Safeguarding Your Guild Bank
March 10, 2010 19 Comments
Here’s a scenario that happens all to often:
Someone from your guild gets hacked, and all of their toons are stripped bare. If that weren’t enough, they took as much stuff from the guild bank as they could as well. The guild is out whatever was stolen, and the players toons are usually left naked and sometimes guildless.
First of all, I feel for anyone who has had their account hacked. I cannot fathom how I would feel if it were to happen to me. I’m pretty good about safeguarding my account, so hopefully it won’t happen to me. The only person other than me that knows my account information is The Mrs and I’m thinking about using the iPhone authenticator as well. Regardless, it does happen, and even with all those safeguards, it could happen to me as well.
Since there’s no 100% sure way to make any account in a guild hacker-proof, it’s usually a good idea to put some safeguards on your bank to minimize the damage from a compromised account. After the break, I’ll share with you exactly how Bucklers of Swash does it. But first, I’m posting this because we’re almost certain that one of our guildies was hacked today. I can’t confirm it yet, but on our forums, one of the members was letting us know:
“she kept logging on and off for an hour or two, wasn’t responding to tells or gchat, put DnD on, etc.”
Again, I can’t confirm that she was hacked, but that’s not typical behaviour for her, and fits the description. I’m hoping that she wasn’t hacked, but I’m worried that she was. If that’s the case, I am truly sad, and hope that she can be restored swiftly.
When we set up our guild bank at first, we weren’t terribly concerned with security. While we were lucky that we didn’t get harmed by that; by now we certainly would have . Since implementing the measures I’ll discuss in a moment, we’ve had no less than 5 members of our guild suffer through an account hack. I don’t want to even think about what would have happened if we hadn’t made changes to protect the bank.
Keeping your bank safe from hackers boils down to one simple point: Restrict access to your bank! It’s not a bad thing and no one in the guild seems to mind as long as there’s a structure in place for people to be able to get items they need in a timely manner. In most cases, if we can’t get an item to someone instantly, it rarely takes us more than 20 minutes to get it to the person that needs it.
Our bank has all of its tabs purchased, and most of them are close to full. Any one who is a member (as in not a new recruit) or higher has access to the first tab. Taking something from the second tab requires the rank of veteran or higher. All of the other tabs are restricted to officers only, but far as deposits go, anyone can see and deposit in all of the tabs.
Each rank has a specific number of withdrawals they can have from whatever tabs they have access to. Members and Veterans can take 2 items per tab. Officers can remove 5 items per tab, whereas the special ranks of Treasurer and Guild Leader have unrestricted access. because of this, our 100+ account guild bank can only be fully compromised if 1 of 3 accounts are hacked.
Another step that was taken was to restrict the number of toons that an officer was allowed to have at the rank of officer is 2. The rest of their toons have a rank called officer alt that has no bank access, but can invite/kick/promote, etc, as well as chat in officer chat. Before this, a hacker could have compromised the whole bank by simply logging on all of the players alts.
By simply restricting the number of tabs and withdrawals that can be made, we’ve made our bank safer from hacks. It could still happen, but our bank is much safer now. How safe? This safe:
Assuming that a person has 2 guilded toons with bank access, there is approximately a…
- 50% chance that we lose 2 items from tab 1
- 40% chance that we lose 4 items from tabs 1 and 2
- 7% chance that we lose 10 items from all tabs
- 3% chance that we lose everything.
Yes, the chance is still there, but there’s only a 10% chance of it being truly detrimental and only a 3% chance of the bank being completely compromised. By the way, I’m the only one who can withdraw money from the bank, so there’s less than a 1% chance of that happening.
I don’t like when a member of my guild gets hacked. I’m really not a fan of it happening to anyone and, as a guild leader, it’s my job to do what I can to protect our guild bank. We’ve taken the steps in our guild to make sure that it’s very unlikely that we would suffer a total or large loss of items from the guild bank. Have you? That’s something to think about.