So there's a few points here, and none of them should be taken as light heartedly as they are.
1. So Ahnald's account was 'mistakenly passively hacked' and he also related an incident where he found himself in another's account. Appearing in another's account with no explanation why, doesn't sound like a facebook password issue to me. I also very much doubt that Ahnald takes the security of his account lightly.
2. What course of action do any of us take in a situation like this? It's scary how little we can or could do. There seems to be no way of getting past the totally inept in game EA support and reach out to CG itself.
3. Nothing against Ultra, the guy was spamming. However, a little empathy people. This guy had a large, old account taken from him. That's very sad. If it were any of us, you'd try anything to get it back.
4. I hope CG and this guy can make contact and sort something out. It doesn't matter who is at fault, some sort of resolution is possible without costing anybody any money.
So there's a few points here, and none of them should be taken as light heartedly as they are.
1. So Ahnald's account was 'mistakenly passively hacked' and he also related an incident where he found himself in another's account. Appearing in another's account with no explanation why, doesn't sound like a facebook password issue to me. I also very much doubt that Ahnald takes the security of his account lightly.
.
Because it's not only a Facebook issue.
Every device gets some kind of code or ID that correlates to the guest account.
If you use an emulator there is a bug that might create a device code/ID that is the same as someone else's and enables you to enter their account as a guest. This is why some people randomly find themselves in other people's accounts.
Trying to blame this on passwords when there is ample evidence the keys to these accounts can be given out completely at random... It's very disturbing, especially the complete silence on the issue when it has been around for literally years.
P.S. I will not go into details how it is done, but they don't even have to brute force the passwords. They have other ways.
Yes, there are other ways to crack a password, but they all have the same solution, have a longer, stronger password so that its not feasible for a hacker to crack it via brute-force, or other techniques
The hacks that happen on FB have nothing to do with how good your PW is. They have their methods to crack even very strong passwords.
Yes it does,
The stronger your password, the greater the time it takes for someone to crack your password
Apple just announced in iOS 16 about transitioning to PassKeys, maybe that's the future
No, it doesn't. The bug/exploit is about duplicate device/userID's used to connect to the accounts, and has nothing to do with passwords. This is why emulators using a *guest* account can connect to an existing player's ID. There is no logon involved.
The hacks that happen on FB have nothing to do with how good your PW is. They have their methods to crack even very strong passwords.
Yes it does,
The stronger your password, the greater the time it takes for someone to crack your password
Apple just announced in iOS 16 about transitioning to PassKeys, maybe that's the future
No, it doesn't. The bug/exploit is about duplicate device/userID's used to connect to the accounts, and has nothing to do with passwords. This is why emulators using a *guest* account can connect to an existing player's ID. There is no logon involved.
If you actually followed this thread, you would know the reason for Ahnald's video was a reddit post where the guy's facebook account was hacked, and that account was linked to GOH and that's how he lost the account.
P.S. I will not go into details how it is done, but they don't even have to brute force the passwords. They have other ways.
Yes, there are other ways to crack a password, but they all have the same solution, have a longer, stronger password so that its not feasible for a hacker to crack it via brute-force, or other techniques
Why use the front door if you can use the backdoor or a window?
Using the password would be using the frontdoor...
The hacks that happen on FB have nothing to do with how good your PW is. They have their methods to crack even very strong passwords.
Yes it does,
The stronger your password, the greater the time it takes for someone to crack your password
Apple just announced in iOS 16 about transitioning to PassKeys, maybe that's the future
No, it doesn't. The bug/exploit is about duplicate device/userID's used to connect to the accounts, and has nothing to do with passwords. This is why emulators using a *guest* account can connect to an existing player's ID. There is no logon involved.
If you actually followed this thread, you would know the reason for Ahnald's video was a reddit post where the guy's facebook account was hacked, and that account was linked to GOH and that's how he lost the account.
The device ID thing is completely separate.
But the ID thing *IS* an issue and has nothing to do with passwords. It's an exploit that needs to be closed and addressed, and that *is* what the content of Ahnalds video is about, regardless of * who or why* it was created.
