Nas is definitely looking into getting the lost stuff back, but it'll be tricky since much of it was sold, or given away, etc. I can't say how this will all end, but the lesson is: don't have a weak password.

edit: but if you want to help identify what was lost, and you were affected, PM nas in naschat with the details.

_________________
Returning/Existing Player? Trouble logging in? Click here |~| New player Gil guide |~| More Troubleshooting

Well that's interesting. Guess Nas does have a leak somewhere or it's easy to brute force because to many people are losing access to their accounts. Lost both of mine and brother got his stolen too. All accounts had good passwords.

>good password
>easy to brute force

pick 1

_________________

If your password is a word and one or a few numbers, it's not good. That's the most common password format of all time.

_________________
Returning/Existing Player? Trouble logging in? Click here |~| New player Gil guide |~| More Troubleshooting

Mine wasn't It was moderately difficult but at only 9 characters, it was just a matter of time.

Personally, I'm a software engineer irl and deal with security stuff daily. Sure, I should have had a password longer than 9 (semi-random) characters in hindsight. But where I was most at fault, I think, was being naive when I created my account, thinking: "it's a small, private server, nobody's going to be hacking." This was well before there were even 7 or 800 people online at peak time. Lesson learned!

Having said that, "fault" isn't quite the right term. It is natural for some to jump all over those who were hacked with assumptions and accusations, but it's not right. Nas himself wasn't thinking anybody was going to take the time to brute force passwords when he made the account page or he would have put in the protections then.

In unprotected brute force attacks, it's literally just a matter of time before breaking in. They do pretty amazing things with GPUs these days.

I'm just happy Nas implemented the brute force protection so quickly after this.

Just realised, together with gil items were stolen too.. Striders, Chato staff at the very least...

_________________
Work Hard. Play Harder.

Per Nas on FB: "To the 300+ people who had a password of asdf, 1234, a, 1, or password, it has been changed and you must change it to something else on the account site. Come on, people..."

_________________
Mur - Tarutaru - Windurst

Murdock from Siren Server
Twitch
Siren Roll Call~!
Siren Server Community FB Group - Formerly known as sirenffxi.com

i hope they get their whole body cut off. Just a dick.

Lol asdf 1234 a 1 password

$5 says the ddoser picked up another toy.