But the whole incident got me thinking about how much time they waste fixing hacked accounts. Being married to a web programmer, I spent much of my restoration period discussing security. It became very obvious to me that there's no guaranteed way to secure internet connected computers. Hackers can now install their crap on your system through PDF files and even images on web pages. This is a scary prospect to me. Despite practicing web safety we can still get hit through technologies we generally consider benign. And the hackers are constantly adapting to stay one step ahead of us.
The problem for us as WoW players is that our game is being targeted. As soon as Blizzard comes up with a new security measure, hackers cook up a scheme to break it. My husband shot down every brilliant idea I had by explaining how a hacker would work around the new hurdle. Instead of playing the hackers' game, why not try changing the playing field? Instead of trying to keep hackers out of our account, perhaps we just make it harder for them to take the goodies they find. If they know they can't make off with our stuff, they might stop trying to get at our accounts. I suspect it's an easier task for Blizzard to control how things work inside the game than trying to control Internet security on 11 million user systems.
Five years ago when WoW first came out, it was a different scene than it is today. I recall one of the developers saying that juggling bag/bank space was a sort of mini-game in it's own right. With the new threats to our items and our gold, I think it's time to reconsider that philosophy. Real criminals are targeting our virtual stuff and we probably need to do a better job of protecting it. Unfortunately, players don't have a way to do that without developers giving us the tools. Even if hackers get in, maybe we can prevent them from pillaging our hard-earned items. Here are some ideas I have for ways to secure our items in the game:
Make Our Bank Secure
I would like to see our bank become a true vault. It should be a place where we secure items we don't need to carry on our person. We would be able to put our excess cash there and know that it's locked down. To do this, bank access should have it's own password. It should also require a second authenticator code. This would thwart keyloggers since they would have no way to grab this second layer of information from us while spoofing us out of the system. Guild banks also need this extra layer of protection from officer accounts that get hacked. Sometimes our guild suffers just as much as the victim if the compromised account had bank access. I'm sure guild leaders would willingly password sections of the guild bank if it protected them from hacked officer accounts.
End the Mailbox Shuffle
Our bank needs to have enough room to store our items so we aren't force to carry extra stuff around with us or store it on alts. If we had enough space to store the items we collect, there would be less need to swap items back and forth. We'd be able to keep the bulk of our items in the vault, where it would be harder for hackers to take. Plus it would be easier to spot nefarious item swapping if you got rid of the noise of our current inventory juggling games.
Improve Crafting Mechanisms
Another key change that I think would eliminate a lot of problems is to adopt a new person-to-person crafting mechanism. All tradeskills should function more like Enchanting does, where the crafter and the buyer do not exchange goods. The buyer would put all the required ingredients into the crafting window. The crafter would select the proper recipe, hit the "Create" button and the buyer would get a finished item in their bag. Eliminating legitimate reasons to make large trades between characters will make it easier to police black market activities. In addition, this would protect players from small time scammers and save GMs from having to intervene in a trade gone bad.
Put a Cap on Major Transfers
A big change that I would seriously consider adopting is a cap on how much gold (or equivalent goods) can change accounts. I'm sure Blizzard already tracks what items are worth for game balance purposes. This would involve blocking any trades that go over a certain maximum. In other words - I can't just give you 5000 gold. I can sell you something worth 5000 gold and you can pay me for it, but we would be blocked from making grossly imbalanced trades across accounts. This could be a cap of say 1000g. Or it could be a password-protected transaction like bank access. On the very rare occasion that you legitimately want to give your spouse or friend a really nice item (like a crafted epic), you would just have to provide your bank password and a fresh authenticator number to verify the transfer. In fact, this would hamper gold buying as well as gold selling since receiving a large amount of money from another account could become a red flag activity.
I'm sure most WoW users would accept these types of limitations if it meant that account hackings were drastically reduced. It's not often that the average player would even be affected by some of these changes. And if hackers were no longer getting easy access to our stuff, it would remove their motivation to keep trying.
Let's face it, we're all affected by hacking even if we're not the target. Our guild bank gets cleaned out on a regular basis. Our friends don't show up for raids because all their gear is gone. Sometimes we have to help them gear back up. It won't be long before we can't even trust our own add-ons because hackers use them as a way to get onto our computer. GMs take longer and longer to handle legitimate requests because so much manpower is devoted to dealing with hacked accounts. Even if you think it doesn't affect you - it does. All those things you wish Blizzard would add to the game to make your experience better? That manpower is sucked away from real issues to handle the constant stream of hackers tapping into our game and bleeding it dry.