ProfessionalKO | Lv. 72 USKO 1298/1453 Farm-PK | OFFICIAL: 15.12.2023 at 22:00 UTC+3

[deadhealer1]

It was an unfortunate incident that happened

I understand that this was unfortunate, but guess how many times i hear word '' Grobar hacked us'' and from how many servers? This is too old to be naive to believe that this will not happen to next new server. This was too predictable... people just believe and hope that this wont happen to their server.... but guess what, it always will.

If you have some foolproof method for preventing accounts from being 'hacked' via this method (Grobar's database or others), I'd really love to hear it.
The only suggestion I have on that front is 2-factor auth (which the older client doesn't support, and even if it did players will likely opt-out of using).

Until then, I think some of you need to chill out and stop trying to trivialise problems that aren't trivial at all.

I dont know maybe I dont understand something or anything at all. However what Nicos did after all the hacking were just first half of true foolproof method. Which I assume that he changed everyone's password, and told them to change into a new better stronger password under new policy. This is not client work, this is all website/panel work.

Steps:
User Press *register*
User Enters his *information*
User Enters his *email* which has to be 100% true.
Webserver sends email to users account with random password
The website generate for user a random password into the database
User wants to set up different password
Panel request validation by sending request on to your email.
Request is numbered code or Link which is better
*Warning in big red letters not to use same password from other servers*
User Changes the password with strong password policy (1 Capital, 1 number, 1 symbol, 9 total)
User successfully changes his/her password.
User Wants to change secret ID(must go through validation of email, same as with password change)
Same thing for any other information on request of change.


Only after that all, you can blame the users. This is only a simple sketch... Nobody will persuaded me that this is not possible, because this is all website work.

{PS} Maybe for a small server, this is hard because it involves a lot of coding, but for server like you have Nicos, this should have been done.

[Kallop]

As a person who did not get hacked, I'd say it's around 50% the users' fault and 50% of the abuser's fault. Take away one factor and the problem disappears. But yeah well, most people blaming nikos for this issue seem like jealous server owners, so their opinions can be disregarded.

That being said, the hacking wasn't a big deal. I would like to have some kind of evidence of the hacker though. Just for the sake of the forum user base and to try avoid users from getting caught in a similar situation in the future.

[LEJ]

Eh, i dont know about u being the most succesfull 1299servers , im playing proko aswell , and i didnt have the fun that I had when I played either Knight imperia ( long time ago though ) , or Zonemyko.
Lack of admins paying attention to the server,making it even more attractive. I know what I would do if I had a server with 300~avg players online

[Jamm1n]

I can tell only one thing that really matters and it should end the argument about all this hacking.

The fault that led to people getting hacked is not Players fault. The fault is totally on the Administration of the server. How many servers were opened since first "Grobar Hacking"? Can anybody answer this? Damn right! Everyone knows that if you are in the " Private server community" You are joining to a server, you are joining to server when you know nothing about trust of the owner of the server. If we are smart enough to open servers and such... every Admin that puts him self into Category ''professional'' must know that Resetting everyone password by Administration will is a fucking must!. Otherwise you will get what we have now.

It is Administration fault that players from beginning were offered a weak password policy and nothing were changed until "you got bit by the balls". We are all smart people here, well most, so please don't tell me that you weren't expecting this to happen. You knew 100% that this day coming and you knew that you will blame players for not changing their passwords.

You know why there is laws? Why there is rules in our world. So when people cant protect themselves from themselves a law steps in. If we went by "Players fault" in real life then there would be a situation when somebody gets into a car accident and it was ''his fault'' for not wearing a seat belt(when there is no seat belt law).

As much as there are laws, there has to be laws in your server and you must protect players from themselves if you are trying to lead a successful server. On the other hand, if you are milking the money out of people knowing the server will die sooner or later, this is not professional and I want everyone to understand it.
So please take the responsibility for this, the owner ... and stop this absurd.



ps; when im reffering to 'you' Im reffering to Administration of the server.

If leave my house open, and someone goes in to steal... is the police to blame ? No.

If leave my car keys inside my car, and someone steals it... is the car maker to blame ? Maybe the dalership who sold it to me ? Maybe the security guard ? No.

Anyone getting hacked because they re use their account information have no one else but themselves to blame.

Perhaps Nikos could have taken steps to save people from their own stupidity. But make no mistake, on 2017, if you are using same info for more than 1 internet service you are setting yourself up to get hacked. Specially on private gaming servers... which is 100% not regulated by anything in the grand scheme of things.

