Along with all the account security, what a lot of raiders and guilds think about is not just the hacked toon, but what might happen to the guild bank and/or guild.
We’ve had a string of officers hacked in the past, which meant the guild bank got trashed due to officer permissions. The restrictions are now down to 3 per tab per day, with the obvious exceptions of the food and free for all tabs. The stacks of things have also been decreased, so while it may look dumb to see 6 stacks of 3 Abyss, it’s so you can only grab 9 (3 slots of 3) instead of the whole 18, were they stacked like normal. This leads to less gbank space.
Also, we have guildies who want to contribute expensive and/or valuable items to the guild bank that other members can use, but they don’t want to expose these items to hackers, especially now that the care package offer is more mandatory.
Solutions? Well, we *could* require everyone to get an authenticator. And with the pet that comes (or leaves!) with one, it’s not hard to check. Unless you want to be checking ALL the time. Anyway, we trust people.
Part of the way around this is I think we’ve been utilizing communication and people’s professions. For example, one member of the guild sends me massive amounts of materials for flasks & elixirs, and massive amounts of mats to another guildy for potions, respective to our profession specialities. So the guild bank is some mix of actually decent stuff, the abyss crystals we get from raids, and the junk we all have but don’t want.
But then…my amazing guild leader came up with a brilliant solution.
People who make expensive & valuable things–enchants, epic gem cuts, leatherworking, whatever–can put in a voucher. First, you send to an alt a mail with the instructions on how to complete the voucher. When your alt receives the mail, click on the “make a permanent copy of this letter” icon. This creates an in-game object (virtual physical object?) of the letter, which your alt can go deposit in the correct guild bank tab. Whoever chooses the “Plain Letter” out of the bank can still read the instructions on the Letter, see who it was from, and then get their item. We tested this and confirmed you can put in a letter (it’s not soulbound) and someone else can read it.
The only flaw so far is the copy only gets named “Plain Letter.” So you’d have a bunch of Plain Letters, and restrictions on withdrawals might make it hard to pick on you want. But you could use this to an advantage: a hacker might not be able to get a really awesome item voucher if he’s limited to the 3 stacks and picks the wrong ones. If you get a smart hacker who actually reads the instructions and follows through, then it could possibly be worked around. But most of the hacking has happened in off-hours, so the hacker would have to either mail the item to his account (which nobody would recognize, and therefore not complete) or wait for the guildy to log on and send it to the hacked toon. Since officers regularly check the logs, I don’t think this would happen if we saw too much voucher-grabbing from a certain toon.
What do you suggest for others to keep a good guild bank safe?