Guild Wars 2 is suffering from phishing attacks by hackers believed to be in China who so far have compromised scores of user accounts since the game launched a couple of weeks ago.
ArenaNet, the game's developer, insists its servers and web portals remain secure, though it appears hackers are trying to log into accounts with harvested email address and password combinations from previously hacked games and websites. It's also believed that some of these credentials were stolen in an earlier breach of a Guild Wars fan site, according to Ars Technica.
"If you don't want your account hacked, don't use the same email address and password for Guild Wars 2 that you've used for another game or web site," ArenaNet warned over the weekend.
Hundreds of users have received authentication emails asking for approval to log in from distant locations, and the company said that's "a sign that a hacker knows your account name and password, and is only being prevented by the email authentication feature from accessing your account." Those receiving such emails are advised to immediately change their password to something unique.
This event offers yet another reminder that you should choose a different password for each site. Experts recommend uniquely generated passwords that are at least eight characters long (13 or above is more secure) with a mixture of upper and lowercase letters, special characters and numbers. Tools like LastPass and PasswordSafe can help manage an unwieldy array of passwords by keeping a list of them behind one master password.