The hacks that happen on FB have nothing to do with how good your PW is. They have their methods to crack even very strong passwords.
Yes it does,
The stronger your password, the greater the time it takes for someone to crack your password
Apple just announced in iOS 16 about transitioning to PassKeys, maybe that's the future
No, it doesn't. The bug/exploit is about duplicate device/userID's used to connect to the accounts, and has nothing to do with passwords. This is why emulators using a *guest* account can connect to an existing player's ID. There is no logon involved.
If you actually followed this thread, you would know the reason for Ahnald's video was a reddit post where the guy's facebook account was hacked, and that account was linked to GOH and that's how he lost the account.
The device ID thing is completely separate.
But the ID thing *IS* an issue and has nothing to do with passwords. It's an exploit that needs to be closed and addressed, and that *is* what the content of Ahnalds video is about, regardless of * who or why* it was created.
Not sure you're paying close enough attention. Sure, the device ID thing is a problem, but it's not really an exploit because there's no way to do it on purpose. It only happens if you use the emulator wrong.
That doesn't change the fact that the issue in this thread and today's Ahnald video is the guy on reddit who lost his GOH account because his facebook account was hacked, not because of an emulator bug.
I assume Ultra is going to come along and delete this and warn me, but hey... I would definitely give it a watch. CG don't seem to care that our accounts can be hacked into and deleted.
Honestly better to post this else where. Too many CG fanboys on their forums.
I am not a fan of CG, but in this case, it is a European regulation (GDPR) stating that you own your personal data, so in the case of a SWGOH account, you have the right to ask for the deletion of your personal data (email linked to a SWGOH profil), that means EA/CG can not keep your personals information without your consent even as a backup so you cannot ask them for an account retrieval.
The hacks that happen on FB have nothing to do with how good your PW is. They have their methods to crack even very strong passwords.
Yes it does,
The stronger your password, the greater the time it takes for someone to crack your password
Apple just announced in iOS 16 about transitioning to PassKeys, maybe that's the future
No, it doesn't. The bug/exploit is about duplicate device/userID's used to connect to the accounts, and has nothing to do with passwords. This is why emulators using a *guest* account can connect to an existing player's ID. There is no logon involved.
If you actually followed this thread, you would know the reason for Ahnald's video was a reddit post where the guy's facebook account was hacked, and that account was linked to GOH and that's how he lost the account.
The device ID thing is completely separate.
But the ID thing *IS* an issue and has nothing to do with passwords. It's an exploit that needs to be closed and addressed, and that *is* what the content of Ahnalds video is about, regardless of * who or why* it was created.
It only happens if you use the emulator wrong.
.
It has nothing to do with using it wrong. How exactly do you use the emulator wrong?
It can happen to anyone using the emulator that they find themselves in someone else's account.
I assume Ultra is going to come along and delete this and warn me, but hey... I would definitely give it a watch. CG don't seem to care that our accounts can be hacked into and deleted.
Maybe don't spam and Ultra won't close your threads. Also maybe don't use weak facebook accounts to get into GOH and then you won't get your game deleted.
Then maybe CG shouldn't have the option to use a FB if it is weak and they know it can be hacked. Or they could make it more secure. Just a thought.
Then maybe the user should have enabled 2FA in Facebook to prevent it from being hacked in the first place. Just a thought.
i dont have a fb account and ive randomly logged into anothers account and have been informed when going to the game that ive logged out of mine before. it aint that bro.
I assume Ultra is going to come along and delete this and warn me, but hey... I would definitely give it a watch. CG don't seem to care that our accounts can be hacked into and deleted.
Maybe don't spam and Ultra won't close your threads. Also maybe don't use weak facebook accounts to get into GOH and then you won't get your game deleted.
Then maybe CG shouldn't have the option to use a FB if it is weak and they know it can be hacked. Or they could make it more secure. Just a thought.
Then maybe the user should have enabled 2FA in Facebook to prevent it from being hacked in the first place. Just a thought.
Sure it's always the user's fault and everyone is supposed to be an expert and not in the hands of the actual company that provides a game to make it secure. Especially when they know about security problems.
