Stumpokapow
listen to the mad man
Unfortunately for a lot of us, even primarily Mac/iOS users, we're going to have an office computer or something that runs Windows and we're going to need a cross-platform solution. :/
-
Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.
Ubisoft security incident [Update your uPlay password]
- Thread starter benny_a
- Start date
Unfortunately for a lot of us, even primarily Mac/iOS users, we're going to have an office computer or something that runs Windows and we're going to need a cross-platform solution. :/
StevePharma
Member
Thanks for explaining. I'll check out what I need to do.
CrunchinJelly
formerly cjelly
I'm getting sick of receiving these kind of e-mails on what seems like a fortnightly basis.
I knew I should've jumped on 1Password when they had a sale on a few weeks back. I'm gonna give iCloud Keychain a try for now.
I knew I should've jumped on 1Password when they had a sale on a few weeks back. I'm gonna give iCloud Keychain a try for now.
Crazymoogle
Member
I'm using 1password after using Keepass for what, 10 years?
1password
+ Awesome iPhone and OSX apps. Windows app is good though nowhere near the slickness
+ Native dropbox support for your password database
+ Can create USB key export as needed
+ Awesome password generation and auto-fill options to promote using strong passwords
- Expensive; now that the sale is over it's $18 on iOS and $50 on OSX, though there's an OSX+W9X combo deal.
KeePass
+ Free, vaguely recall it being open source
+ KeePassX runs off of USB keys without any install required
+ Very strong; can generate passwords, require both a key file AND a password
+ Tiny and not resource intensive in any way
- No browser integration or dropbox; that stuff is up to you.
- Any phone apps that exist are 3rd party
Bottom line; 1pass was great at the sale price (50% off) but is really expensive right now. KeePass gives you mostly the same experience and it costs nothing.
1password
+ Awesome iPhone and OSX apps. Windows app is good though nowhere near the slickness
+ Native dropbox support for your password database
+ Can create USB key export as needed
+ Awesome password generation and auto-fill options to promote using strong passwords
- Expensive; now that the sale is over it's $18 on iOS and $50 on OSX, though there's an OSX+W9X combo deal.
KeePass
+ Free, vaguely recall it being open source
+ KeePassX runs off of USB keys without any install required
+ Very strong; can generate passwords, require both a key file AND a password
+ Tiny and not resource intensive in any way
- No browser integration or dropbox; that stuff is up to you.
- Any phone apps that exist are 3rd party
Bottom line; 1pass was great at the sale price (50% off) but is really expensive right now. KeePass gives you mostly the same experience and it costs nothing.
What kind of percentages are we talking about?
Felix Lighter
Member
I use Keypass on Windows, iOS and OSX but the current state of the OSX support is a little lacking (a new updated client is currently in development, I'm using a beta) . The iOS app is pretty terrific though and the Chrome Windows plugin that works with the standard windows client is perfect.
Crazymoogle
Member
Last two sales were end of May and end of January.
rbanke
Member
It was 50% off 2 weeks ago.
Photolysis
Banned
If everyone starts using password managers to remember their essentially uncrackable passwords, then hackers are going to change their methods accordingly. And no system is perfect. The very nature of password managers is a glaring weakness by making all your passwords protected by a single password.
It's like authenticators. When they're not widespread, they offer good protection because attackers go after the low-hanging fruit instead. When everyone has to use one there's a huge incentive to attack it, and that's precisely what you see.
Further, you can't make blanket statements like "that's not going to happen". Previously secure algorithms do get broken from time to time. Or sometimes bugs in the software implementation present weaknesses. Anyone who knows anything about the matter will find this to be nothing new.
There are a lot of intelligent and dedicated people out there interested in breaking these systems, and as a result many people spend a lot of time, effort, and money trying to stop them. Security and complacency do not go hand in hand.
I got an E-mail as well. I forgot that I had even signed up for Uplay. I'm guessing it must have been to play Driver -San Fransisco for the 360 I think. I thought it was odd that I had to make a Ubisoft account in addition to my 360 Gamertag to play that one. I dislike all these different accounts being forced down our throats to play games that shouldn't even need them.
equippedwithtowel
Member
Site isn't loading on mobile. Fuck, I'm 99% sure I share uplay at least with origin and gog.
