Account changes
 

Maybe if people want to change their account from the usual Graal###### there should be a payment in the store which allows an account name change.
Also password should be changeable.
Just my thoughts.

Won't happen. Information about your account is tied to the account name. If you change it, you lose everything everywhere because ultimately the account no longer exists by name. This is one of the reasons why community names even exist: So you can change that identifier without losing any account information.
Also, http://graalonline.com/accounts/lostpass is how you change your password.

I worded that wrong, I meant "custom passwords" instead of like ch67AG87 ones and no that isn't my password.
And why can't the information be linked to your account in some other way, having Graal###### account's suck.
It takes out the creativity.

How exactly would you change it? There is always going to be some form of identifier for accounts that you cannot change. The fact that the "Graal" numbers are even still visible is really the only problem. If you had no idea it even existed and it was never referred to as your account name (lets call it an account ID), but you still had the ability to change your community name (although we could call that your account name in the event we dont know "GraalXXXX" exists), then nothing would be different and we would be content with exactly this setup. You could still change your community name and not be any wiser of your internal account id. Basically, people's biggest issue with the "GraalXXXX" numbers is the fact that they can see them, therefore know they exist as their "real" account when in fact it's really just an identifier that shouldn't even be known about.

As for the password thing, I would only agree to custom passwords as long as the person customising their password was forced to use a strong password. Even stronger than the current one. EG: Must include at least 1 capital, at least 1 symbol and at least 1 number and ultimately be over 8 characters long. People come up with the stupidest and most obvious passwords sometimes that it doesn't even give hackers a challenge to decrypt, if they even have to decrypt anything at all. You could just know someone well enough to know they'd be stupid enough to make their password their cat's name.

Well I agree, the passwords should be forced to be strong.
And It would be changed by all new accounts NOT having Graal###### where as instead you should be able to specify your own; as it used to be as I believe.

Would really like to see passwords be changable by users, but it should not cost gelats—that's just ridiculous.

Also, password strength requirements are annoying. As long as it's eight characters or so, let a user be responsible for their own account. Worrying about hackers getting passwords from the hashes is not really an issue unless the passwords database is stolen, at which time Graal should force a password reset for all users anyway.

But that negates your efforts to allow people to change their public identifier. You want people to be able to pick and choose their account name, but the way you want it (back to the way it used to be) once you pick it, you're stuck with it. Enter community names. Changeable at reasonable request without the disappointment of starting over because your identifier has changed. The only thing wrong with the current system is the fact that people are being told to upgrade before they are allowed to choose a name which has lead to problems like their Graal#### identifier being public by default.

In line with your desires, it would be better for them to leave the current system in place where people have the option to pick and alter their community name, BUT the Graal number (and other people's Graal numbers) needs to be absolutely hidden from existence. The only exception being for administrative requirements, something players have no need to be involved in. It all comes back to that. Something developers have been trying to get recognised for far too long.

Just wanted to mention, graal passwords are stored in the registry of ones computer. They a re then decrypted by the client. If someone wanted to make a password stealer, he would need to find the algorithm at which graal uses to encrypt and decrypt the passwords in the registry.

I'm assuming that Graal also stores them when they couldn't be used successfully. Therefore, you can easily get the encrypted version for every password. One could probably write a script to brute force that. I suppose using a key logger would be a little easier though :p

It could just wait for you to open Graal and steal the password from there. Your email and other accounts are likely to get hijacked before they take your Graal account via a key-logger, especially if you keep the password email there.

Another thing is that after you paste in your password you're going to want to clear it from your clipboard so it's not sitting there waiting to be picked off.

Yeah, community names weren't a bad idea, but they really screwed up the implementation of it something shocking.

I also wish the Graal### portion wasn't visible to the public but what I find ironic is this. Graal## people complain because they don't have a named account. Graal named accounts people complain cause they can't change their community name. All claim its unfair. The moral of this story is "The grass is always greener on the other side of the fence"

nop, just do rufus' idea and everything would be solved. never seen a game have so many problems with fundamental crap

Graal could have just followed what many other game companies do, Nexon for example. You have a Nexon ID in which you use to login then you can create characters on the actual game. The players only see your character name and not your actual account name, a lot safer in my opinion.

What is Rufus' idea? If you mean the one he had for giving all players a Graal### account, it's just not possible.

This really was (and still is) the largest problem. It took years to get support for them in RC, and the publicly released RC still doesn't support them. There's also no scripting functions for getting the cname of an account (and vica-versa).