * When you go to your Account Management or to the UO Game Code Store, go there Directly and not through any external links in emails or other web sites.
    8. Do not give your Password Out.
      * No one at EA will ask your for your Password in E-Mails, PMs, or any other fashion except for by Phone, and then only when You call them.
    9. Use a Strong Account Name.
      * When creating a New Account, for your Username, use a combination of Letters and Numbers.
    10. Be Cautions when Creating Account and Character Names!
      * Do not use your Real Name as Character Names, Account Names, and do not use your Account Name as Character Names or Account Names at any other Web Sites.
    11. Firewall & Anti-Virus helps to keep you Safe!
      * Keep your Firewall and Anti-Virus Software Up-To-Date!
      * Windows Firewall is NOT enough!
      * If you cannot afford another firewall, go download ZoneAlarm's free Firewall! www.zonealarm.com.
      * If you cannot afford an Anti-Virus Software, go download AVG's Free Anti-Virus: www.grisoft.com.
    12. Do regular Virus Scans!
      * If you think your infected, do NOT enter your password or account name until you are sure you have eliminated the Virus(es)
    13. 3rd-Party Programs.
      * Do not run any 3rd-Party Programs that are not approved. You never know what could be built into said program!
      Check Here for EA's list of Approved 3rd Party Applications.



    • If you have a weak password, change it!
    • If you use your same email address for UO on other web sites, get a new Email Address and change it with UO in your Account Manager.
    • If you have characters named after your Account Name or Real Name, soulstone their skills and delete them, or buy a Name Change Code if you can afford it.

    Please everyone, do NOT trust any site claiming to be Ultima Online that is not *.ea.com - *.uo.com - *.uoherald.com - *.uogamecodes.com


    Please post any other suggestions you have to add to this list and I will update it. As well as add anything else I can think of later on.


    My Request to EA: Allow us to call you guys/gals up and change our Account Names if we have a weak account name or have been compromised in the past. Please!


    This list has been updated on the date & time of the Edit Timestamp. Thanks to everyone who have made and will make suggestions to add to this! Knowledge is the BEST protection!


    - - - - - - - - - - - - - - - - - - -


    Ghost_Writer wrote the following precaution:
    - - - - - - - - - - - - - - - - - - - - - -


    User Sorcon wrote the following:
    Furthermore, a user commented on why we cannot allow this program to be named:
    Yes, I do agree to some extent. However, we feel it is best to not help spread the word of illegal program names so fresh players, who may not know programs are illegal, cannot easily locate them through our site.

    We want to play no part in players finding and using such programs through our site.

    To Echo the last words in the above statement: "but it clearly says if the program isn't on the approved list, you cant use it."

    You may find that list of Approved Programs, HERE


    - - - - - - - - - - - - - - - - - - -


    The following was suggested by user Highball (spell checked and reformatted by Orvago):
  2. Orvago

    Orvago Stratics' Finest Staff Alumnus

    Here is EA/Mythic's "Account Security FAQ" for Ultima Online:

    Part 1 of 2
  3. Orvago

    Orvago Stratics' Finest Staff Alumnus

    Here is EA/Mythic's "Account Security FAQ" for Ultima Online:

    Part 2 of 2
  4. Orvago

    Orvago Stratics' Finest Staff Alumnus

    Below are some comments left by users in the Old Thread.

    Ithilkir wrote:
    Garaba wrote:
    Llewen wrote:
    An update on #5 here:
    Adaware and Spybot are no longer compatible with each other. Running a Spybot scan when Adaware's automatic processes are running may result in erroneous scan results. If you use both of the latest versions of these programs, you will need to shut down ALL of Adaware's running processes completely before loading Spybot Search & Destroy to ensure that your scan results are not misinterpreted.

    Also, see this Knowledge Base article:
    Also, be aware that the two programs called "BulletProof" and "TrekBlue" are illegal hacks of Spybot, as reported in this article:
  5. Orvago

    Orvago Stratics' Finest Staff Alumnus

    Last updated: 08.18.2008

    Helpful Hints to Help Keep Your Accounts and Computer Secure

    Passwords

    • Always use different passwords for forums, paypal, ebay, uo and email.
    • Never use passwords that have anything to do with you or your life, such as the names of family members, pets, birth dates 'etc.
    • Never give your passwords out. Even if you trust someone 110%, your password is only protected as much as their computer is. Even if they are completely trustworthy, it doesn't mean that their computer is secure and you can get hacked that way too.
    • Make passwords alphanumeric and upper/lowercase. Do not use common words. The best passwords are 16 characters long, can not be found in a dictionary, and contain lowercase and uppercase letters and at least one number.
    • Never store your password information on your computer. If you are worried about forgetting it, store it on a piece of paper and keep it in a very secure place. Never put your account information near your computer or in plain sight such as on the wall, on the desk etc - especially if you use a webcam.
    Helpful Password Resources:

    Third-Party Programs, Websites and Files

    • Never download any third-party programs or accept files unless you absolutely, 100% trust the source, especially for UO. This is just asking for someone to hack your UO account or worse. If someone sends you a link, again don't click it unless you trust the source as it can contain harmful items or drive-by downloads.
    Install and Maintain Anti-Virus Software.