You can't blame CG for a user that created a throwaway facebook account with an easy to guess password or reset questions. it's 2022, you don't need to be a security expert to know these things.
yeah...everyone uses password1234 as their password. oh and your cg check is in the mail bro...
Anyone who’s saying “oh yeah sure, blame CG for a weak password etc…” clearly hasn’t watched the video nor understands the root of the issue here. The issue is that you can be randomly logged into a random account and take advantage of the delete feature that CG has added. This has happened to me in the past (account wasn’t deleted) and has happened to several guild mates as well. This Issue IS CG’s problem and there’s no “blame” being thrown here. It’s an issue that exists. Plain and simple.
You’re all more than welcome to believe what you’d like to believe until it happens to you. But the fact that this guy is here simply advising people to watch a video related to an issue that’s kind of a big deal isn’t a justifiable reason to throw insults at him. 🤷♂️
I assume Ultra is going to come along and delete this and warn me, but hey... I would definitely give it a watch. CG don't seem to care that our accounts can be hacked into and deleted.
Maybe don't spam and Ultra won't close your threads. Also maybe don't use weak facebook accounts to get into GOH and then you won't get your game deleted.
Then maybe CG shouldn't have the option to use a FB if it is weak and they know it can be hacked. Or they could make it more secure. Just a thought.
Then maybe the user should have enabled 2FA in Facebook to prevent it from being hacked in the first place. Just a thought.
Sure it's always the user's fault and everyone is supposed to be an expert and not in the hands of the actual company that provides a game to make it secure. Especially when they know about security problems.
You can't blame CG for a user that created a throwaway facebook account with an easy to guess password or reset questions. it's 2022, you don't need to be a security expert to know these things.
Pretty sure your just being ignorant. People are opening their game and out of no where they are into a different account. No facebook involved.
The reddit thread creator (that Ahnald featured in his video) mentioned that his FaceBook account got hacked, and he had his FB account linked to SWGOH
But I guess you were the hacker since you know better than the parties involved?
I’m not just referring to the guy in the video. In fact I myself was going ingame one time and I was in someone else’s account. Even with my Game Center being the same account info that I have always had some how I was in someone else’s account. I closed the app and restarted and was back into my account. No emulator only my iPhone. I don’t know how to repeat the process it was the most random thing I’ve ever seen. The security of this game is really really bad. Even if it is facebooks fault CG chose Facebook to be a way to connect with their game which in my opinion is a horrible mistake. They need to find a different way to port an account over to a new device.
Anyone who’s saying “oh yeah sure, blame CG for a weak password etc…” clearly hasn’t watched the video nor understands the root of the issue here. The issue is that you can be randomly logged into a random account and take advantage of the delete feature that CG has added. This has happened to me in the past (account wasn’t deleted) and has happened to several guild mates as well. This Issue IS CG’s problem and there’s no “blame” being thrown here. It’s an issue that exists. Plain and simple.
You’re all more than welcome to believe what you’d like to believe until it happens to you. But the fact that this guy is here simply advising people to watch a video related to an issue that’s kind of a big deal isn’t a justifiable reason to throw insults at him. 🤷♂️
CG is compelled to include an account deletion feature due to legal laws
Requesting more steps for account deletion, however, is a valid feedback request, but not a problem
I do agree more steps to confirm account deletion wouldn't hurt
I assume Ultra is going to come along and delete this and warn me, but hey... I would definitely give it a watch. CG don't seem to care that our accounts can be hacked into and deleted.
Maybe don't spam and Ultra won't close your threads. Also maybe don't use weak facebook accounts to get into GOH and then you won't get your game deleted.
Then maybe CG shouldn't have the option to use a FB if it is weak and they know it can be hacked. Or they could make it more secure. Just a thought.
Then maybe the user should have enabled 2FA in Facebook to prevent it from being hacked in the first place. Just a thought.
Sure it's always the user's fault and everyone is supposed to be an expert and not in the hands of the actual company that provides a game to make it secure. Especially when they know about security problems.
