Useful post on Reddit today: http://www.reddit.com/r/Guildwars2/comments/11zzng/earn_5_personalized_trick_or_treat_bags_for_the/

These should be per-character, so you can probably change characters to get even more of them…and the first few being in Lion’s Arch and early Queensdale, characters levels 2-80 are able to go hunting.

Happy Hunting!

Edit: the nodes in Lion’s Arch have been removed in today’s update.

IGN have a guide up for the Mad King Scavenger Hunt here: http://www.guildwarsinsider.com/gw2-halloween-the-great-scavenger-hunt/

ArenaNet have now released 2-factor authentication for beta testing (using Google Authenticator).

If you wish to add this to your account for improved security, some warnings first:

1. THIS IS STILL IN BETA: there are already a few reported issues on the forums (particularly in relation to scanning the QR Code to set it up).
2. If you already use the Google Authenticator app for other logins (e.g. email, etc), DO NOT SCAN THE QR CODE at the moment – set it up manually. The Scanned QR Code is currently REPLACING THE SECRET on ALL other authentication tokens, which could lock you out of your other accounts.
3. It supposedly is working fine when entered as a new account to the Google Authenticator manually rather than through scanning the QR code.
4. This IS NOT COMPATIBLE with the “-nopatchui” command line option. You MUST be able to see the login/patch screen to be able to enter the current 6-digit authentication code, which means that if you enable this you will likely lose the ability to (reliably) see the mumble overlay. Given a choice, I personally prefer the increased security ;). If you do not remove the “-nopatchui” from the command line, you will end up with the black screen prior to character selection as currently happens when you try to log in when the login server is down and will be unable to load further.

Having said that, the instructions to set this up are available at the official forums:
Beta Feature: Mobile 2-Factor Authentication

The issues thread. This is worth a skim read first to see what – if any – issues people are having.
Bug Report Thread for 2 Factor Authentication

Links for getting an authenticator program on your phone:

• For iOS, Android, Blackberry, see: http://support.google.com/accounts/bin/answer.py?hl=en&answer=1066447 (ignore the “SMS/Voice Setup” paragraph prior to the links).
• For other phones/platforms, see the wikipedia page: http://en.wikipedia.org/wiki/Google_Authenticator.

I’ve added the code to my accounts, and forum/website seems to be working properly with it. I’ll test game login tonight when I get home ;).

Hi everyone,

We’re currently trying to put together parties for doing the Twilight Arbor dungeon explorable mode on Friday (or Saturday) evening. This dungeon needs characters level 55 or above for the Explorable modes – and people need to have done the Story mode first to be able to do the Explorables.

So to facilitate unlocking Explorable mode for people that haven’t done Story Mode yet, we’re gathering sign-ups of people that need the Story Mode dungeon and people who’d be willing to redo it to help guild members through.

Story Mode sign-ups: Event – Twilight Arbor: Story Mode
Explorable Mode sign-ups: Event – Twilight Arbor: Explorable Mode

If we can’t fill a party for Friday night for Explorable Mode, it’ll probably be shifted to Sat night instead. If that happens, we can also do the Story Mode version Friday night/Saturday during the day to unlock it for people needing it.

Ok, this is WELL worth reading in full: https://www.guildwars2.com/en/news/mike-obrien-on-account-security/

I’ll summarize it here:

1. ArenaNet are going to add the ability to use the Google Authenticator (does NOT require a gmail account to be able to use it) to account logins. They expect to have this available in about 2 weeks. They were originally going to do their own, but since the Google one is already well supported on multiple platforms and already well tested, in the interests of getting 2-factor authentication as fast as possible they’re dropping their own and moving to the Google Auth.
   

   We know customers also want a native implementation of two-factor authentication, and we want it too. This is an area where we should act faster as a company, and we’re going to. We had our own homegrown implementation of smartphone two-factor authenticator in testing, but we’re going to pull it back and instead integrate Guild Wars 2 with Google Authenticator, which already has robust authenticator implementations on most major smartphone platforms. We expect to roll this out in the next two weeks.

2. ArenaNet have evidence from logs that the people trying to break into GW2 accounts are using email+password lists obtained elsewhere (fan sites, the BattleNet hack a month or so ago, Steam forum hack a year or so ago, etc). Most of those combinations don’t have any account associated with the password, many of them used “good” passwords, but some of those lists are turning up matches and when they do…account is exposed. Unfortunately, a lot of these exposed accounts ALSO used the same password for their email account too, so the hacker was then able to log into the player’s email account to click the link in the email to authenticate their login…
   

   So keep in mind, if you ever see an unexpected email asking you to validate a login attempt from a location where you’re not playing from, that means a hacker already knows your account name and password!

