Hi everybody,
I am just here to address the concerns of save codes. The use of save codes in another game (seen here: https://www.reddit.com/r/EndlessFrontier/comments/774wzi/it_seems_there_is_someone_who_can_log_in_to/) %C2%A0)
Several top players from multiple servers have already been illegitimately banned by the automated system Ekkorr has in place, and several other accounts have been logged in to and toyed with. I.E.: Spending gems/honor on useless stuff as well as changing player info.
At the risk of being personally targeted, I think this information should be made available to the broader community, in hopes of getting it fixed sooner rather than later.
As for who they wish to target: He may simply need a user’s game name. There is another theory that they can log in to any account on which they click the user data of, in game, which gets them the player’s account ID. Obviously they could target specific players if they already know their username whether it be a) a top player in the leaderboards/pvp/etc, b) a known player, or c) someone who pisses them off.
So far they seem to be targeting various players in the top 20.
Here is a video “they” apparently posted showing them logging in to the accounts of all top 5 players on server 14.
This is something Ekkorr needs to fix as soon as possible. Anyone is susceptible and there is literally nothing you can do to prevent it except not being a big enough fish to be a target.
Motives are unknown, and no one who has been affected has gotten a response from Ekkorr.
The maintenance unbanned some of those who were wrongly banned. It has not fixed the core issue. New video after the maintenance.
Update: Apparently he is now offering to sell “protection” as well as accounts that have been accessed. This is potentially a game killing situation if ekkorr doesn’t do something. It may even already be too late. The lack of any coherent response is deafening and not at all reassuring.
I’m concerned about this happening in Neo Monsters. The use of save codes is a really insecure means of account protection as they are unchangeable, and brute forceable. We should either be able to create a username and password system or some other form of 2 factor authentication.
Does anybody agree?