    Regularly Remove Spyware from your Computer

    • If you or any other users of your computer regularly surf the internet or download shareware software, chances are you are going to get your fair share of what is called spyware. Spyware is a general term applied to software applications that essentially gather information about your actions and report them back to the company. It is not only an invasion of your privacy, but the running applications can increase lag on your computer and as such, it may effect how smoothly UO runs for you.
    • Make sure the programs you install don't contain adware. Many freeware programs do include adware. It's how the publishers make their money. If you're not sure, read the license agreement carefully (these are usually shown directly or through links as part of the installation process). Also, check the publisher's Web site very carefully. If you're still not sure, search Google Groups for the name of the program and the keywords adware or spyware. If you don't find any postings about it, then you're probably OK.
    • Install a pop-up blocker to prevent adware and spyware pop-up windows. Much spyware installs after you click a deceptive link in a pop-up browser window. Install a pop-up blocker, and you won't even be tempted to click those links. My two favorite pop-up blockers are completely free. The first is the new MSN Toolbar. The second is the Google Toolbar. Pop-up windows are annoying time wasters anyway, so you'll thank yourself later.
    Install and Maintain a Firewall.

    • A firewall helps protect your computer by preventing unauthorized communication to and from your computer while you are connected to the internet. "Port-scanning" is very common and most don't realise that they are even being scanned for weakness or openings in your defense.
    • If you are using Windows XP, there is sometimes a very basic firewall included - but it's not enabled by default. I would strongly recommend a second one as well for added security since Win doesn't check outgoing traffic from your PC.
      • To activate the firewall in Windows XP:
        • - Go to "Start"
        • - Go to "Settings", then "Network connections"
        • - Select your Internet connection
        • - Click on "Properties"
        • - Click on "Advanced"
        • - Check the box in the "Internet Connection Firewall" section
    Helpful Links

    • Firewall Leak Tester
    • Never ever except files from anyone. Offer Several sites to upload pics. "Print Screen" button, open up paint in win, "Ctrl-V" keys to paste the image.
    Do not ignore Operating Systems updates.

    • Everyday unsavory people are looking for loopholes and get access to your computer. The operating system is a critical part of your computer and is the base of operations for the software on your computer. Do not wait for media reports on updates, often times these are delayed. It's wise to check weekly, preferably daily, for updates on the operating system's website for critical security updates.
    Protecting your email.

    • Some viruses can infect your system without you clicking on attachments by executing in the message preview window. Many viruses can cause your sensitive information and documents to be transmitted to millions of people. While the preview window is a handy feature, it's safest to turn it off.
      • To turn off the preview window in Outlook Express:
        • -Select "View" on the Menu Bar
        • - Select "Layout"
        • - Uncheck "Show Preview Pane"
      • To turn off the preview window in Outlook:
        • - Select "View" on the Menu Bar
        • - Select "Preview Pane" if it's not already greyed out
        • - You may need to repeat this for each top level mail folder
    • It is always a good idea to have several emails and preferably a special one you use just for your UO accounts. Remember someone having your email address is the first step they need to getting access to it. If they don't know the email address, they can't attempt to crack your password.
    • Check your email regularly. Some free email services will, without warning, close your email account if it goes inactive for a long period of time. Guess what happens after it is closed. That's right, the name can go back into the choice pool for someone else to choose when they register.
    • Always use all false info when registering a free email such as name, birth date, etc. Any secret questions used for password retrieval.. never put real-life info in them. All it takes is someone getting to know you and asking you where you were born in small talk to get a shot at your secret answer. Make sure your answers are complicated, several words long and nothing to do with the real answer. Find a safe place not on your computer to save this info if you ever need it.
    Helpful Email Resources:




    Safety Tips for Conducting In-Game Business

    1. First and foremost. If someone offers you a trade, gold or $ that is too good to be true.. most likely it is. Scammers will often prey on the greed of their victims in hopes of lulling them into a incautious state with the desire to make such a good deal.
    2. Always Check the Window Contents = No matter how many times the trade window is opened and closed. Do it every single time. Don't feel rushed. If the other party is trying to get you to hurry when you are checking it, don't. Often times scammers will try to pressure you to just click and seal the transaction.
    3. Always ask them to open backpacks to make sure the right items are inside. When possible ask them to take items out of the bag.
    4. Always check items by clicking them and paying attention to the title. There are many rares and such in the came that look similar to common items. Even if you checked it the first time, if the window is closed and you have to reopen it.. check it #2 as well.
    5. Double check the 0's. This can be tricky as they tend the 0's can blend together, especially if you have a lot to look through. If it is a deal for multiple items, try to break the deal down into smaller transactions if you have a hard time with the 0's. With commas now in place, this should be something to worry less about. However, it is always best to double check, for the eyes can play tricks!
    6. Never remove any clothing, wearables, weapons, spellbooks, etc after a trade until you check your item count. Usually you can do this by single clicking on your backpack and seeing how many items you are carrying. The items in your paperdoll, often do *not* apply to your item count. So if you have 125 items in your bag and you take something off, guess what.. it can fall to the ground. It is a common tactic of scammers to attempt this by offering you something to 'try on', asking if they can see something in the trade window from your paperdoll, or asking you to put something on your character so they can see it and thus removing something else to do so. These are usually attempted after a trade, asking you to hold something for them, etc... so please be careful.



