Accounts Stolen

Just create a 6 digit PIN system for trading, item drops, mail, AH etc or simply when selecting a character you have to enter your PIN and it will prevent theft.

I don't think the development team and you should suffer for someone elses mistakes. It will slow down even further the development of the game and the release of new content. It's their own mistake, they should pay the consequences. The only idea that comes to my mind at least, if you can trace the items and just ban the people who it was transfered to if it doesn't take too much time.

Quote from Waris

Just create a 6 digit PIN system for trading, item drops, mail, AH etc or simply when selecting a character you have to enter your PIN and it will prevent theft.

Yeah that works too but can also add verification system where you req app to confirm its you basically like what steam did abit too much work to put in but in overall the best secured way to feel safe

Downfall it require abit time to trade but that's how it usually supposed to mean

Best of the best solution

Every mmo private server ya guys play on change username email and password from every server to keep yourself risk free

Quote from Verdant

This isn't a terrible idea, it's a form of multifactor auth. The problem is a lot of players are just going to enter 123456 for the pin, and still get their stuff compromised because it's a pain to remember.

then it's people's problem that they create such easy PIN

I would recommend moving loging with credentials from the client to the Launcher and making requirement to enter authentication PIN when new login is made from a new IP.

Authentication PIN could be sent via email or made like recovery key generated in website's account settings (automatically for new accounts, generating to existing accounts).

Or just notifying user by email if new connection is made from a new IP giving time to respond.

Problem for using email would be for all the alt accounts with different emails (and perhaps not all remember their credentials).

Issue for using generated recovery key is that some people will lose it and will require somehow recover account.

Also adding an option for enabling/disabling authentication key request for logging on account would be nice.

TLDR: requesting to enter generated KEY for a new IP login + always notify user via email if there is a new IP connection even if its disabled for account.

P.S. who else remember when DBOG went open source and Esdeath notified people to use different credentials when creating accounts on new servers for such matter

Quote from Verdant

We already banned those responsible. We're just trying to figure out what to do about the players who lost stuff.

Offer them a one time compensation, similar to dbour reward. Should give them a boost to start over.

Quote from Verdant

Guys, I am not asking for advice on security or multifactor auth, and pin numbers are not going to solve this issue. We are asking for feedback on how to help players who have had their items stolen, or whether to help them at all.

I like the suggestion of the one time compensation. It could be equal to what they had lost, similarly with the DBOGUR reward. Ask for proof they had these items if needed, and offer the exact amount they lost or zeni in replacement of the items. It could be left up to the person hacked if they want the items or the zeni.

Honestly, this situation is such a mess.

On one hand: I think the players shouldn't be awarded their items back because it teaches them a lesson not to go off and play other servers so carelessly.

On the other hand: I do think if there is enough proof that their accounts were compromised then I do think that they deserve a second chance. But at the same time, bans in DBO are easily avoidable, so there is every chance the perpetrator who compromised their accounts would come back. They've essentially set up a disguised 'private server' but it seems their true motive was to fish for players information.

This is why I'm a big advocate for not joining other private servers. Players shouldn't so openly join other servers, and this is exactly why people like flexarot shouldn't be given such attention in the community as a content creator because they just give all these useless servers attention, and casual players who watch his streams follow suit thinking all private servers are the same and all leaders of such servers can be trusted. They cannot.

This game is dragon ball online - no matter where you go. You aren't going to join some magical fairy land with Level 80, TMQ 9, more dungeons, pvp, pve, new classes and new skills (ultra instinict). These casual players really need to learn this lesson.

Just play DBO G everyone, and trust in Verdant. If you go off playing other servers, then don't come crying because you tried finding an undiscovered DBO utopia. DBO G is as good as it gets.