I assume pretty much every raiding guild uses the new guild bank feature these days. I'm also pretty sure that the majority of players either have lost access to their account at some point or know someone who has. What I don't know is how all of you deal with it when these two circumstances collide. Obviously before the bank patch it wasn't a massive deal when a member clicked a sex girl only to find themself naked the next day. The character's owner wouldn't be able to raid for a while and eventually they may have to re-enchant and re-gem their gear. Nowadays, however, it seems to be a much larger problem.

Long story short we've had a recent spree of hacked accounts in our guild. The first one to go down was a general raider. It wasn't a huge deal given we have fairly low limits set for that rank (100g and 10 stacks a tab). The hacker was smart about it and did it right before and after the day reset and got 200g and a bunch of mageblood elixirs. Then one of our officers got hacked. They have full access to the bank but luckily he plays way too much for his own good and all they did was make sex women posts until he noticed and changed his info without the hacker logging in-game. The real issue came today when we found out he apparently didn't clean his computer as well as he thought he had. About an hour and a half after the dirty deed was done, we checked our bank to see pretty much everything gone. Most of the guild's gold, raid consumables, and enchanting mats just disappeared. Given how banks work these days it was pretty easy for him to grab the most valuable stuff out of a tab and leave the junk.

My question is twofold. One: what do guilds with much more valuable banks than ours do to safeguard themselves from both irresponsible members and outright thieves? What limits do you set for tabs? Do your raiders all have access to all of the tabs or do your officers have to taxi materials for them? Two: what can Blizzard change to prevent the inevitable account hack from destroying months (or years) of guild resources, especially if it's an officer or a guild leader?

As for our guild, we setup our bank so that all of those of raiding rank had pretty limited access. Guild policy is to sell things to the bank for a lower price than on the AH and for guildies to buy it out of the bank for the same price. I have heard that the devs are considering adding in a feature to set the price of items so it's no longer an honor system and you have to pay the cash to extract an item just like a vendor. This would obviously allow us to eliminate all access from general raiders, but what about safeguarding it against an account hacker on an officer's account? The best thing we could come up with is some sort of in-game password system to actually access the bank. Ideally something like a vault combo that you'd have to click to access so a keylogging program wouldn't have a chance to get it. Something like a set of numbers with an up or down arrow you could click on to set. I'm not overly savy on how some of the keyloggers work but perhaps it wouldn't even be necessary and it'd be too hard for a program to discern the valuable keystrokes once a person logs in and starts talking to people. Regardless of what it is though I do feel the guild bank needs a secondary level of security beyond simply being able to log into the account.

So what do you all do to secure your guild bank? Should something be implemented in-game or does it ultimately end with hoping your raiders don't click stupid shit while using Internet Explorer? If so I can't imagine it's even worth using the guild bank feature at all. It's far too likely that just one person with access does something stupid, and with all of the guild's resources centrally located it's just too easy to lose it all.

At least the GM and the officers should be smart enough to use Firefox+Noscript. Putting additional security measures would make day-to-day operations annoying

One of our officers took almost everything from our guildbank, transferred and sold on Ebay. We never heared of him again . See, you don't even need to be hacked.

As a GM I set pretty strict limits on our guildbank

officers can withdraw 50g a day (covers a respecc for a raid) and about 5-10 stacks. and that's about it. no ordinary members kan take anything from the guildbank, so we wouldn't loose much if the accident did happen.

If I however get hacked, which I plan not to - it's a whole other story, nothing to do about it!

It would be significantly harder to keylog an onscreen numpad that requires you to enter a numerical code by clicking on the numbers.
Make that pad appear on a random location on screen and you would really have a hard time trying to crack that, although most likely not inpossible.

My guild bank is just set to pretty much be an iron fist on just about everything. Officers have access to only about as many stacks as they would theoretically need for crafting, no more. Members are set at 3 or 5, and alts are set to a stack a day. Even if someone and their entire stable of alts went psycho, about the most I would lose would be a stack of arcane crystals and some primal shadow or something equally ridiculous.

I also keep the tabs set differently and informed the guild of this. There's a tab for potions, and there's a tab for flasks, with different permissions set. It's not a big deal if someone runs away with 20 major agilities. It's a huge deal if someone runs off with 20 Relentless Assaults. I don't need someone cleaning out my entire stock of LPS's, but if you really wanna screw yourselves out of a bunch of friends over some noble topaz, go right ahead.

I used to have it set so people could repair with gold, but my officers bitched about that because they always hit the wrong button and used guild funds for it even when we weren't doing guild activities. So I nixed the gold withdrawal and everyone goes through me when they need money for anything. Small price to pay to make sure we've got cash in there when we need it.

And as far as account security goes, I'm still not of the belief that keyloggers are really the problem. 99% of all account compromising comes from people sharing their info. Just don't do that with everyone, and you won't have a problem. As a guild leader, it's more important now than ever, since you're the only one who should have access to clean out the bank.

There's always going to be the failure point of someone with access to most/all of the bank, and really that hasn't changed with the advent of guildbanks. As Arakan stated, there used to be the chance the guild mules would be hacked/sold and you'd lose everything that way. With the integrated guildbank feature at least Blizzard has a logging system in place as well as concrete ownership rights by the guild, rather than "Character XYZ left the game and took all our bank toons".

This thread should really be "Best Practices: How to not click links with .cn"

I dunno how this would be useful. Only the guild leader should have the right to pull that much money out of anyone's guild bank. If they don't, it's no one's fault but your own.

Which still leaves the problem of the GL getting hacked. It alleviates, but doesn't solve, the problem.

If nothing else, I don't see why Gold Withdrawl cannot be on a 24 hour timer, as well as a 24 hour 'security' tab where withdrawls of rare stuff takes 24 hours.

In that case do you only allow the GM to access valuable guild goods as well?
Getting even a single stack of crimson spinels would be thousands of gold on any server.
It seems to hamstring daily operations to much.

Oh come on. Who really gets "Hacked?"

Every time I've ever heard of anyone getting "Hacked" in an MMO, it always comes back to "Well, Bob had my account info, Jim too" or "I just got divorced, and my wife moved out last week." The threat of keyloggers is largely overplayed in my opinion. 99% of the people who get hacked just have poor account security habits when it comes to their friends or family. The guild leader just need to be vigilent about his account info and you shouldn't have any problems anymore.

Now, as for the limit and transaction cooldown, who has oversight in that regard? If the guild leader is the only one who can withdraw that sum of money anyway, who's going to stop the transaction? Bobbycasual is going to press the red button that locks everything down when he hears at 4am that the guild leader took 2k gold out? It wouldn't prevent anything from happening, just slow down the process.