Since there was no feedback topic about this

i really don't want to create a negative topic, but i know most of my members don't read the forum, this announcement should have been given through ingame mail

I just got an email from them too, and was wondering if it was a phishing attempt. Without any official confirmation from Ubisoft, people will have doubts.

Are people with facebook logins safe?

I just got an email from them too, and was wondering if it was a phishing attempt. Without any official confirmation from Ubisoft, people will have doubts.

Are people with facebook logins safe?

Are they ever?
Come on, it is farcebook. ;)

i log in with [ facebook ] and have had no such emails or issues logging in ever.
so yes, i assume [ facebook ] users are ok and not suffering the same issues as folk who log in with their Uplay ID

Get your head out of the sand, dude, all details have been hacked and they didn't bother to announce it on the login page at all. Instead of posting a working link to fix passwords all we got is some opaque post in the forums. If the security breach is indeed serious, post it on login BB, not celebrate.

Seems to indeed true and not a fishing mail. A dutch internetwebsite has it on it's frontpage (http://tweakers.net/nieuws/90038/hackers-maken-persoonsgegevens-buit-op-ubisoft-website.html).

Go here (https://secure.ubi.com/register/ForgotPwd.aspx?genomeId=5b61fa9f-305b-422b-aa3a-0efcf8370dec&lang=en-US&nexturl=http://www.uplay.com) to change password.

Its very true read this and i agree it would have taken nothing for TSO to post on the login screen

http://nakedsecurity.sophos.com/2013/07/03/ubisoft-customers-told-change-your-passwords-now/

Hello guys, we were specifically instructed to only post on the forum.

Hope you understand.

Best

BB_Dantesama

Hello guys, we were specifically instructed to only post on the forum.

Hope you understand.

Best

BB_Dantesama

i do, but doesn't mean i agree and there's only little i can say about it or risk a ban :p
anyway, i appreciate the reply :)

Hello guys, we were specifically instructed to only post on the forum.

Hope you understand.

Best

BB_Dantesama

You can't post on the front page news which is in the international press !!!

Yep my google account got hacked.

Unfortunately, the change password process is very broken, until UBI get their act together and take note of the problems there, it's very unlikely you'll be able to change it.
Site keeps claiming that cookies are disabled, when they are not, getting stuck in loops, and some of those that appeared to be successful now cannot login with either the 'new' or old passwords. :(

I don't understand. Anno online (also ubisoft) had the kindness to prompt with an ingame message..

Unfortunately, the change password process is very broken, until UBI get their act together and take note of the problems there, it's very unlikely you'll be able to change it.
Site keeps claiming that cookies are disabled, when they are not, getting stuck in loops, and some of those that appeared to be successful now cannot login with either the 'new' or old passwords. :(

This seems to work now Nogbad (a little late)....I changed all 3 of mine easily this morning.

Had tried and failed since the announcement.

I did receive email about servers being hacked and need to change password. The email had links it suggested I click to change my password. To be honest I had no clue about authenticity of the email at first. Only fishing scammers are sending emails with links to pages to input your email and password in. It is utter stupidity and utter foolishness to click those links. So I did not click in the email anything.

I did log in onto https tso page, using ssl connection like always. From there I changed my password. Twice even I did so, just to be sure. I received even emails from settlers-online, that I did indeed change my password TWICE. I was thinking, issue fixed. I was wrong.

Today I log in into anno-online and settlers-online with my spanking fresh password and what is happening... _AFTER_ I log in, I am instantly being hammered by named "Ubisoft" popup fishing for my account details and various confirmations. Hey, I just logged in, so why this fishy page is asking me dumbly for my email address? Right? The only way to skip this annoyance is to open new winder and https into game again. Now logged in ofc. Then close the fishy "Ubisoft" page. Highly annoying, so I wrote support they have server hacked open and popup fishing for email and password shows up _AFTER_ I logged in.

So my question is: How many times I need to change my password? And why changing password do not remove the strange fishing account detail popup named "Ubisoft"?

Still a weird thing that after I change my password I get after a successful log in a weird Ubisoft page fishing for my email. Strange! Don't Blue Byte already have my email? What I need Ubisoft email fisher for? To change my password like 10th gazillion time? Didn't I log in with my email address already? I would believe BB already has my email address, right?

Logging in with my new password has been trouble free so far, for both TSO & Anno-online.....However,in TSO I still have all those mails we received back in March/April sent by Ubisoft that they were changing the login system.

I can't delete them and contacted support to ask them to do it....I was told they can't as they were sent by Ubisoft...not BB.

Coupled to the information in this topic http://forum.thesettlersonline.com/threads/24664-Happy-hour it just proves to me that BB/Ubisoft aren't fit to run games servers.

I'm off but I know I won't be missed by BB as I had already stopped spending real money because of the way they behave

I wasn't explained why this pwd change was needed, only that it was needed.

I assume Ubisoft once again messed something up and their servers got hacked, or something. And they don't want to admit it too openly.

BB openly announced that their password database had been compromised, that is why you've been prompted to reset your password.

Indeed. So I changed my password. Then I changed again. Just to be sure. I never used any links in any of my emails. For security reasons a big no no no. Just usual https with ssl to the game server and changed in there.

Why then I am after every successful login harassed with Ubisoft page inquiring me to tell them my email? Does it make sense? I logged in. They already have my email. Right?

To me it looks like Ubisoft is fishing my account details! I wrote ticket already to support about this fishing Ubisoft page. Ubisoft wants my email, then they better ask politely BB for it :D

... What's going on, seriously. I don't know what my password is, I've tried all the passwords that I've used with TSO and failed (which is one of three), yet somehow Ubisoft/BB let me log into my account anyways, without my password.


Mad security guys, keep up the good work.


P.S. can I have my password back please, the reset password links aren't coming through to the e-mail address that you guys have on database, and can people not be let to log into my account without the actual password? Cheers BB

Should you be unable to access your account please send an email to account.support@thesettlersonline.com, however you appear to be logged into the forum okay?

Yeah - without the need of my password, just answering a couple of captchas. What's that all about? Our accounts must be as safe as safes.

Lol.