    Spoofed Emails and Websites

    Spoofing, also known as phishing (pronounced "fishing"), is a type of deception that attempts to steal your valuable information such as account passwords, credit card numbers, etc. Most commonly this is done via email that attempts to get you to visit a website that resembles the official one. Spoofed emails will play on your insecurities, fears and greed. They will often use certain key phrases or information to coax you into visiting their website. Here are some ways to help identify spoofed emails and keep your information secure.

    • If they ask you to verify your account.
      • Businesses should never ask for your account password via email - this includes UO, Stratics and practically any internet business. If anyone ever asks you to send your account info or visit their website and log in to your account. DO NOT USE THE LINK. Open a new browser and hand-type the url in or call them directly to inquire to the status of your account.

    • Ultima Online Payment and Billing
      • Inside the United States dial: 1-866-543-5435
      • Outside the United States dial: 1-650-628-4306
      • Hours of operation are Monday – Friday 8:00am to 5:00pm PST
    Note: The numbers above are for payment, billing, and general account updates only. All other questions should be addressed on the EA Customer Support Website
    • Some identification tips on spoofed websites.
      • You should never follow an emailed link!
      • For education purposes though... Do not rely on the url in the browser window, that can be faked. Often times, there will not be a small lock indicating the screen is a secure website. Also if you click the properties of the graphics, many times they will not be uploaded on the real domain's servers and thus providing another clue.



    Definitions of Useful Terms

    • Adware - software that displays advertisements on your computer. These are ads that inexplicably pop up on your display screen, even if you're not browsing the Internet. Some companies provide "free" software in exchange for advertising on your display. It's how they make their money.
    • Anti-Virus Software - Protects your computer from viruses that can destroy your data, slow your computer's performance, cause a crash, or allow spammers to send email through your account.
    • AV - See Anti-Virus Software.
    • Cookie - A small data file that is stored on a user's local computer for record-keeping purposes and which contains information about the user that is pertinent to a Web site, such as user preferences.
    • Denial-of-Service (DoS) - An attempt by a malicious (or unwitting) user, process, or system to prevent legitimate users from accessing a resource (usually a network service) by exploiting a weakness or design limitation in an information system. Examples of DoS attacks include flooding network connections, filling disk storage, disabling ports, or removing power.
    • Drive-by Download - Software that installs on your computer without your knowledge when you visit certain websites.
    • Filter - Software that screens information on the Internet and allows the user to block certain kinds of content such as adult sites or pop-ups.
    • Firewall - hardware or software that prevents hackers from using your computer to send out your personal information without your permission.
    • Hacker - someone who exploits security holes in technology for any purpose.
    • Identity Theft - when an unscrupulous person uses your personal information to successfully impersonate you online, by mail, over the telephone, or in person.
    • Keystroke Logger - A device or program that records each keystroke typed on a particular computer.
    • Phishing - (pronounced 'fishing')when Internet fraudsters send emails or pop-up messages to lure personal information (credit card numbers, bank account information, Social Security number, passwords, or other sensitive information) from unsuspecting victims. Alternate name for Spoofing.
    • Spoofing - when Internet fraudsters send emails or pop-up messages to lure personal information (credit card numbers, bank account information, Social Security number, passwords, or other sensitive information) from unsuspecting victims. Alternate name for Phishing (pronounced 'fishing').
    • Spyware - software that sends your personal information to a third party without your permission or knowledge. This can include information about Web sites you visit or something more sensitive like your user name and password. Unscrupulous companies often use this data to send you unsolicited targeted advertisements.
    • Virus - Code written with the express intention of replicating itself. A virus attempts to spread from computer to computer by attaching itself to a host program. It may damage hardware, software, or data.
    • Worm - Self-propagating malicious code that can automatically distribute itself from one computer to another through network connections. A worm can take harmful action, such as consuming network or local system resources, possibly causing a denial of service attack.
  6. Harlequin

    Harlequin Babbling Loonie

    Also be careful of the info you post in forums and social websites like facebook etc. Including screenshots/pictures/videos that may reveal your account name/email/system login name (eg screenie of c:\documents and settings\john doe tells people you are called john doe and that's the first thing hackers try to logon as)

    If you don't want to read all the info above, then just remember 1, the most important rule of all:

    Make it virtually impossible for people to link your email to your UO account

    1) Never use the same email that you registered in your UO accounts page for anything else
    2) Never reveal it on forums, to friends, over icq/facebook etc
    3) Avoid using your name for this email address or choose an easily guessable address. eg my name on the boards - "Harlequin" is in no way connected to my uo account/email. I don't even chars called Harlequin. Harlequin's email addy doesn't have the words Harlequin in it. On top of that, I hide my email addy whenever allowed.

Share This Page