You can't blame CG for a user that created a throwaway facebook account with an easy to guess password or reset questions. it's 2022, you don't need to be a security expert to know these things.
That isn't even how the hack works. If you don't know what you're talking about you should keep your mouth shut instead of defending a garbage company. You can get into other peoples account completely by accident. It doesn't involve weak passwords or throwaway FB accounts or 2FA or whatever weak justification you are trying to make. This is an issue entirely on CGs end that they apparently know about, but refuse to do anything about or even comment on.
And again, if you've been following the thread, you would know that the problem featured in Ahnald's video was a reddit user whose facebook account was hacked which is how they lost access to their GOH account. Perhaps take your own advice.
That one specific situation yes, but the issue of randomly logging into another persons account is still there and is still a problem yet there isn't a single peep from CG. The issue is bigger than this isolated incident. Everything you mentioned about passwords is totally irrelevant to the far more problematic issue I'm talking about. It just needs to happen to someone who has spent 10s of thousands of dollars on the game for them to actually do something.
I assume Ultra is going to come along and delete this and warn me, but hey... I would definitely give it a watch. CG don't seem to care that our accounts can be hacked into and deleted.
Maybe don't spam and Ultra won't close your threads. Also maybe don't use weak facebook accounts to get into GOH and then you won't get your game deleted.
Then maybe CG shouldn't have the option to use a FB if it is weak and they know it can be hacked. Or they could make it more secure. Just a thought.
Then maybe the user should have enabled 2FA in Facebook to prevent it from being hacked in the first place. Just a thought.
Sure it's always the user's fault and everyone is supposed to be an expert and not in the hands of the actual company that provides a game to make it secure. Especially when they know about security problems.
You can't blame CG for a user that created a throwaway facebook account with an easy to guess password or reset questions. it's 2022, you don't need to be a security expert to know these things.
That isn't even how the hack works. If you don't know what you're talking about you should keep your mouth shut instead of defending a garbage company. You can get into other peoples account completely by accident. It doesn't involve weak passwords or throwaway FB accounts or 2FA or whatever weak justification you are trying to make. This is an issue entirely on CGs end that they apparently know about, but refuse to do anything about or even comment on.
And again, if you've been following the thread, you would know that the problem featured in Ahnald's video was a reddit user whose facebook account was hacked which is how they lost access to their GOH account. Perhaps take your own advice.
That one specific situation yes, but the issue of randomly logging into another persons account is still there and is still a problem yet there isn't a single peep from CG. The issue is bigger than this isolated incident. Everything you mentioned about passwords is totally irrelevant to the far more problematic issue I'm talking about. It just needs to happen to someone who has spent 10s of thousands of dollars on the game for them to actually do something.
The fact that it hasn't happened to a spender indicates it's not a widespread issue at all. You have probably heard of 4 or 5 different instances from Ahnald, and prior to one of his recent videos nobody talked about it for years, and never more than once or twice a year, because of how rare it is.
Also note not once did I say it wasn't a problem or that CG shouldn't fix it. But in very specific reference to this thread about today's Ahnald video that's about a dude whose facebook account was hacked, CG is not at fault.
The fact that it’s even possible for this back door issue to occur isn’t ok. CG has known about this since 2018 and even more recently when it happened to Ahnald last year. They need to fix it as best as they can or at least acknowledge that it’s an issue. On top of that, if someone does have their account deleted there’s no reason why there’s no snapshot of accounts to prevent this kind of issue. Then again they can’t even handle cheaters
Replies
1. So Ahnald's account was 'mistakenly passively hacked' and he also related an incident where he found himself in another's account. Appearing in another's account with no explanation why, doesn't sound like a facebook password issue to me. I also very much doubt that Ahnald takes the security of his account lightly.
2. What course of action do any of us take in a situation like this? It's scary how little we can or could do. There seems to be no way of getting past the totally inept in game EA support and reach out to CG itself.
3. Nothing against Ultra, the guy was spamming. However, a little empathy people. This guy had a large, old account taken from him. That's very sad. If it were any of us, you'd try anything to get it back.
