Update 3

Friday, August 31, 2012

Account Security - Protect your account! We've seen hackers systematically scan email addresses and passwords harvested from other games, web sites, and trojans to see if they match Guild Wars 2 accounts. We've taken steps to protect our players from this, but we need your help too. Make sure that you use a strong, unique password for Guild Wars 2 that you've never used anywhere else. For best security, use a unique email address too, and see our blog post for more tips.

Email authentication - We now have email authentication enabled for all players who have validated their email addresses. This feature sends an email whenever it detects a login attempt to your account from a location you haven't played from before, asking you to allow or deny the login.
We've learned of an incompatibility between email authentication and older versions of Internet Explorer. We're working on a fix, which we expect to deploy tomorrow.
If you're not receiving account verification emails or account authentication emails, please check your junk/spam folders, and add noreply@guildwars2.com to your safe senders list.

Parties, guilds, etc. - We've made significant fixes to parties and guilds. However, you may still see intermittent outages. These outages cause symptoms such as party members not appearing on the map, party members not staying in the same overflow servers as they travel between maps, and guild invites not working.

Trading Post - Yesterday we opened the Trading Post for a random, rotating 50% of users. After gathering data from yesterday's tests, we applied a number of fixes and performance improvements, and are preparing a larger-scale test today.

Tournament Rewards - We believe we've addressed the problem with tournament chests not appearing. Let us know if you still see any issues with this.

World v. World - We're aware the world v. world matches have not been resetting properly. We're preparing an update to fix this. Once the issue is fixed, we'll start running 24-hour matches to balance servers.

Worlds - We added three new worlds in Europe yesterday, three new worlds in America today, and increased the population limits on all worlds.

Overflow - During this initial surge of high concurrency, and especially while most characters are low-level and thus playing in the same starting areas, it's common for players to be directed to overflow servers. If you want to play with a friend, but you're not on the same overflow servers, you can form a party together, then right-click on your friend's portrait in the party list and click "join".
We expect the use of overflow servers to naturally subside as players spread out more through the world.

Botting - We suspended accounts of 750 players running bots. We're ramping up and will soon apply permanent bans for cases of substantial botting.

Exploits - If you discover an exploit in the game, do not exploit it or publicize it, but instead please notify us immediately at this new email address: exploits (at) arena (dot) net.

Forums - Our most important priority at the moment is to ensure that the game runs stably and flawlessly. So as to not create additional demand on our infrastructure and on our programming team, we made the decision not to open the forums until the initial mass influx of players has calmed down a bit.

Wiki - We increased wiki server capacity to address issues users are seeing. We plan to start posting these updates to the wiki, as long as the wiki can handle the traffic.

Next software updates - We're making non-disruptive changes throughout the day. We'll publish the next back-end server update tonight at midnight Seattle time. The game may be unavailable for approximately 20-60 minutes while we perform this update.

Tournament PvP - We've taken Tournament PvP down for maintenance as we're working on fixing a few issues.

Update 2

Thursday, August 30, 2012

Account security - Hackers are systematically scanning email addresses and passwords harvested from other games, web sites, and trojans to see if they match Guild Wars 2 accounts. We're taking a number of steps to protect our players from this, listed below, but we need your help too. To protect your account, make sure you use a strong, unique password for Guild Wars 2 that you've never used anywhere else. If your password isn't strong and unique, change it right now. For the highest level of protection, also create a unique email address to use solely for Guild Wars 2.

Here are the things we're doing to protect your accounts.
-We have the "password reset" feature temporarily disabled. If you need to reset your password, contact our customer support team.
-We now have email authentication turned on for all players with verified email addresses. With this feature, even if someone guesses your password, when he tries to login from a location that you've never logged in from before, you'll have an opportunity to approve or disapprove of the login through an email check.
-We've noticed that hackers who discover a working email address and password combination don't always immediately exploit the compromised account. We sent email to everyone whose account has been suspiciously logged into asking them to immediately change their email address and password.
-We will also be sending email to all customers whose accounts have been unsuccessfully tested by hackers. -We strongly recommend that these customers create a new, unique email address for their account.
-We left in-game mail disabled for another half-day, because it's difficult for hackers to loot accounts when both in-game mail and the trading post are disabled. Keeping mail disabled this morning to prevent account looting gave us time to get email authentication turned on for all players, and gave players time to secure their accounts. But we will be turning in-game mail back on soon, so we ask everyone to quickly secure their accounts.

Email authentication - We started ramping up email authentication after last night's server update, and it's now enabled for 100% of players with verified email addresses. Email authentication provides a high level of security for everyone, and can provide an even higher level of security when combined with two-factor email authentication. Here's how you can set that up. Create a new unique Google or Yahoo email address solely for your Guild Wars 2 account. Verify that email address with Guild Wars 2 to turn on email authentication. Then follow the instructions at Google or Yahoo to enable two-factor authentication for all logins to your email address.

Parties, guilds, etc. - We're working to address problems with parties, guilds, and other social features, which cause symptoms such as party members not appearing on the map, party members not staying in the same overflow servers as they travel between maps, and guild invites and guild chat failing intermittently.

Overflow servers - During this initial surge of high concurrency, and especially while most characters are low-level and thus playing in the same starting areas, it's common for players to be directed to overflow servers. If you want to play with a friend, but you're not on the same overflow servers, you can form a party together, then right-click on your friend's portrait in the party list and click "join". Note that this functionality is sometimes intermittently unavailable due to the issues with parties and guilds noted above.