[UltimatePvP]

You have prevented this, but you wrote: "I like coding only when it is necessary "


Its not your fault my opinion, but you could have prevented it in more detail

[SexyLittleAnimal]

It's funny how everyone seems to be such an expert on these forums yet rarely anyone actually contributes to the player base xD

To each his own, his server, his responsibility.

[DoomBringer]

Ooh drama how i have missed you
Remember, grobar will kill us all

[nickos3]

Funny fact that none of the server owners who replied in here (except twostars, whom I thank for suggesting this) have done any changes on their own servers to force players make use of stronger passwords only. Yet they're here to get some attention about their upcoming servers, like, are players blind and cannot take a look on your server via Private Servers section already ?

And as it has already been mentioned, stronger passwords do not fully prevent others to hack your players. So your arguments are off.

It's partially our fault but actions have been taken and answers have been given

http://www.gamers4life.com/forums/f1...ml#post3291072
http://www.gamers4life.com/forums/f1...ml#post3291078
http://www.gamers4life.com/forums/f1...ml#post3291079
http://www.gamers4life.com/forums/f1...ml#post3291080 (kinda in a sarcastic way )
http://www.gamers4life.com/forums/f1...ml#post3291089
http://www.gamers4life.com/forums/f1...ml#post3291100

Now, good luck on your own server projects but please GTFO.

[SteVeO]

After all, it's an interesting debate. (@SexyLittleAnimal I'm no expert in private server just giving some feedback (It's not because you don't play football that you can't share your opinions about football, and point of having a forum is debating)

I would like to share my own professional experience about crisis matter.
I'm working as a project manager and i hate to deal with problem i didn't prevent. I think we all did

As the person in charge when a problem happen, i NEVER blame my team and ABSOLUTELY NOT the customers.

1. We (as a team) take the blame no matter what, and we adjust our communication to help the customers as much as possible
2. We fix the problem asap
3. We try to figure out how we could prevent this kind of problem to happen.
4. We explain our customers how we dealt with the problem and what is our action plan to prevent this issue to happen again

Taking this case with hindsight, my feedback are :

1) Such case could have been prevent ?
Based on the history of this community, i do think so.

2) What action could have prevent such case to happen ?
Suggestion topic about account security was a good step but obviously not enough.
@Deadhealer suggestion is interesting i think he got it right

3) How was the team management communication during the issue ?
Bad at first by blaming users -victim-, I don't see any reasons to call the users stupid, it's destructive
Then something change and it was much better by helping fixing, and answering questions.

4) What was the action provided by the team management to fix and prevent this issue ?
Perfect answer with :
- Helping users who got scammed
- Forcing users to change password and alert the users about account security

Great job after all.

Anyway you will grow up as a person by seeing your mistakes and your success

Back to the topic there is still an amazing community willing to help the server grow as much as possible.
We as loyal users are looking forward to check our topic suggestion, i believe we can provide some great ideas.

Regards,

STEVEO

[UltimatePvP]

Funny fact that none of the server owners who replied in here (except twostars, whom I thank for suggesting this) have done any changes on their own servers to force players make use of stronger passwords only. Yet they're here to get some attention about their upcoming servers, like, are players blind and cannot take a look on your server via Private Servers section already ?

And as it has already been mentioned, stronger passwords do not fully prevent others to hack your players. So your arguments are off.

It's partially our fault but actions have been taken and answers have been given

http://www.gamers4life.com/forums/f1...ml#post3291072
http://www.gamers4life.com/forums/f1...ml#post3291078
http://www.gamers4life.com/forums/f1...ml#post3291079
http://www.gamers4life.com/forums/f1...ml#post3291080 (kinda in a sarcastic way )
http://www.gamers4life.com/forums/f1...ml#post3291089
http://www.gamers4life.com/forums/f1...ml#post3291100

Now, good luck on your own server projects but please GTFO.

are you afraid of something ? calm down.

[Breezy123]

He isn’t afraid of anything, just doesn’t want server owners blaming him for something when it wasn’t his fault lol and not too mention the amount of hypocrisy regarding the security proposals... no other server has done that other than maybe Apex and some Turkish servers, that is it.

[SkyHunter]

yeah nikos is absolutely right, not much you can do if people re-use the same passwords and user IDs on every server in 2017

all random server owners that are dead or opening soon and just want to make fun of him when none of them do it themselves LUL

and even if your server did have "strong" requirements for passwords with certain letters and shit, what's stopping someone from still using that same "strong" password multiple times?

[nickos3]

Thanks to Parasite for live streaming whenever he's online and special thanks for live streaming kill the GM event !
His channel can be found here https://www.twitch.tv/xplifs

Less than 2 weeks left until our mini expansion!

[TheWarrior]

i always use same password with every single private server.. but i did different username every server i played

[EnesGulsev1m]

good server go go go.