Mandatory Password Change is Coming

by Martin Kerstein on January 31, 2013

Guild Wars 2

Account security is a very important topic for us. As ArenaNet president Mike O’Brien mentioned in this article on account security, one of the ways we protect your account is by creating a blacklist of passwords that have been used in the past by hackers to scan for accounts. As this blacklist has been very successful for protecting newly created accounts, we have asked all our existing customers to change their passwords.

In fact, for those customers with passwords chosen before the introduction of blacklisting, we have displayed a red banner in the launcher for the past three months, encouraging (but not requiring) a password change. Starting on February 7, 2013, we will change it to a requirement.

Thus, if you are still using a password that was chosen before the introduction of password blacklisting on September 12, 2012, you will need to choose a new password.

Of course, there’s no advantage in waiting until February 7. If you have an older password, please visit the account management site and change it today.

“If you have an older password, please visit the account management site and change it today.”

When you change your password, the system won’t allow you to pick your previous password, or any password that we’ve seen tested against any existing or non-existent account. Thus, after changing your password, you’ll be confident that your new password is unique within Guild Wars 2. However, your password only stays unique if you then don’t use it for other games and web sites, so please, if you value the security of your account, use your password exclusively for Guild Wars 2.

We will roll out the mandatory password change over time, so you might not be asked immediately on February 7 to change yours. Regardless, now is a good time to choose a new, unique password.

If you have trouble thinking of a new unique password, now that millions of possible passwords are blacklisted, we advise you to build a password out of four random words, as shown in this comic strip. Use a password like “correct horse battery staple.”  As the comic strip calculates, even if everyone selects their words from the same 2,000 most common words, that’s still 16 trillion possible passwords.

So remember: keep it secret, keep it safe, and we’ll see you in-game!