4. I hope CG and this guy can make contact and sort something out. It doesn't matter who is at fault, some sort of resolution is possible without costing anybody any money.
Nuts...just when I thought I was going to actually learn something interesting on this forum.
Because it's not only a Facebook issue.
Every device gets some kind of code or ID that correlates to the guest account.
If you use an emulator there is a bug that might create a device code/ID that is the same as someone else's and enables you to enter their account as a guest. This is why some people randomly find themselves in other people's accounts.
That's not how these forums work 😂
Yes, there are other ways to crack a password, but they all have the same solution, have a longer, stronger password so that its not feasible for a hacker to crack it via brute-force, or other techniques
Hahaha sorry, I don't think it would be wise to openly disclose how to hack accounts.
I am not a hacker btw. I just have experience in programming and had an own game Server for more than 15 years 😉
No, it doesn't. The bug/exploit is about duplicate device/userID's used to connect to the accounts, and has nothing to do with passwords. This is why emulators using a *guest* account can connect to an existing player's ID. There is no logon involved.
If you actually followed this thread, you would know the reason for Ahnald's video was a reddit post where the guy's facebook account was hacked, and that account was linked to GOH and that's how he lost the account.
The device ID thing is completely separate.
Why use the front door if you can use the backdoor or a window?
Using the password would be using the frontdoor...
But the ID thing *IS* an issue and has nothing to do with passwords. It's an exploit that needs to be closed and addressed, and that *is* what the content of Ahnalds video is about, regardless of * who or why* it was created.
Not sure you're paying close enough attention. Sure, the device ID thing is a problem, but it's not really an exploit because there's no way to do it on purpose. It only happens if you use the emulator wrong.
That doesn't change the fact that the issue in this thread and today's Ahnald video is the guy on reddit who lost his GOH account because his facebook account was hacked, not because of an emulator bug.
Honestly better to post this else where. Too many CG fanboys on their forums.
It has nothing to do with using it wrong. How exactly do you use the emulator wrong?
It can happen to anyone using the emulator that they find themselves in someone else's account.
i dont have a fb account and ive randomly logged into anothers account and have been informed when going to the game that ive logged out of mine before. it aint that bro.
yeah...everyone uses password1234 as their password. oh and your cg check is in the mail bro...
You’re all more than welcome to believe what you’d like to believe until it happens to you. But the fact that this guy is here simply advising people to watch a video related to an issue that’s kind of a big deal isn’t a justifiable reason to throw insults at him. 🤷♂️
I’m not just referring to the guy in the video. In fact I myself was going ingame one time and I was in someone else’s account. Even with my Game Center being the same account info that I have always had some how I was in someone else’s account. I closed the app and restarted and was back into my account. No emulator only my iPhone. I don’t know how to repeat the process it was the most random thing I’ve ever seen. The security of this game is really really bad. Even if it is facebooks fault CG chose Facebook to be a way to connect with their game which in my opinion is a horrible mistake. They need to find a different way to port an account over to a new device.
CG is compelled to include an account deletion feature due to legal laws
Requesting more steps for account deletion, however, is a valid feedback request, but not a problem
I do agree more steps to confirm account deletion wouldn't hurt
That one specific situation yes, but the issue of randomly logging into another persons account is still there and is still a problem yet there isn't a single peep from CG. The issue is bigger than this isolated incident. Everything you mentioned about passwords is totally irrelevant to the far more problematic issue I'm talking about. It just needs to happen to someone who has spent 10s of thousands of dollars on the game for them to actually do something.
The fact that it hasn't happened to a spender indicates it's not a widespread issue at all. You have probably heard of 4 or 5 different instances from Ahnald, and prior to one of his recent videos nobody talked about it for years, and never more than once or twice a year, because of how rare it is.
Also note not once did I say it wasn't a problem or that CG shouldn't fix it. But in very specific reference to this thread about today's Ahnald video that's about a dude whose facebook account was hacked, CG is not at fault.
I didnt, it was on the front page, not sure why you needed to do a search.
Congrats though on finding it again