At least no cc stuff I guess.
At least no cc stuff I guess.
FunkyPajamas
Member
Ugh, Uplay, what a terrible idea it is.
"I heard you like to login when you login so we added some logins to your logins".
It can't be worse than the Konami thing to try MGO though.
Rickenslacker
Banned
Glad all these publishers add their own account service to their games for all the added value of my passwords to be stolen.
That's my problem, I do a ton of mobile log-ins... So what ? I must choose between unsecured and using a probably shitty browser on ios ? The question has been bugging me for a few months but this new hack is really trying my patience with password security.
Maybe I could still use my passwords and just use a manager for sensible stuff that I don't browse on mobile, but that doesn't strike me as ideal.
fargofallout
Member
Goddammit Ubisoft, if you had just let me play Far Cry 3 on Steam without requiring me to create a worthless Uplay account, this wouldn't be a problem.
Oh well. They'd never crack my password anyway since it's a long string of gibberish created by LastPass.
Oh well. They'd never crack my password anyway since it's a long string of gibberish created by LastPass.
StevePharma
Member
Alright seems console only Uplay users get the email too, since it just showed up in my inbox
billy beane
Banned
Fuck uPlay.
Yeah. This blows.
the security breach doesn't piss me off nearly as much as not being able to log-in to change my password
Corronchilejano
Member
Awesome. Don't have UPlay installed here and I can't access the website either.
At least my CCs are overdraft.
At least my CCs are overdraft.
Apple has an iCloud Control panel for Windows as well, and I believe their plan is to have the functionality on Windows as well through it (and likely Safari). But I'm not 100% certain on that part yet.
almostheathen
Member
I Wonder what my Ubi password even is, I guess now is a good time to change it.
I've used LastPass for over a year now and I've been very pleased with it.
phosphor112
Banned
So... where can I change my password? Lol... I can't access the page to change it.
YuriLowell
Member
What if I never used a CC on Uplay?
Someone gets to play my copy of AC3.
Masochist.
Someone gets to play my copy of AC3.
Masochist.
need4speed
Banned
I'm having the same problem, I think the uplay servers are getting hammered right now. It shows in the top right "There is a problem connecting to a Uplay service, We will restore connection as soon as possible"
EDIT: Go into Offline mode and all your games should be there.
Mavromatis
Member
Seems like you can't unless you get the specific e-mail with a specific link to change your password only.
Thank you for creating this thread fellow GAFfer.
I changed my Password, not sure what else I can do.
Last week I Logged in on Uplay to check those points you get for playing Ubisoft titles and decided to spend some and get a Theme from Assassins Creed 3 for the PS3.
Changing our Password is all we can do now, right?
I changed my Password, not sure what else I can do.
Last week I Logged in on Uplay to check those points you get for playing Ubisoft titles and decided to spend some and get a Theme from Assassins Creed 3 for the PS3.
Changing our Password is all we can do now, right?
Those of you saying that you're 'excited' for an all digital future are you saying that you use the same password for every website and service? Surely that's asking for trouble if a leak occurs. Do you also use the same email address to register an account for social and sales related sites?
It may seam like a hassle having a different password for every site and multiple email addresses but it's a lot easier to manage than having to go change every single set of credentials if just one company is either unfortunate or happens to be careless.
It may seam like a hassle having a different password for every site and multiple email addresses but it's a lot easier to manage than having to go change every single set of credentials if just one company is either unfortunate or happens to be careless.
AngelsDontBurn
Banned
sakipon
Member
My only link to Ubisoft is via Wii U (uPlay app). I assume this does not effect such users? I can't remember if one had to create any passwords or such. Admittedly I haven't received any mail yet.
Though I remember the app suggested I should login on the website in order to finish my avatar or something.
Though I remember the app suggested I should login on the website in order to finish my avatar or something.
phosphor112
Banned
Lame. Ok, thanks.
LonelyGreyWolf
Banned
Ugh, I'm a member on like a million websites (obvious exaggeration). I don't remember which password I use where; Firefox remembers that for me. Dammit, Ubisoft. What a pain.
Willy Wanka
my god this avatar owns
I'm pretty sure this will be the second time I've had to change my Ubisoft password because of a security breach. Didn't they also have some kind of security problem relating to uPlay DRM last summer too?