GAME SECURITY

It is now second nature to most people to lock their houses when they go out. In contrast, most people are shockingly careless about security on the Internet. Yet the damage that a malicious person can do to your game character if he or she gets to know your account details is immense.

It's your responsibility

These notes about security are for your benefit. The security of your account is YOUR responsibility.

If your account does get hacked, if a hacker trashes your game character or steals your account completely, we assume it's because of your carelessness. And we won't do anything to sort the problems out.

Sounds harsh? Well, it's exactly the same as if you accidentally die dead-dead in Fed. We won't reinstate you, whether the death was caused by you being careless or stupid, or was just an unfortunate accident - or even a deliberate attempt to kill you by another player.

Protect yourself

So what can you do to protect yourself from hackers?

Actually, quite a lot. Remember that unless he actually breaks into your house and looks at your computer, a hacker cannot "steal" your password from you. He can't read your mind, either. But he can make an educated guess, and he can trick you into giving him the password, sometimes without you even realizing.

So here is a run down of the precautions you should take to keep your account safe.

Don't let them guess

When you choose a password, don't use something easy to guess, like your name, or your game character name. How about this for something easy to guess... character Zebedee has an account ID of Zebedee and a password of Zebedee. What could be simpler for someone else to guess?

The most common things people pick for passwords are PASSWORD, SECRET and GOD. Don't pick anything that obvious or you are asking for trouble.

Ideally you should choose something that is not a recognized word or name. For example, take two unconnected words and join them together to make your password, like SOCKBUZZ or CLOWNDOG. Or use a word with some numbers in it, such as PLANT222 or SOCK5BUZZ.

Don't tell your best friend

Never tell anyone else your password. Never! Not even your best friend. If you tell a secret to your best friend, you are also telling it to his or her other friends, and the friends of all those friends...

To quote one of Hazed's favorite authors: "Two people can keep a secret, if one of them is dead". The only way to keep something secret is not to tell anyone at all, ever.

Suppose your best friend gets careless and lets slip what your password is to someone else?

Suppose you and your best friend have a row and for revenge he or she decides to trash your game character?

Once you tell somebody else, it's no longer a secret, and your account is no longer secure.

Don't share accounts

We know that in the past it's been fashionable for a group of players to all know each other's account IDs and passwords, and to swap the accounts around. But this is a terrible security risk!

Suppose one member of the group falls out with the rest - think of the damage he or she can do.

It's just not worth the risk.

If someone asks - report them!

Nobody from ibgames will ever ask you for your password. So if someone does ask you, even if they claim to have an official reason - don't believe them! Report them to us immediately by sending mail to feedback@ibgames.com.

You wouldn't hand over the keys to your car to a perfect stranger just because they asked you to, so don't hand over your password either.

Don't give anyone your program files

If you use a front-end program which logs you onto a game automatically, then that program will store your account ID and password somewhere in its files. If you give someone else a copy of the program files, they'll may be able to find out your ID and password, or use the file to log onto Fed with your account.

If you use FedTerm to play Fed2, the information is stored in a file called INIT.XML.

If you use ZMud in any game, the information is stored in a file called MUDCHAR.DAT.

Don't ever give these files to anyone else.

There is no legitimate reason for anyone to ask for these files. If someone does ask you to send them any of these files, report them to us.

Be careful with auto-logon triggers

If your front-end handles automatic logon using triggers, then check it very carefully to make sure it won't send off the account ID and password in response to messages from other players in the game.

All the versions of FedTerm are safe. They will only send the information during the actual logon process and cannot be tricked into sending it any other time.

But if you are using a general game front-end, such as ZMud, you may be at risk. It is safer to logon manually and type your password in each time, than risk someone else triggering the mechanism in such a way as to make it visible in the game.

Beware of bogus web sites

Don't ever type your Fed2 account ID or password on any web site. The only place you need it is to log into the game itself. There is nowhere on the ibgames web site that asks for your account details - if you find any other web site that asks for your account ID or password, report it to us immediately.

Beware of strange programs

If someone emails you a program, don't run the program unless you are sure you can trust the person who sent it, and you know what it is supposed to do.

Be suspicious. Paranoid, even. Apart from the danger of viruses that might do damage to your computer, the program might be a password sniffer that waits until you log onto Fed2, detects the ID and password you type in, and then mails them off to someone else.