We expect the use of overflow servers to naturally subside as players spread out more through the world.

Botting - Yesterday we applied 72-hour account suspensions to 500 players who were running bots. We're continuing to detect and ban bots. Soon we will ramp up to our normal policy of applying permanent account bans to anyone who runs a bot.

Exploits - If you discover an exploit in the game, do not exploit it or publicize it, but instead notify us immediately at this new email address: exploits (at) arena (dot) net.

This morning there was a widely-publicized, newly-introduced exploit in which specific cultural weapons were selling for one-thousandth of their normal price. We fixed it with an emergency build this morning. We want to thank the vast majority of players who became aware of the issue, responsibly reported it, and did not exploit it. However, a smaller group of players did significantly exploit it, each purchasing hundreds or thousands of these weapons. We permanently banned 3,000 accounts of players who substantially exploited it, and applied 72-hours bans to another 1,000 accounts of players who mildly exploited it.

In-game mail - In last night's software update we fixed the potential abuse of the in-game mail system that we identified yesterday. We kept in-game mail turned off for another half-day while working to secure accounts against hackers, since in-game mail can be used to loot an account. And we kept in-game mail turned off while responding to this morning's exploit. We're now ready to re-enable it, and will do so this afternoon.

Trading Post - Yesterday we tested Trading Post with a random 15% of players. This test helped us gather valuable data to fix important bottlenecks. This afternoon we will test Trading Post with a random 25% of players, and then work to ramp up from there.

Tournament Rewards - We're working on fixing tournament chest rewards. Because this requires substantial testing, we do not have an estimated release timeframe to provide at this time.

Forums - Our most important priority at the moment is to ensure that the game runs stably and flawlessly. So as to not create additional demand on our infrastructure and on our programming team, we made the decision not to open the forums until the initial mass influx of players has calmed down a bit.

Next software updates - We're making non-disruptive changes throughout the day. We'll publish the next back-end server update tonight at midnight Seattle time. The game may be unavailable for approximately 20-60 minutes while we perform this update.

Update 1

Wednesday, August 29, 2012

Account security - We're seeing an uptick in reports of account theft and attempted account theft. We believe hackers are using databases of email addresses and passwords stolen from other games and web sites, and pre-existing trojan horses, to search for matching Guild Wars 2 accounts which they attempt to compromise. To prevent this, we have temporarily disabled the "reset password" feature, and we're working to bring email authentication online. To protect yourself, please ensure that you use a unique password for Guild Wars 2 that you don't use for any other game, email account, forum or web account.

Email authentication - Email authentication is a feature that notifies you if someone tries to log into your account from a location you've never logged in from before. Thus, even if someone guesses your game password, he can't log in unless he also guesses your email account password. You can make email authentication even more secure by using an email provider that supports two-factor authentication, such as Google or Yahoo, and taking advantage of that. We're currently preparing email authentication and intend to deploy it in a phased rollout, starting on Thursday, August 30.

Parties, guilds, etc. - Parties, guilds, and other social features are periodically failing. This causes issues such as party members not appearing on the map, and party members not staying in the same overflow servers as they travel between maps. This happens particularly during times of peak usage. We're working to fix related problems and mitigate this issue with each subsequent update.

Worlds - Many worlds are filling up. We're keeping the number of worlds constrained so that worlds stay well populated even after the initial surge of high concurrency. However, we will add worlds as necessary. As of Wednesday, August 30, all German language worlds are full and all French language worlds are at high usage, so we're adding two new German language worlds and one new French language world.

Overflow worlds - During this initial surge of high concurrency, and especially while many characters are low-level and thus playing in the same starting areas, it's common for players to be directed to overflow maps. If you want to play with a friend, but you’re not on the same overflow map, you can form a party together, then right-click on your friend's portrait in the party list and click "join". Note that this functionality is sometimes intermittently unavailable due to the "parties, guilds, etc." issues noted above.

Trading Post - We're working to bring the Trading Post back online. To help test, we've temporarily made it available to a random 15% of players, while we work to resolve remaining capacity constraints that will allow us to open it to everyone.

Edit: We have completed our live testing of the Trading Post for today and the Trading Post is now in maintenance for all players. Thank you everyone that participated; this test has helped us tremendously.

In-game mail - We detected a potential abuse of the in-game mail system and have temporarily disabled in-game mail to prevent any such abuse. We'll reenable it soon, hopefully in tonight's update.

Edit: The fact that in-game mail is disabled means that it's currently impossible for account hackers to loot stolen accounts, so we're going to leave it disabled for just a little while longer, while we work to ramp up email authentication.

Botting - We'll start substantial banning of bots on Wednesday, August 29. Since we're currently seeing widespread casual, unsophisticated botting, we will start with 72-hour bans for first offenses. In the coming days, as we address the casual botting problem, we plan to switch to our normal policy of permanently banning anyone who runs a bot.

Forums - Our most important priority at the moment is to ensure that the game runs stably and flawlessly. So as to not create additional demand on our infrastructure and on our programming team, we made the decision not to open the forums until the initial mass influx of players has calmed down a bit.

Next software updates - The next update of the game server and back-end server software will take place tonight at midnight Seattle time. The game may be unavailable for approximately 20-60 minutes while we perform the update. We expect this update to have fixes for email authentication and in-game mail. Our continued work on the Trading Post is not tied to game updates, so we will continue to test Trading Post updates throughout the day.