Posted March 22, 2013 (edited) Defenatly change that email and password with in seconds of finalizing the transaction then recheck all the details.Others have already said, use verified paypal, keep emails from paypal and copy past/save the chat logs that show the sale agreement, player names and paypal email used, then you can archive that in your documents, even make a back up on cd.If you change/secure the email and password there is no legal way for the previous owner to retake ownership of the account.If you give the previous owner the password so he can play again, well more fool the player that dose that,(harsh lesson in ownership laws), as effectively this give's them the account back for free regardless of the years spent investing in that toon/avatar, it would be considerd sold or passed over.my account advice is don't share, don't lend not even to family members the toon/avatar in game is your intelecuall property and can not be taken buy anyone but rolf and/or his representatives.For extra proof of purchase you may want to ask the seller to post in the forums and then you reply in that post, then they would reply again to confirm/finalize the sale.Sharing accounts should be against the rules imo. Edited March 22, 2013 by lawurm Share this post Link to post Share on other sites
Posted March 22, 2013 Sharing accounts should be against the rules imo.Policing that would be next to impossible, hence we have the rules we currently do. Share this post Link to post Share on other sites
Posted March 22, 2013 Giving out the password hash gives little to no extra security in comparison to giving out the password.# Changing the e-mail only requires the password of any existing accounts on the target email. It does not require the password of the current account, as you can read in the /help contents.# The password 'hash' is stored in a very easy encryption. Notch only made it so that it wasn't stored in plain text.Well, as i see it, something that requires decrypting (not for the average player) a hash to have a password so you can usurp a account, is infinitely safer than people having that password and changing password and e-mail on the dot.Sharing accounts should be against the rules imo.Well, that would void this whole argument, since to sell it you'd have to share it, unless Code Club would create a auction system and mediate purchases themselves (which i'm sure they won't for legal and commercial reasons). Share this post Link to post Share on other sites
Posted March 22, 2013 Well, that would void this whole argument, since to sell it you'd have to share it, unless Code Club would create a auction system and mediate purchases themselves (which i'm sure they won't for legal and commercial reasons).no, this would be considered part of sale for the limited time its "shared" as u put it until the email/pass word change.A shared account by definition is one that is being use by more people other than the account holder over a period of time.Policing that would be next to impossible, hence we have the rules we currently do.Indeed, didn't think of that. Share this post Link to post Share on other sites
Posted March 22, 2013 # Changing the e-mail only requires the password of any existing accounts on the target email. It does not require the password of the current account, as you can read in the /help contents.# The password 'hash' is stored in a very easy encryption. Notch only made it so that it wasn't stored in plain text.Probably a good idea to not post that in here. Remove your post, delete all the quotes to it. Telling malicious people how it's easily done is a verrrrrry bad idea. Share this post Link to post Share on other sites
Posted March 22, 2013 Thats how we used to retrieve lost passwords. lol Share this post Link to post Share on other sites
Posted March 22, 2013 Maybe is should require the current password too then? Like.. "/changeemail <current password> <newemail> <password>" Share this post Link to post Share on other sites
Posted March 23, 2013 Probably a good idea to not post that in here. Remove your post, delete all the quotes to it. Telling malicious people how it's easily done is a verrrrrry bad idea.People need to be aware that giving out the hash code is not a way to ensure your account can't be taken from you though. People sharing their accounts have always had to hope they're not sharing with malicious people and thats why the game rules offer the warnings it does.Well, as i see it, something that requires decrypting (not for the average player) a hash to have a password so you can usurp a account, is infinitely safer than people having that password and changing password and e-mail on the dot.You may have missunderstood. No decryption is neccesary. If a person is logged in to the account (i.e. if they have been provided the hash), they don't need to know the password. Share this post Link to post Share on other sites
Posted March 24, 2013 People need to be aware that giving out the hash code is not a way to ensure your account can't be taken from you though. People sharing their accounts have always had to hope they're not sharing with malicious people and thats why the game rules offer the warnings it does.Warning is good, explaining them exactly how you can steal an account not so much.. Share this post Link to post Share on other sites