3. ALL passwords used in those email+password hack attempts are being added to a blacklist, so that they cannot be used by any Guild Wars account in future. This doesn’t affect existing accounts.
   

   The rate of account hacking was about 1.5% for accounts created before this blacklist was in place, and is about 0.1% for accounts created after.

4. ArenaNet are requesting that people change their GW1/GW2 password now to a unique one for their account. When they do, the back-end will ensure that the new password is NOT currently one already listed on the blacklist, and will add the OLD password for the account to the blacklist so that it cannot be reused. Since you can use up to 100 characters in a guild wars password now, they’re suggesting using a full passphrase (with punctuation) when you create a new password.
   

   This all leads to the following request. All existing customers, please change your password. When you change it, the system won’t allow you to pick your previous password, or any password that we’ve seen tested against any existing or non-existent account. Thus, after changing your password, you’ll be confident that your new password is unique within Guild Wars 2.

Please DO go and read the article. They’re not just blaming users (you used an easily guessed password, you had a key logger, etc – that stuff that has often been said in the past), but are looking at the situation reasonably and doing what they can to minimize risk both to your GW accounts AND to other accounts you may own.

Database Breaches

We’ve seen some players theorize that hacked accounts were due to a Guild Wars database breach. We have very strict blocks in place to keep network attacks from reaching our customer databases, and a team constantly monitoring for any signs of intrusion, and we’re confident that there has been no such breach.

We take security very seriously. Perhaps you can tell from this blog post. And of all the things we protect at ArenaNet, we protect our customers’ data most of all.

Companies like Blizzard and Valve presumably also had a commitment to security, yet they ultimately suffered breaches of their account databases. One day will we become such a target that a hack attempt will finally overwhelm our defenses?

If that ever were to happen, we’d be up-front with you about it, and we’d take immediate steps to ensure that it didn’t lead to widespread account hacking. And here’s something else to think about. Because we’re requiring all Guild Wars 2 players to use unique passwords for Guild Wars 2, there’s actually nothing a hacker can steal from Guild Wars 2 to help attack other games or web sites. Using unique passwords benefits you both ways. In general, making a commitment to use a unique password for each account you care about is the best way to protect yourself, not only from being hacked today, but also from being hacked as the result of any future security breach of any company you deal with.

http://www.reddit.com/r/Guildwars2/comments/103a4x/for_the_love_of_kittens_hold_off_on_completing/

The 5 loot bags you get as a reward for the final story line quest are currently bugged – usually giving level 20-50 blues and greens (which for level 80 is pretty poor). It has been confirmed that this was NOT intended by ArenaNet, so hold off on opening those rewards for the moment until it is fixed. (Maybe even hold off on completing the story mission in case they change from loot bags to something else in fixing this).

They’ve worked out the recipes/ingredients required for legendary weapons, and have screenshots of most of them.

In GW1 terms, the work involved in getting these look to be a combination of getting GWAMM, Obsidian Armor, and a Tormented Weapon. So they’re definitely long-term goals if you’re interested in one.

Link to Thread with recipes: http://www.guildwars2guru.com/news/780-the-recipe-for-crafting-your-legendary-including-screenshots/

(more…)

Hi everyone,

We’ve got boosts for increased Magic Find and improved Gathering planned to be active this weekend – see the event planner for details.

We’ve now unlocked:

• all the long-term (24h-72h) Economy guild boosts
• the second build queue
• the Guild Emblem (not yet designed)
• the Guild Armourer
• the long-term general (24h) PvE/PvP influence boosts

We’ll try to keep the main boosts active over the course of each weekend since that’s when the majority of people are able to log in, with an occasional mid-week boost (we ran the Magic Find boost during the week for most of this week) when we have the influence to afford it.

The next things planned are:

• Guild bank (50 slot shared bank space for all guild members) – needs 1000 influence
• Guild weaponsmith (can get weapon skins with the guild emblem on them) – needs 5000 influence for Politics 3 + 1000 influence for the Weapons Contract.

Anyone have anything in particular they’d like to see built/unlocked that hasn’t been mentioned, please do let us know.

In terms of gaining influence, we appear to receive:

• 10 influence per character that is representing the guild that logs in each day (even if they only log in and then back out again!) – we managed to have “33 members logged in” a few days ago even though there’s only 18 actual members in the guild roster, hence why I believe it’s per character. This added up to 330 influence just for people logging in ;).
• 2 influence per event completed by a character
• 20 influence when 2 guild members complete the same event together, or complete a storyline quest together

For those using iOS devices (ipod/iphone/ipad), IGN have released a free iOS app with interactive maps, wiki links, etc for GW2.

http://itunes.apple.com/us/app/ign-app-for-gw2/id524755911?mt=8