[Govt of eBelgium] Account Security Recommendations (Security PIN)
eBelgian Presidency
Account Security Recommendations (Security PIN)
Things to Watch Out For
Account hijackers have several common methods of attack, most of which rely upon misinformation or deception. Your account cannot be stolen if you follow these recommendations and refrain from sharing your account.
Watch out for these activities:
Requests for login and password information
Deny requests for login and password information from other users. Do not share your account login information with anyone. No external site will ask for your login information to join. External site administrators do not need your eRepublik account information. Only exception are approved external national forums that use the eRepublik API to sign in. We will provide an official list in the following days.
Unsolicited messages from "eRepublik Support" (Phishing Scams)
Ignore unsolicited private messages from "eRepublik support" unless the message originates from the "admin" account - http://www.erepublik.com/en/citizen/profile/2 - the messages from this official account have a YELLOW background in your Inbox. Do not send your password or SECURITY PIN to anyone.
Malicious programs in downloads
It is common for executable (.EXE) files, dynamic link libraries (.DLL files), and batch (.BAT) files being offered as parts of "useful scripts" to contain malicious software designed to steal eRepublik account login information. Hacks are another very common source of malicious programs.
General Security Recommendations
In addition to selecting a strong password, it is a good idea to maintain the security of your system in the following ways:
Select a Strong Password
A strong password is a necessary first step toward ensuring the security of your account. Your password should meet all of the minimum requirements listed below:
* Use at least 6 characters
* Use a combination of uppercase and lowercase letters.
* Include at least one number within the password
Do not use a name, a word that could be found in the dictionary, or a series of letters as it appears on the keyboard ("qwerty" and "12345" are not secure passwords).
Scan your computer
Regularly scan your computer for viruses, key loggers, spyware, and other malicious code with a virus scan utility that has the most recent virus definitions.
Avoid insecure computers
Avoid accessing your erepublik account from internet cafes or shared computers - if you must use an internet cafe or shared computer, make sure it has been scanned for viruses, trojans, and keyloggers.
Always log out of your account on shared computers.
If the computer you use to access eRepublik has multiple users, be sure to fully Exit (log out of) eRepublik when you are done using the machine (if the "Remember Password" option is checked or if erepublik is minimized to the Windows system tray but not fully Exited another user may be able to access your account).
Important:
Report Hijackings and Suspicious Activities
If another user requests your account information, please access the Contact Page and post a ticket to the Game support department, topic: Lost Account and we will assist you immediately.
Security PIN Project - Useful information
Security PIN = 4 numerical characters PIN, generated automatically, from your Edit Profile page:
http://www.erepublik.com/en/citizen/pin
The security PIN is optional (if you do not generate it, your eRepublik experience will not change).
If you generate it, please note it down on a piece of paper (it cannot be changed) - you will be asked to introduce it before using sensitive modules from eRepublik (e.g. Monetary Market, sell company, downgrade company, etc.).
Regarding how often you are required to introduce it - only ONCE per every eRepublik session! (e.g. logging out from eRepublik should delete your session - thus making your account secure)
Source :
http://forum.erepublik.com/showthread.php/105909-Account-Security-Recommendations-%28Security-PIN%29
For our citizens who have more questions about it, i invite them to read the linked forum thread where the admins have already answered to a bunch of questions...
L’Union fait la force ! Eendracht maakt macht ! Einigkeit macht stark !
The Goverment of eBelgium.
Comments
Voted
Gov organizations should NOT get a PIN as this would mean that those who created the PIN will always have final access to the org even if not in the gov anymore.
^Should be voted on by Congress
Aldous warned us of such markings. That we will all be numbers...are his prophecies coming true?
Voted.
[removed]
Some people really put huge efforts to steal passwords...
[removed]
@aVegan
False, to have access to an org, you need a password, not a pin code.
The pin code is usefull to go on special pages, like Monetary Market, or for downgrading companies.
The pin code is not replacing the password. It's important to understand that... 🙂