We’ve had a few verified instances of guild members having their GW2 accounts compromised and NCSoft has noted a trend.
First, about a third of players haven’t verified their email address yet. We can’t require email authentication for players with unverified email addresses. Second, in many cases hackers have stolen credentials for the player’s email account too, and thus can access the authentication email message and approve their own login attempt. In particular this happens because people use the same password for their email account as they do for their Guild Wars 2 account and other accounts.
So, to be protected, be sure to verify your email address, and be sure to use a different password for your email account than you use for your game account.
We encourage our members to read the recent post by Chocolate Rebel concerning account security in the AIE forums and to make sure that they have taken necessary steps to prevent the irritation and frustration that comes with a security breach.